Resources | AssuranceLab

Our ESG Framework for Reporting

Written by AssuranceLab | Apr 16, 2022 7:30:02 PM

There are lots of ESG standards out there, so why did we create our own?

 

There are many good global sustainability standards out there for assessing and reporting on environmental, social and governance (ESG) activities. The purpose of these standards - and all standards, really - is to provide a consistent approach. To be able to evaluate an organisations activities and provide a meaningful outcome to stakeholders because it’s tied to a consistent, established  basis of assessment and reporting format.

 

Some of the leading standards for ESG include Global Reporting Initiative (GRI), Sustainability Accounting Standards Board (SASB), and Carbon Disclosure Project (CDP). Each of these standards were developed in the context of the times; ESG Reporting has been something performed typically by the top 1% of global enterprise. It’s been driven by financial markets with ESG investors and the general public having influence over the ESG reporting. ESG drives those investment decisions and allows the public to apply pressure to large organisations. ESG has been broadly seen as a risk and opportunity for large companies as the world moves to reduce carbon emissions and improve impacts on society and the environment generally; with increasing regulation, shifting consumer expectations, and increased business risks from weather events, as examples. 

 

In that context, the standards have been developed to suit that purpose. GRI has gone the furthest in trying to democratise the standards to enable reporting for companies outside that top 1%. But many of the core concepts, the structure of the standard, and the reporting requirements are still tied to the context above. That means, it’s still quite inaccessible for many businesses. It creates a burden for running a formal ESG program and complying with rigorous reporting requirements. That relies on GRI experts, often significant consulting work or an internal team to manage it, and therefore incurs costs that many businesses can’t justify when it’s optional. 

 

It’s important to have a standard that works for the many other businesses that fundamentally look at ESG in a different way to the above context. That is, ESG is about purpose, progressive values, giving back, doing good, and aligning company activities to the expectations of stakeholders. Those expectations can create commercial value from the affinity of those stakeholders to want to work with the organisation. Those stakeholders include employees, investors, customers, partners, communities, employee candidates, and other beneficiaries. 

 

To address this need, we create our own reporting criteria and framework. This is not intended to replace any other ESG standards and can work as a pathway to those standards. But importantly, by providing a simple set of criteria that any stakeholder can understand, flexibility around how that criteria can be achieved, and not setting a minimum bar to be able to issue a report, it allows any business to start their ESG reporting journey. 

 

Our pilot customers have noted that it’s interesting to see how many of their standard business practices translate into ESG activities that have a positive environmental and social impact. In this approach they’re able to highlight those activities to stakeholders, and have a means for understanding and improving other things they can be doing for greater impact. And in practice issuing a report demonstrates a commitment that positively differentiates the company.

 

The topics covered includes: 

  • Purpose: How do you align your objectives and business activities, to support both profit and purpose? 
  • Employee Wellness: How do you support your team welfare and provide a rewarding and fulfilling workplace?
  • Diversity, Equity & Inclusion: How do you promote diversity of individuals and perspectives, and inspire connection, inclusiveness and fairness?
  • Community Impact: How do your business activities flow through to broader impacts on society? What do you do to give back? 
  • Environmental Impact: How do you support and advocate for behaviours and activities that reduce your environmental footprint in the context of your business goals? 

 

 

The Criteria

 

We use the below criteria because it works for any company. It has the flexibility to adapt to any circumstances and to include a broad range activities against those criteria that stakeholders may care about, while tying it to criteria so that it’s meaningful.

 

The criteria included in CC1-5 is directly from the AICPA SOC 2 standard - because that criteria has been established from consolidating global thought leadership across different standards, into a core set of control environment, or governance principles. That is, what are the basic structures and activities that support effective company management, company success, and achieving the companies purpose (whatever that is). We then build on that with the ESG specific activities and elements of general company governance with specific criteria for social, environmental and specific ESG governance criteria. 

 

#

Criteria

CC1.1

COSO Principle 1: The entity demonstrates a commitment to integrity and ethical values.

CC1.2

COSO Principle 2: The board of directors demonstrates independence from management and exercises oversight of the development and performance of internal control.

CC1.3

COSO Principle 3: Management establishes, with board oversight, structures, reporting lines, and appropriate authorities and responsibilities in the pursuit of objectives.

CC1.4

COSO Principle 4: The entity demonstrates a commitment to attract, develop, and retain competent individuals in alignment with objectives.

CC1.5

COSO Principle 5: The entity holds individuals accountable for their internal control responsibilities in the pursuit of objectives.

CC2.1

COSO Principle 13: The entity obtains or generates and uses relevant, quality information to support the functioning of internal control.

CC2.2

COSO Principle 14: The entity internally communicates information, including objectives and responsibilities for internal control, necessary to support the functioning of internal control.

CC2.3

COSO Principle 15: The entity communicates with external parties regarding matters affecting the functioning of internal control.

CC3.1

COSO Principle 6: The entity specifies objectives with sufficient clarity to enable the identification and assessment of risks relating to objectives.

CC3.2

COSO Principle 7: The entity identifies risks to the achievement of its objectives across the entity and analyses risks as a basis for determining how the risks should be managed.

CC3.3

COSO Principle 8: The entity considers the potential for fraud in assessing risks to the achievement of objectives.

CC3.4

COSO Principle 9: The entity identifies and assesses changes that could significantly impact the system of internal control.

CC4.1

COSO Principle 16: The entity selects, develops, and performs ongoing and/or separate evaluations to ascertain whether the components of internal control are present and functioning.

CC4.2

COSO Principle 17: The entity evaluates and communicates internal control deficiencies in a timely manner to those parties responsible for taking corrective action, including senior management and the board of directors, as appropriate.

CC5.1

COSO Principle 10: The entity selects and develops control activities that contribute to the mitigation of risks to the achievement of objectives to acceptable levels.

CC5.2

COSO Principle 11: The entity also selects and develops general control activities over technology to support the achievement of objectives.

CC5.3

COSO Principle 12: The entity deploys control activities through policies that establish what is expected and in procedures that put policies into action.

G1.1

The entity maintains an effective governance program that supports environmental and social objectives.

G1.2

The entity operates with transparency and corporate social responsibility.

G1.3

The entity assesses, monitors and manages third party relationships to support environment, social and governance objectives.

E1.1

The entity specifies objectives, targets, commitments and policies in relation to the environmental impact of its business activities.

E1.2

The entity measures, monitors and improves its business activities to reduce harmful impacts and improve positive impacts on the environment.

E1.3

The entity identifies, assesses and responds to environmental risks and opportunities.

E1.4

The entity raises awareness and encourages employees to make a positive impact on the environment as part of their roles and individual actions.

S1.1

The entity specifies objectives, targets, commitments and policies in relation to the social and community impacts of its business activities.

S1.2

The entity measures, monitors and improves its business activities to reduce harmful impacts and improve positive impacts on society and the community.

S1.3

The entity assesses and improves its activities that support employee wellness, equality, diversity and inclusion in the workplace.

S1.4

The entity raises awareness and encourages employees to make a positive social impact as part of their roles and individual actions.