Regulator and investor demand for environmental, social and governance (ESG) programs is growing rapidly, and ESG has become quite a hot topic these days.
We have a lot of thoughts about ESG (which we will certainly elaborate on in future blog posts), but firstly, we’d like to lay a foundation for what exactly it is and how it interacts with GRC.
GRC and ESG: The Differences
GRC (i.e. governance, risk, and compliance) helps organizations manage risk and compliance activities by defining compliance obligations, risk controls, or mitigation activities. The term GRC is often used interchangeably with the term IRM (Integrated Risk Management), which is an alternate acronym with basically the same meaning.
GRC/IRM solutions do not inherently execute any controls or compliance activities—they simply monitor and report progress toward organizational risk and compliance goals.
On the other hand, ESG goals often require the execution of transactional activities with extensive systems and processes required to implement these actions.
For example, if the ESG goal is to reduce carbon emissions, then the organization would require new, specific processes to change the current workflow to manage carbon, account for the carbon emissions, monitor production, and so on.
The Role of GRC in ESG
In short—GRC is not meant to transact or carry out ESG goals.
GRC solutions can (and often do) serve as a way to manage and dashboard ESG objectives, monitor processes and activities that support those objectives, and unify ESG data to give insight into whether organizations are continuing to make good on their ESG statements.
Most GRC solutions will not actually perform any of the actions required for an organization to meet their ESG goals, but in addition to monitoring and reporting, GRC solutions can facilitate process workflows in support of ESG objectives. These specific process flows can manage a few of the more transactional elements of ESG, but for the most part, that’s not where most organizations are going to start.
So, while organizations looking to implement ESG initiatives may find themselves using their GRC solution to manage overall ESG goals, these organizations would most likely need to implement transactional systems to take action toward the goals. Integrating those systems with their GRC solutions would unify their data for the measuring, monitoring, reporting, and workflow support we’ve described.
If you’re looking for further guidance on how you can use GRC solutions to support your ESG goals, download our ESG quick-start checklist with seven steps to get started on your ESG goals.
For other ESG or GRC-related questions, please contact us and we’ll be in touch.