The Covid-19 pandemic has demonstrated the essential need for greater agility in how organizations face disruption. Organizations operate in the digital age which enables adaptation and deployment of data-driven practices and tools to help them thrive amidst uncertainty while embracing innovation.
For sustainability standards and systems, practices like risk management and information management are ripe for deep review and enhancement. These practices help organizations meet the challenges of a more digital approach to sustainability risk monitoring. Stakeholders are also increasingly sharpening their focus on data and information as evidence of effectiveness.
For example, Covid safety restrictions have required adaptations to the work of sustainability standards which have traditionally used in-person auditors to evaluate sustainability best practices on farms, forests, fishery operations, and factories for myriad products across the globe.
Remote auditing is a practice where on-site audits are partially or fully replaced by virtual audits. Policies for remote auditing are emerging as pandemic conditions wear on and stimulate deeper reflection about sustainability assurance. They also point to how data-driven risk management practices could create greater credibility and opportunity for achieving sustainability objectives.
How could more targeted, data-driven and risk-based approaches in sustainability auditing ensure audits are more rigorous and credible? These practices will yield more nimble and adaptable organizations in the face of future market disruptions.
Covid operating conditions are challenging sustainability standards to accelerate their progress towards digital transformation. However, operational limitations are not the only driver for improved use of data in sustainability auditing and assurance. Standards also face changing conditions in their legal and regulatory landscapes. Changing conditions highlight heightened interest by stakeholders in supply chain accountability, human rights, and labor conventions. Some recent examples of changing conditions in the legal and regulatory landscapes include:
- Emergence of EU mandatory due diligence legislation for companies
- Expanding data privacy regulations (GDPR, CCPA, CDPA)
- Groundbreaking litigation in the United States opening up global supply chains to further scrutiny on human rights risks
- Issuance of growing numbers of Withhold Release Orders by U.S. Customs and Border Protection to block import of commodities entering the U.S.
These developments trend towards a more just society where evidence of responsibility and accountability is expected from key actors across the public and private spheres. This trend will grow in intensity in the future as the digital age affords us ever greater opportunities to capture insights about sustainability challenges and the effectiveness of proposed solutions. We can already see the emergence of this trend in innovations such as intelligent commodities. Intelligent commodities use the power of data to augment supply chain transparency and potentially finance training and resources needed to increase the uptake of sustainability good practices.
These developments imply that sustainability standards will be increasingly called to demonstrate transparency through reliable quantification of supply chain sustainability risks.
Are standards ready for this heightened level of scrutiny?
For some time, companies and brands that work with standards have relied on certification data to help manage social and environmental risks such as long-term climate adaptation, supply risks for food commodities, and other social risks such as forced labor. Companies and other stakeholders expect that standards have consistent, high-quality data from the product origins where certified products are sourced. Yet a consistent flow of trusted data eludes efficient management.
Is there a transparency strategy to help standards focus on which data is needed and for which risk management needs and requirements?
After working with standards on a range of assurance management and data governance growth and innovations opportunities, I have identified three key elements that can help sustainability standards and similar systems prepare to address the growing scrutiny on the supply chains where they work. Some of these practices are required of ISEAL Alliance members through best practices for sustainability system assurance (Assurance Code v2).
Three elements to support sustainability system transparency :
- Know your key data well. It is the currency of transparency: Data governance includes sustainable data sourcing and data traceability for an organization.
Many organizations are still in the infancy of understanding the life cycles of their most valuable data assets. These assets are more critical than ever to effective sustainability risk monitoring.
Data practices worthy of closer attention include:
- Documenting data rights and responsibilities
- Documenting data privacy practices in data exchanges across the auditing process
- Documenting data processes to support data quality(e.g. identifying data handlers, data processing steps, and data products and services)
- Publishing a data policy to instill confidence in stakeholders that good data due diligence has been carried out and that data is made available to stakeholders to assess the effectiveness of the standard.
- 2. Document and maintain a risk management plan and monitoring matrix. Could you demonstrate your knowledge of child labor risks in your supply chain today if asked? Could you also satisfy requests for detailed evidence about your due diligence to monitor the risk?
A risk management plan enables you to document and keep your finger on the pulse of sustainability risks that stand behind your assurance claim. A risk management plan can be created in assurance by using auditing data in annual assurance management reviews to identify and prioritize auditing risks (system risks, sustainability risks, etc.).
Your auditing information system should also enable you to update the risk matrix where these risks are documented and allow you to stay informed about the evolving nature of each risk. For increased credibility and effectiveness, triangulation of auditing data with external and trusted risk data can enhance risk classifications. Seamless implementation of data triangulation will depend on good data governance. Your risk matrix can provide significant business value if it is a living tool that is used in decision-making for remote auditing and other innovations such as recognition programs.
3. Develop a transparency plan as a first step to embed transparency planning in your system: Evidence of transparency will grow in importance in post-pandemic operating conditions where the demand for good information about the outcomes of your work will grow. This plan can include the documentation of current demands for transparency from stakeholders (e.g. greater details in public auditing reports) and the prioritization of those requests based on how they impact areas like your reputation and operations. This plan can be an interim measure as your embed data governance and risk management systems that enable you to share your data more confidently with stakeholders.
As a colleague recently shared with me, standards and other sustainability initiatives are currently in a watershed moment where their ability to provide evidence of transparency will define their credibility and potential for achieving their intended sustainability impact in the future.
Contact Ana for an initial consultation on how your system could implement the practices mentioned above.