I have seen several articles and blog posts lamenting the apparent fact that internal audit teams are not spending a large percentage of their audit plan addressing ESG risks.
CIO.com defines ESG as:
Environmental, social, and corporate governance (ESG) is a strategic framework for identifying, assessing, and addressing organizational objectives and activities ranging from the company’s carbon footprint and commitment to sustainability, to its workplace culture and commitment to diversity and inclusion, to its overall ethos regarding corporate risks and practices. It’s an organizational construct that’s become increasingly important, especially to socially responsible investors who want to invest in companies that have a high ESG rating or score.
The three main pillars of ESG include:
- Environmental commitment: This includes everything around a company’s commitment to sustainability and the impact it has on the environment, including its carbon emissions and footprint, energy usage, waste, and environmental responsibility.
- Social commitment: This covers a company’s internal workplace culture, employee satisfaction, retention, diversity, workplace conditions, and employee health and safety. Companies with happy and healthy employees perform better and are viewed as a stronger investment.
- Corporate…
