Page 560 - COSO Guidance
P. 560

1. Governance and culture for ESG-related risks




               1. Governance and culture

                    for ESG-related risks



               Introduction
               Governance is the systems and processes that ensure the overall effectiveness of an entity – whether a
               business, government or multilateral institution.  Effective governance provides the oversight, structure
                                                       1
               and culture needed to establish the goals of the organization, the means to pursue them and the ability to
               understand any associated risks.
               The COSO ERM Framework emphasizes that governance, including strong oversight, is a prerequisite to

               effectively identifying, assessing and addressing the full spectrum of risks to the organization.Incorporating
               ESG-related risks into the governance structure, systems and processes is critical for overcoming the
               challenges many organizations face in managing these risks – such as organizational silos, quantification
               challenges and organizational biases.




                                                   1       GOVERNANCE & CULTURE
                                                           FOR ESG-RELATED RISKS

                                                  2        STRATEGY & OBJECTIVE-SETTING
                                                           FOR ESG-RELATED RISKS


                                                  3        PERFORMANCE
                                                           FOR ESG-RELATED RISKS
                                                        a  IDENTIFIES RISK
                                                        b  ASSESSES & PRIORITIZES RISKS

                                                        c  IMPLEMENTS RISK RESPONSES

                                                  4        REVIEW & REVISION
                                                           FOR ESG-RELATED RISKS

                                                  5        INFORMATION, COMMUNICATION & REPORTING
                                                           FOR ESG-RELATED RISKS




               This chapter relates to the COSO ERM Framework component on Governance and culture and the five
               associated principles:
                                  2
                1  Exercises board risk oversight: The board of directors provides oversight of the strategy and carries out
                   governance responsibilities to support management in achieving strategy and business objectives.
                2  Establishes operating structures: The organization establishes operating structures in the pursuit of
                   strategy and business objectives.
                3  Defines desired culture: The organization defines the desired behaviors that characterize the entity’s
                   desired culture.
                4  Demonstrates commitment to core values: The organization demonstrates a commitment to the entity’s
                   core values.
                5  Attracts, develops and retains capable individuals: The organization is committed to building human
                   capital in alignment with the strategy and business objectives.

               This chapter outlines the following actions to help risk management and sustainability practitioners integrate
               ESG-related risks into ERM governance and culture:
                   Map or define the organization’s mandatory or voluntary ESG-related requirements





               Enterprise Risk Management | Applying enterprise risk management to environmental, social and governance-related risks  •  October 2018  13
   555   556   557   558   559   560   561   562   563   564   565