One of the most difficult tasks that companies face today is the struggle to get their CSR, sustainability, compliance, and enterprise risk management teams to work together to identify threats that affect the corporate risk profile.
My prediction is that in the coming years, we will see these disciplines interacting more and more. One way to find a common language for risk that each discipline can relate to and share is to reference standards created by the International Standards Organization (ISO).
Let’s look at a subset of principles from ISO 31000 and apply them in the context of corporate social responsibility:
- Risk management creates and protects value.
Creating and protecting value means different things to each and every company. Value is perceived as what is important to the company and to its stakeholders. Value can be in the form of immediate or long term benefits. Immediate benefits might be seen as CSR programs that target energy efficiency, recycling electronic and facilities waste, and or minimizing the use of raw materials in exchange for recycled materials. All have measurable results and show a reduction in risk.
- Risk management is part of decision making.
Decision making has a foundation built on ethics, objectives, measures, alternatives, and consequences. Risks change continuously. Risks happen globally. Being aware of environmental and social risks in business practices and supply chain is imperative in the age where a whisper is communicated to the world in seconds. In the very near future, CSR decision making will be based on aligning people in corporate social responsibility with the people in enterprise risk management to determine the programs that best support the company strategy and profile and to prioritize and maximize resources needed to mitigate risk.
- Risk management is systematic, structured, and timely.
Identifying risks, determining the probability, severity, and likelihood of the risk and determining resources needed for mitigation are aspects that need to be tracked and managed. Often, risks that arise in environmental and social compliance, as well as facilities, product development, and supply chain are handled by various parts of the organization and are not governed by one particular corporate body in charge of all corporate risk. Governance is required in order to align resources with CSR programs that protect the company and align with the business strategy.
- Risk management takes human and cultural factors into account.
A major part of corporate social responsibility is determining and being transparent about the impact that a corporation has on the environment and the community in which it makes and sells its products and conducts its business. From extracting natural resources to assembly and manufacturing to shipping and logistics to partners, resellers, distributors, and retailers, all the way to consumers, every step of the process has either a positive, neutral, or negative impact on society. Every culture has its way of interpreting and dealing with those impacts. There is inherent risk in all matters human and cultural related. Think of the chaos theory, if a butterfly flaps its wings in the U.S. or Europe, can a building collapse in Bangladesh?
- Risk management is transparent and inclusive.
Corporations are being held accountable for managing economic, social, and environmental (ESG) performance. These performance indicators, metrics, and data are being leveraged by traditional stakeholders and by big data financial institutions who impact or manage the global stock exchanges. Companies like Bloomberg Business, RepRisk, MSCI, and Thomson Reuters to name a few are collecting analytics, mapping supply chains, and developing scorecards. Rankings are then being published and taken seriously by the investment community. If a company does not align its business strategy with its CSR strategy, the risks and consequences can have severe impacts. Check out the Bloomberg Environmental and Social Governance Functionality Map for an example of their data collection effort for ESG: http://asklib.library.hbs.edu/a.php?qid=212679.
We are on the edge of something new and we’re about to pre-empt traditional industry practices. There is a merging of disciplines yet to come. In a global economy with change happening every second, those charged with the responsibility of CSR, sustainability, compliance, and enterprise risk management will meet on common ground and develop frameworks, structures, and tools that manage risks and align priorities, strategy, and solutions. Exciting times ahead!
Bio:
Kelly Eisenhardt is Co-Founder and Managing Director at BlueCircle Advisors, an environmental compliance and sustainability consulting and training firm based in Massachusetts (www.bluecircleadvisors.com.) In her role at BlueCircle Advisors, she is responsible for providing business intelligence, strategy and implementation of environmental, social and governance (ESG) risk programs. Her experience aligns well with her client’s needs for technology, compliance, and sustainability expertise by helping companies create and manage their corporate environmental and social responsibility programs.
To contact Kelly Eisenhardt, send emails to kelly.eisenhardt@bluecircleadvisors.com or follow her on Twitter @KelEisenhardt. For more information about BlueCircle Advisors and the company’s products and services, please visit www.bluecircleadvisors.com, on Facebook at BlueCircle Advisors, on Twitter @OurBlueCircle, and on the LinkedIn group at the BlueCircle Advisors group.