Page 604 - COSO Guidance
P. 604

3. Performance for ESG-related risks




               As such, all estimates are subject to some underlying uncertainty. Although this cannot be avoided, it is
                                                                                      30
               important to understand where the uncertainty occurs and document the limitations.  For example, an
               assessment of greenhouse gas emissions is subject to uncertainty due to the emissions factors selected,
               or extrapolation of data sets (if data for some facilities is not available). These key assumptions should be
               documented so they can be incorporated into the prioritization and decision-making process.

               Expert input
               Expert input harnesses the experience and knowledge of subject-matter professionals (either internal or
               external to the organization) in assessing or prioritizing a specific risk or set of risks. Expert input can also
               support identifying risks or providing additional understanding as to root causes, impacts or interdependencies.
               The results may be used as a stand-alone assessment or as inputs into further quantitative analysis for risk
               prioritization.
               Expert input can be particularly useful for risks that have limited data or established models, which is often the
               case for ESG-related risks and other emerging risks. The absence of information or tools does not mean an
               organization can ignore the risks, particularly if they are rated high in the ESG materiality assessment. For these
               risks, organizations can engage subject-matter resources through a series of interviews or a workshop to obtain
               scenarios and estimates in terms of impact, likelihood or other criteria. These results are often used as data
               points into quantification tools such as scenario analysis or Monte Carlo simulation as described below.
               The Delphi approach relies on a panel of experts (internal and/or external) who respond to several rounds
               of questionnaires or inquiry of risk ratings, assessing expected impact and likelihood of an individual risk or
               prioritizing a group of risks. Delphi may also be appropriate for identifying risks.


                  Example use of the Delphi approach for climate-related risk
                  The Delphi approach can be used with a group of climate subject-matter resources to develop distribution
                  curves on climate impacts on a portfolio of facilities. The group could be presented with a series of
                  questions, which may include the following:
                  • What is the range of sea level rise over the next 20 years in our operating regions (minimum, maximum
                   and midpoints)?
                  • What is the range of anticipated distribution of major storms within our operating regions?
                  • What is the range of temperature changes anticipated in our operating regions?

                  This information can provide support to synthesize many sources of information into a distilled view.
                  The outcomes of this workshop can support Monte Carlo modeling by providing the distribution curves
                  that form the basis from the model.
                  From this, discussions with the operations team can help the company understand the resulting
                  implications of the impacts on the facilities – for example, whether the impacts will lead to business
                  disruptions, damage and flooding or changes in insurance pricing. The output provides the basis to
                  appropriately prioritize the risk.



               Many organizations also use the Delphi approach to prioritize overall risks, often using a survey, voting and/or
               average method (see section 3 for further discussion).

               Forecasting and valuation
               Forecasting and valuation can be effective measurement tools for ESG-related risks, by leveraging historical data
               from the entity or its peers to estimate the potential impact of a risk on revenue, costs or profit. Organizations can
               compare the impact of ESG-related risks in financial terms with other entity-level risks during prioritization.
               The quality of forecasts is largely driven by the reliability of data and assumptions. For example, a Monte
               Carlo simulation (which provides the probability inputs for forecasts) requires large amounts of reliable data
               and assumptions developed by a group of experts (such as those described in the Delphi approach above) to
               produce a range of probabilities. Though less precise, data for an individual risk event can still contribute to a
               monetary risk assessment. For example, developing an assessment based on the cost of a single recall is less
               precise than an industry average of recalls over the past ten years.






               Enterprise Risk Management | Applying enterprise risk management to environmental, social and governance-related risks  •  October 2018  57
   599   600   601   602   603   604   605   606   607   608   609