This site uses cookies to provide you with a more responsive and personalised service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.
The full functionality of our site is not supported on your browser version, or you may have 'compatibility mode' selected. Please turn off compatibility mode, upgrade your browser to at least Internet Explorer 9, or try using another browser such as Google Chrome or Mozilla Firefox.

COSO and WBCSD issue draft guidance to supplement COSO’s updated enterprise risk management (ERM) framework

  • Book badge (green) Image

08 Jun 2018

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) and the World Business Council for Sustainable Development (WBCSD) have published, for comment, draft guidance: ‘Enterprise risk management: Applying enterprise risk management to environmental, social and governance-related risks’, designed to supplement COSO’s updated enterprise risk management (ERM) framework, ‘Enterprise risk management - Integrating with strategy and performance’.

The objective of the draft guidance is summarised in the introduction which states that:

Businesses face an evolving landscape of emerging environmental, social and governance (ESG)-related risks that can impact a company’s profitability, success and even survival. COSO and WBCSD believe that leveraging a company’s enterprise risk management governance and processes can support identification, assessment and mitigation of ESG-related risks. This guidance is designed to facilitate the process. 

The draft guidance applies COSO’s framework Enterprise risk management – Integrating with strategy and performance, to provide guidance to risk management professionals, risk owners and sustainability professionals on integrating ESG-related risks into ERM. By doing so, the draft guidance suggests that a company can achieve: 

  • enhanced company resilience;
  • a common language for articulating risks;
  • improved resource deployment;
  • enhanced pursuit of opportunity;
  • realised efficiencies of scale in considering ESG-related risks entity-wide; and
  • improved disclosure. 

The draft guidance is set in in seven modules starting with establishing governance structures and processes, then moving through the ERM process to identify, assess, respond, review and communicate ESG-related risks, while maintaining a line of sight to the business context and strategy. 

It is designed to be used by any entity facing ESG-related risks – from startups, not-for-profits, for-profit, large corporations or government entities – whether public and private. 

Comments on the draft guidance are requested until 30 June 2018.

The draft guidance is available on the COSO website.

Related Topics

Correction list for hyphenation

These words serve as exceptions. Once entered, they are only hyphenated at the specified hyphenation points. Each word should be on a separate line.