A new buzzword in 2021 is ESG or environmental, social, and governance (ESG). Throughout the year FutureCIO noted increased executive mentions of ESG, possible reflecting consumer, investor and enterprise’ preference to include ESG in decision-making processes.
A better way of monitoring ESG
ESG tracking and reporting is typically based on one of several frameworks (Global Reporting Initiative [GRI], International Integrated Reporting Council, Carbon Disclosure Project [CDP], Climate Disclosure Standards Board, Sustainability Accounting Standards Board [SASB; now the Value Reporting Foundation]) and while adapted to each company's specific needs is more formulaic in an application.
This plethora of frameworks that currently guide ESG tracking and reporting make it impractical for companies to effectively monitor ESG risk and even more difficult to leverage data to make positive tangible shifts.
While these frameworks provide a general guideline for what companies need to be tracking for ESG, the use of different methodologies and scoring systems creates inconsistency in comparing companies' ESG performance.
The lack of standardization also makes it easy for companies to design their ESG reporting to capture only the good data, ignoring the bad, and portray an overly optimistic view of ESG activity.
Without standardization in framework and reporting, these metrics are unreliable and have resulted in concerns over greenwashing.
New market opportunity
Because ESG is performance-driven and focused on the materiality/business impact of ESG activities, the increased effort to collect and report on ESG metrics is creating a market opportunity that has emerged for software solutions that support the rapidly evolving requirements of ESG risk management.
These solutions were initially designed to track and report ESG metrics but are increasingly being integrated with other risk management areas, including third-party risk, operational risk, compliance risk, privacy risk, and business resiliency.
The ESG risk software landscape can be further subdivided into those solutions that allow companies to manage risk and those solutions that allow companies to report on their ability to manage risk.
"On one end of the ESG risk management spectrum are solutions that take a modular approach and primarily function as data management tools, where ESG metrics are consolidated, organized based on applied frameworks, and tracked over time. These solutions are retrospective, tracking and reporting on what has already occurred," said Amy Cravens, research manager, Governance, Risk, and Compliance at IDC.
She explained that on the other end of the spectrum are solutions that apply an ESG lens across the risk landscape of a company, are deeply integrated and embedded in existing processes, and are leveraged as a strategic business tool. These tools are predictive, gathering intelligence to monitor indicators and react to redirect risk vectors.
ESG is quickly becoming a central component of most companies' overall governance, risk, and compliance (GRC) strategy with IDC expecting that penetration of ESG risk management solutions among GRC users will grow from 50% in 2021 to over 90% by 2026.
IDC estimates that global ESG risk and reporting software revenues will more than double over the 2020—2025 forecast period, growing to more than $720 million in 2025.