What ESG issues should be included in your risk register?

As the world gets more and more interconnected, corporate responsibility and sustainability are more important than ever for a company’s success. 

Whereas in previous decades, a company’s value was mainly linked to physical assets like property and equipment, now it is intangible assets like branding, relationships, and ideas that define a business. 

The growing trend toward ESG measurements is, in part, a response to that change. Attractive businesses must now be more sensitive than ever to how they are perceived as members of a larger corporate environment. 

More and more companies understand the necessity to publish ESG reports detailing their performance on environmental, social and governance metrics. This comes from an awareness that steps like reducing their carbon footprint; improving diversity and gender equality in the workforce, and maintaining an ethical value chain for suppliers and customers display a level of social responsibility that is demanded by customers, partners and investors. 

Companies are also finding that the risks with the highest likelihood and impact affecting their business are related to ESG factors as well. Many of the fears that keep decision-makers up at night are related to reputational damage, cybersecurity, regulatory interventions, data privacy issues, supply chain risks, and extreme weather events. 

Businesses must display they are prepared to respond quickly to such risks and adapt to changes. Developing this type of resilience is what ESG is all about. 

According to the World Economic Forum Global Risks Report, the largest risks facing companies this year include: 

Climate change: Continued environmental degradation will increase pressure on the stability of supply chains and access to land and resources. Increased regulatory action regarding carbon emissions is also projected to disrupt markets and limit investment opportunities. Businesses should adopt more practices that act in harmony with environmental realities. 

Socioeconomic changes: The post-coronavirus economy will include greater volatility, particularly regarding labour forces, supply chains, and corporate governance issues. Firms will have to adjust their approaches to hiring and procurement to adapt. 

Cybersecurity: As more economic activity occurs online, exposure to cyber security threats is growing, and the incidence of and scope of large cyberattacks is projected to grow. Companies should improve the governance of their technology systems to enhance security. 

Companies would be well-advised to ramp up their efforts to improve their resilience in these areas. Those who have resisted ESG as “trendy” are now seeing that the world expects more from them. Confronting ESG risks has now emerged as one of the corporate world’s greatest challenges for 2022. 

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.