In a world where supply chains are global and risk is inherent, providing a framework for companies that enables them to identify risks and plan for mitigation is detrimental.  Merging the disciplines of CSR with traditional Enterprise Risk Management practices makes sense.

Over the last 15 years, there has been a significant increase in the awareness and reporting of corporate social responsibility by companies focusing on the positive and negative effects that occur during the operations and management of facilities, production and manufacturing.

LINK CSR WITH ERM
Linking CSR with traditional Enterprise Risk Management provides a structured approach to a world where anything can happen.  Immediately, I think of the ISO 31000 standard and how easily it might be adapted to a variety of circumstances and industries.  With its definition of risk as “the effect of uncertainty on objectives,” it is an obvious next step to apply these principles and methodologies to mitigating CSR risks.

Let’s look at some basic examples using ISO 31000 risk treatments in the context of corporate social responsibility:

1. Avoiding the risk by deciding not to start or continue with the activity that gives rise to the risk

Whether it be here in the U.S. or in emerging nations, sourcing from countries where infrastructure is not safe or appropriately tracked and managed is a risk.  Roads, bridges, and buildings that are not properly inspected pose a risk to the workers, product manufacturing, and logistics.  Often, resulting in a loss of sales and revenue when crisis strikes.

2. Accepting or increasing the risk in order to pursue an opportunity

Choosing to set up shop in countries that require a sizable presence with a quota for the number of employees to be hired can be a risk.  Countries like China and Brazil both have requirements stating that in order to sell products in their country, there is a job creation quota and a manufacturing or corporate presence required.

3. Removing the risk source

When a country has prolonged negative press, a company may decide not to engage any further and to find alternate supplier sources.  For the last three years, Bangladesh has come under fire for social compliance issues with death tolls rising from factory fires and building collapses.  While some companies stay and become members of the Bangladesh Alliance or Accord, others, like Disney have chosen to leave altogether.

4. Changing the likelihood

Companies can mitigate risk by being an active participant in the solution and future planning efforts.  Factory audits are now being conducted at an unprecedented level. Auditing continues to be a huge market in risk mitigation despite articles challenging its effectiveness.  Auditing is not only about assessment and reporting but also about educating factory owners, managers, and employees.  Education has the power to change the outcome to stable and positive.

5. Changing the consequences

Conflict between what is best for the public versus shareholder demands can drive risk levels.  Alignment between the two will determine the consequences.  Often, better investor protection and lower commitment to environmental policies are hand in hand.  Consequences can come in many forms.

6. Sharing the risk with another party or parties (including contracts and risk financing)

Companies can share the risk in many ways.  Sharing data and status of corrective action plans within an industry with no linkage to quantities or pricing is becoming the norm.  This enables likeminded companies to focus on mitigating risks like fire and factory safety, worker rights, and fair wages across the globe.

7. Retaining the risk by informed decision

Keeping a watchful eye on changes in government, the satisfaction and safety of the workforce, and environmental issues all enable informed decision making.  Sometimes a risk must be watched but not necessarily removed.  Many companies continue to source from India during a time when the government has changed and tensions with China continue to mount.  There is no imminent risk but any sudden changes would require a mitigation plan.  Knowledge is power but always keep in mind that you need context as well.

Applying risk treatments found in ISO 31000 is one way of providing structure in an area of risk management that is newly evolving.  Using these practices to develop plans for evaluating environmental and social compliance, as well as, ethical sourcing and development can only be beneficial.

In closing, as your brain spins off to determine how you can combine your risk management strategy with CSR, I leave you with one final quote:

“Business is the force of change.  Business is essential to solving the climate crisis, because this is what business is best at: innovating, changing, addressing risks, searching for opportunities.  There is no more vital task”

– Richard Branson

Bio:

Kelly Eisenhardt is Co-Founder and Managing Director at BlueCircle Advisors, an environmental compliance and sustainability consulting and training firm based in Massachusetts (www.bluecircleadvisors.com.)  In her role at BlueCircle Advisors, she is responsible for providing business intelligence, strategy and implementation of environmental, social and governance (ESG) risk programs.  Her experience aligns well with her client’s needs for technology, compliance, and sustainability expertise by helping companies create and manage their corporate environmental and social responsibility programs.

To contact Kelly Eisenhardt, send emails to kelly.eisenhardt@bluecircleadvisors.com or follow her on Twitter @KelEisenhardt.  For more information about BlueCircle Advisors and the company’s products and services, please visit www.bluecircleadvisors.com, on Facebook at BlueCircle Advisors, on Twitter @OurBlueCircle, and on the LinkedIn group at the BlueCircle Advisors group.