How #GRC, #Sustainability and #CSR relate to one another (via @ITCompliance)

Adrian Bowles discusses his point of view regarding How GRC, sustainability and CSR relate to one another in this IT Compliance article.  I found the arguments of interest but in need of clarification.

In recent years, I’ve described my research area as sustainability — with a focus on how IT can help an enterprise become more durable to economic and ecological pressures. I’ve written previously about IT governance and the role of IT in enterprise risk management, governance and regulatory compliance (GRC). The progression of interests seemed natural to me, but I’ve seen confusion among IT management about the relationships among GRC, sustainability and corporate social responsibility (CSR).

Clearly there exist inter-relationships and multiple functional stakeholders in any sustainability conversation.  Compliance, HR, procurement, operations and IT all have unique views on what sustainability and CSR are and are not based on their mission inside the organization.  These elements may or may not be compliance-driven, that is a not-for-profit organization may desire to do good by the environment and invoke green purchasing laws but unlike a manufacturer they do not have green laws governing substances used to make their products.

In one case, a manager told me unequivocally that GRC is part of sustainability, and drew a chart to prove his point. Another drew a similar chart but showed sustainability as part of a GRC program. CSR was dismissed in both of these discussions.

Unfortunately our software industry friends do little to alleviate this conversation.  Since so much of the reporting aspect of sustainability deals with regulatory requirements, sustainability is often “boxed in” with other compliance applications in the IT ecosystem that this manager has a case for believing that view.  I would argue though that properly approached, sustainability and CSR are much more strategic than compliance driven and should be treated so in the organization.

Read the full article on here.


1 Comment

Filed under Compliance, Information Technology, Operations, Strategy, Sustainability

One response to “How #GRC, #Sustainability and #CSR relate to one another (via @ITCompliance)

  1. Thanks for the comments, and your thoughtful analysis. I agree that “properly approached, sustainability and CSR are much more strategic than compliance driven”. I might take it a step further and say that at one level all of strategy is a function of risk management, even if it isn’t explicitly treated that way. CSR has economic attributes that may be factored into this analysis, but sometimes it is “passion-driven” rather than ROI focused, which makes it an interesting area for analysis.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s