IIA and COSO paper connecting the integrated thinking to sustainable internal controls
Organizations in various industries and of all sizes are under pressure to demonstrate how they identify, manage and report on sustainability risks and opportunities. This includes consideration of a wide array of issues such as climate change, diversity and social justice which are redefining value creation and organizational success. The need to align how to manage sustainability risks with reporting has made the concept of integrated thinking more relevant.
A recently published paper from the Institute of Internal Auditors (IIA) and COSO looks to demonstrate that organizational leaders must look to understand and embrace the concept of integrated thinking, a holistic mindset, to face the enormous challenge in establishing a complex, sophisticated, and mature internal control and governance practice that is truly sustainable.* As organizations seek ways to address the enterprise-wide nature of ESG, this is a perfect time to employ an integrated solution that takes into account the programs and methods in place to enhance, rationalize, optimize and align these programs to address ESG challenges and expectations.
An integrated approach should look at the application of integrated thinking through four different frameworks and draws on the parallels of each framework. Lastly, the paper demonstrates how an internal audit function is in a unique position to facilitate this type of thought process and be able to provide objective and independent assurance to add value in the assessment of sustainability governance, risk management, and controls.
Integrated thinking is described by the Integrated Reporting Framework as “the active consideration of the relationship between its various operating and functional units that the organization uses or affects.” * It leads to integrated decision-making and the creation of value over the short, medium, and long term”. The paper draws on four frameworks: COSO, ERM, the IIA’s Three Lines Model, and the International Integrated Reporting Framework. It outlines the relationship among all frameworks and the application of integrated thinking when identifying, assessing, and managing sustainability risks.
The internal audit function should play a significant role in an organization’s ESG journey as an advisor helping identify and establish a functional ESG control environment. Internal audit functions have a unique opportunity to be an independent, assurance provider familiar with all aspects, including nonfinancial, of the organization’s sustainability journey. Here are some activities that internal audit functions can do that help facilitate integrated thinking and supporting the implementation of sustainability processes and controls:
The paper outlines how the four frameworks can be leveraged to provide a holistic approach in understanding how sustainability risks manifests across all areas of the organization and the critical relationship between sustainability and long-term organizational success.
Integrating sustainability risks and controls is a complex challenge, and this paper provides a starting point by providing a practical application to managing a pervasive risk. Internal audit contributes the essential ingredient of independent and objective assurance and advice which adds value by providing the governing body with critical assessments of governance, risk management and controls.
Internal Audit's role in ESG
Discover how Internal audit is in a unique position to provide an efficient approach to ESG.Download PDF