CCRcorp Sites  

The CCRcorp Network unlocks access to a world of insights, research, guides and information in a range of specialty areas.

Our Sites

TheCorporateCounsel

TheCorporateCounsel.net

A basis for research and practical guidance focusing on federal securities laws, compliance & corporate governance.

Visit
DealLawyers

DealLawyers.com

An educational service that provides practical guidance on legal issues involving public and private mergers & acquisitions, joint ventures, private equity – and much more.

Visit
CompensationStandards

CompensationStandards.com

The “one stop” resource for information about responsible executive compensation practices & disclosure.

Visit
Section16.net

Section16.net

Widely recognized as the premier online research platform providing practical guidance on issues involving Section 16 of the Securities Exchange Act of 1934 and all of its related rules.

Visit
PracticalESG

PracticalESG.com

Keeping you in-the-know on environmental, social and governance developments

Menu

Topics Close

Assurance
Climate
Compliance
Diversity
Environment
Equity
ESG
Guest Post
Human Rights
Investors
New Subject Area2
NEw Topic test
Social
Supply Chain
TeigaTech
TestSocial
View All Blog Posts

Table of Contents

Before You Begin

Companies have different approaches to identifying and assessing business risks. ESG/sustainability staff should meet with the risk management department to get an understanding of various frameworks, resources and criteria they use. That information plays a critical role in using this methodology and in ensuring internal acceptance of its results. This Guidebook breaks down relevant inputs from risk management in each step of this process.

Predicting risks is a combination of art and science, and the process is typically based on the concept of reasonable assurance for the identification and consequences of risks. One well-known benchmark in defining “reasonable assurance” is the Committee of Sponsoring Organizations (“COSO”) Enterprise Risk Management Framework. COSO discusses “reasonable assurance” as reflecting the notion that uncertainty and risk relate to the future, which no one can predict with certainty.

Limitations also result from the realities that:

  • Human judgment can be faulty;
  • Data can be wrong, misleading or incomplete;
  • Breakdowns can occur because of human failures such as simple errors or mistakes;
  • Controls can be circumvented by collusion of two or more people;
  • Decisions on risk responses and establishing controls need to consider the relative costs and benefits; and
  • Management has the ability to override enterprise risk management decisions.

These limitations preclude anyone from having absolute assurance that objectives will be achieved. It is important to maintain this perspective throughout the exercise — you should not expect to achieve perfection or absolute confidence. At the same time, the more rigor and standardization you apply in the process, the better and more defensible the results.

Next: Risk Identification Or, return to all guidebooks