To create real value, companies need to implement an ESG performance management, including the definition of KPIs, ESG reporting, and management approaches for ESG KPIs. Only by successfully integrating ecomomic, environmental and social performance into strategic decision making, a company can gain a competitive advantage.
Today, there are many tools available to help companies collect the required data and generate reports based on ESG standards (e.g., SAP Sustainability Control Tower). However, in order to rely on the data and reportngs generated by these tools, the accuracy and reliability of ESG-related end-to-end processes and data must be ensured. This requires implementing and verifying the effectiveness of appropriate IT General Controls and IT Application Controls.
IT Controls are conducted at the application, operating system, and database levels for:
The IT Controls ensure the integrity of programs, data files, and computer operations. They are designed to fulfill all requirements regarding confidentiality, integrity, and availability of data. Without effective IT Controls, it may not be possible to rely on ESG IT systems. IT Application Controls (ITAC) refer to transaction processing controls that ensure complete and accurate processing of data from input through output.
Governance, risk and compliance tools provide a holistic approach to managing an organization's risk and compliance requirements by integrating governance, risk management, and compliance management activities into a single platform. It is important to cover all relevant (SAP and non-SAP) source systems, from on-premise to Software-as-a-Service (SaaS), as shown in figure two:
Depending on the deployment model, the responsibilities of the customer and the respective service provider(s) vary, and therefore do the related tasks.
In particular, our services are designed to ensure:
The aim of our services is to ensure the accuracy & reliability of ESG-related end-to-end processes and data to maintain an effective internal control system over sustainable business activities and reporting acknowledging the COSO-ICSR Supplemental Guidance (see COSO-ICSR-Report). For more information, please contact our team at any time.