NO, indeed not. I’m not going to get into the ESG proponents vs opponents who call it “woke capitalism” debate. I am exactly foraying into how internal audit can truly demystify it and unravel the meaning behind!
Environmental, Social and Governance (ESG) might seem to be yet another buzz word, but well it isn’t, if correctly understood that is! But the opposition have afforded it an impetus that seems to remain for now. There’s nothing wrong in a buzz word but since the fancy around such words is short lived, one needs to ensure, once fully understood, that ESG remains ingrained in our individual and collective understanding and approach.
And well, it’s certainly the case that the term is newly minted and attributed to something that has been a cause for concern for a considerable time now. The social issues like equal opportunities for all, conducive work environment, equity, legislation to safeguard employee rights is nothing new.
Similarly, Environmental issues have been a cause for global concern for decades now and got a renewed push under the umbrella of sustainability. As for Governance, the concept acquired significance in the backdrop of high-profile corporate failures in US in early 2000s, hence the introduction of SOX and corporate governance codes.
And now that we’re at corporate governance, it’s clear that internal audit has a role to play in context of ESG. This role is so significant that it could be the litmus test for ESG furtherance and excellence in an entity. So’ let’s now get to that.
First, the Institute of Internal Auditors has already issued a white paper on ESG back in 2021. The paper briefly touches upon the role of internal audit in ESG and renders a lot of emphasis upon the significance of ESG itself and its status. The IIA has several resources available to educate internal auditors on the happenings in ESG.
Primarily, it is the objective and independent status of internal audit that allows it to deploy a systematic and disciplined approach to adding value to an organization’s operations. And what better use of internal audit prowess than to adding value to those operations that are meant to impact ESG excellence?
For instance, if internal audit interventions are specifically credited for helping improve the ‘G’ or Governance, it serves to benefit the entity as a whole since governance directs and controls the entity, environmental social, risk management and controls, all inclusive!
One by one let’s decode ESG through internal audit:
ENVIRONMENTAL
| Areas to Help | How to Help |
| Regulatory compliances | Assurance over identification and regular maintenance of requirements followed by testing occurrence, completeness and accuracy of data, results and reports submitted to support such requirements. |
| Best practices | Advisory to identify such practices, determining relevance and helping customize and adapt these followed by adoption status assessments and adherence assessments mechanisms. |
| Global Standards | Advisory to identify global standards, which are relevant, could be adopted, could be adhered to and their adoption helps the entity aim for excellence. |
| UN’s SDGs | Advisory to identify and adopt relevant Sustainability Development Goals from UN for contributing to the cause of sustainability and developing mechanisms in support of these |
| ISO 14001 certification |
Advisory to adopt ISO 14001 Environment Management certification, integrating its process approach and checklist-based audit requirements in core internal auditing. Assurance once integrated. |
| ISO 50001 certification |
Advisory to adopt ISO 50001 Energy Management certification, integrating its requirements in support of energy conservation and its process approach and checklist-based audit requirements in core internal auditing. Assurance once integrated |
| Obligations Inventory |
Advisory to help develop and maintain a complete inventory of environmental obligations of the entity. Assurance over timely, accurate and complete fulfillment of obligations. |
| Framework development | Advisory to integrate environmental management focus in organizational operations. |
| Risk Register | Advisory to help develop a library of threats to Environmental compliances, standards and practices and documenting an inventory of risks in this regard emanating from entity’s operations. |
| Policies & Procedures |
Assurance to evaluate fulfillment of requirements of policies and procedures pertaining to environment. Advisory to help improve relevant policies and procedures. |
| Disclosures & Reporting | Advisory to aid determination of complete and accurate disclosure requirements when these become mandatory for adoption. Advisory to ascertain and develop reporting mechanism. |
| Performance Management | Advisory to help identify what to monitor, helping with their evaluation and helping develop a system for regular monitoring and evaluation. |
* Certainly, more aspects of internal auditing role in improving Environmental issues could be explored.
SOCIAL
| Areas to Help | How to Help |
| Statutory / Regulatory compliances | Assurance over legal requirements compliances through comprehensive checklists. |
| Management System | Assurance through process audits of recruitment, compensation and benefits, promotions, redundancies, etc. |
| Obligations Inventory |
Advisory to help develop a complete inventory of labor laws related obligations of the entity. Assurance over timely, accurate and complete fulfillment of obligations. |
| Complaints / Grievances | Advisory to help develop mechanism for communication, escalation and redressal mechanism for employees’ complaints / grievances. |
| Risk Register | Advisory to help develop an inventory of risks to fulfillment of requirements and entity’s other objectives pertaining to employment. |
| Policies & Procedures | Advisory to help improve relevant policies and procedures. |
| Workplace Health & Safety |
Advisory to help document and formalize the requirements pertaining to workplace health and safety. Assurance over fulfillment of such requirements. |
| Disclosures & Reporting |
Advisory to aid determination of complete and accurate disclosure requirements. Advisory to ascertain and develop reporting mechanism. |
| Performance Management | Advisory to help identify what to monitor, helping with their evaluation and helping develop a system for regular monitoring and evaluation. |
* The list is inconclusive!
GOVERNANCE
| Areas to Help | How to Help |
| Regulatory compliances |
Assurance over identification and regular maintenance of requirements followed by testing compliances with such requirements. Advisory to help develop the core system and structure of how and what needs to be reported and when it needs to be reported and resolved by the Board. |
| Terms of References |
Advisory over aligning / co-developing the terms of references for Board and its committees duly aligned with statutory / regulatory requirements, if any. Assurance over fulfillment of those requirements through review of minutes, actions, etc. |
| Code of Conduct / Ethics |
Advisory to help develop or align the employee and board code of conduct with Organization’s values and ESG requirements. Advisory to help determine if the violations are reported and acted upon in accordance with Company’s policies and other requirements. |
| Policies |
Advisory to help determine what policies need to be enacted through assessment of areas that need to be governed and what policies need to be approved by the Board so that their approval and revision remains only with the Board. Assurance over compliance with policing requirements. |
| ESG Investments | Advisory over how Board should encourage identification and evaluation of ESG investment opportunities and develop its understanding of the concept. |
| Risk Management | Advisory to help Board with review of entity’s risk registers of all processes to improve upon sustainability. Advisory aiding development of risk heat maps based on entity’s risk capacity, appetite and tolerance. |
| Evaluation System | Advisory to help develop a system of evaluation of Board’s performance either by self and / or by third party. |
| Performance Management | Advisory to help develop a system for identification of employee performance targets and KPIs duly aligned with Company’s objectives, helping develop its evaluation criteria and the verification mechanism. |
| Delegations | Assurance over adherence / compliance with the delegations (financial and others) approved by the Board for management. |
| Whistle Blower Systems |
Advisory for aiding development of a fool proof system of whistle blower reporting and protection. Assurance over cases reported but not escalated to the Board. |
* Internal audit of governance can provide assurance and advisory much beyond these areas depending on Board’s requirements.
Thus, Internal Audit helps entities gain ESG excellence. Internal Audit is a one stop shop for buying comfort in the ESG experience.
It’s imperative to invest in quality internal audit resources to make investment in ESG worth every dollar!