WBCSD logo 2023

Risk management

The board has a duty to oversee risk management and internal control processes, this should include the integration of environmental, social and governance information.

Risk management is about doing good business, and on a basic human level, it is about survival. Business should be aware of all potential ESG-related  risks and should be doing more to bring these risks into the conversation.

It is important that the board instils the appropriate culture to manage ESG-related risk and opportunity to ensure business resilience over the long-term. When considering existing board responsibilities such as strategy development, the board should reflect upon the potential implications of a wider range of risks that may impact the achievement of business objectives.

The board, where necessary, should challenge management to ensure it is considering these issues, but to do this, the boards needs to be aware and abreast of these larger and systemic sustainability challenges.

“‘I think risk assessment in the context of ESG, is critically important and a factor that the board can’t overlook. And so also during the course of strategy development it is just as important to look at ESG on the risk side of strategy development, as it is on the opportunity side”

Gloria Santona

Of Counsel, Baker McKenzie

WBCSD – COSO Risk management guidance

Entities, including businesses, governments and non-profits, face an evolving landscape of environmental, social and governance (ESG)-related risks that can impact their profitability, success and even survival. Given the unique impacts and dependencies of ESG-related risks, WBCSD partnered with the Committee of Sponsoring Organizations of the Treadway Commission (COSO) to develop guidance to help entities better understand the full spectrum of these risks and to manage and disclose them effectively.

This guidance is designed to help risk management and sustainability practitioners apply enterprise risk management (ERM) concepts and processes to ESG-related risks. In particular it helps companies to consider other methods of assessment and prioritization, looking beyond impact and likelihood to consider business adaptability, vulnerability, the interconnectivity between risks and the speed of on-set to support a more holistic view of risk management and understand the potential impacts on achievement of business strategy and objectives.

The full guidance, Applying Enterprise Risk Management to Environmental, Social and Governance-related Risks can be downloaded here. 

Questions to the Board

We have collated a series of questions for both board directors and for executive management, designed to be used as prompts for discussion. The questions are intended to help organizations further integrate environmental and social considerations into the existing governance arrangements and decision-making processes within the organization. 

There are a series of questions for the board to ask itself or consider in boardroom discussions and a series of questions for the board to collectively ask management to ensure the considerations are embedded in the business operations. Download the questions using the link below.

Download the questions here

Training opportunities

To support our implementation and engagement activities on enterprise risk management, WBCSD is convening board directors to provide them with further knowledge and information on how the board can improve the enterprise risk management process and understand the potential systemic risks that may impact the achievement of business strategy and objectives.

The WBCSD-COSO guidance was awarded ISAR Honour at the 36th meeting of the intergovernmental working group of experts on international standards of accounting and reporting. Additionally, attending an in-person or virtual workshops will entitle participants to CPD credits, our training resources have recently been accredited. 

To find out more or discuss upcoming workshops, please contact risk@wbcsd.org

Case studies


Unilever highlighted their management of ESG risk in their 2018 Annual report: “The success of our business depends on finding sustainable solutions to support long-term growth. Unilever’s Vision to grow our business, while decoupling our environmental footprint from our growth and increasing our positive social impact, will require more sustainable ways of doing business. In a world where resources are scarce and demand for them continues to increase it is critical that we succeed in reducing our resource consumption and converting to sustainably sourced supplies. In doing this we are dependent on the efforts of partners and various certification bodies. We are also committed to improve health and wellbeing and enhancing livelihoods around the world, so Unilever and our communities grow successfully together. There can be no assurance that sustainable business solutions will be developed and failure to do so could limit Unilever’s growth and profit potential and damage to our corporate reputation


Greif assesses organization-wide risk through our formal Enterprise Risk Management (ERM) process and a rigorous governance structure. Greif’s Risk and Content Monitoring processes includes feedback from regular customer and investor engagement and Greif’s Sustainability Steering Committee (SSC). In 2018 Grief added their director of sustainability to their Risk Leader Committee (RLC) to better assess and incorporate sustainability risks and opportunities to the business. Each risk is evaluated for potential opportunities and reported to the Board annually for approval. Once approved, risks are evaluated by the RLC to develop plans for risk mitigation and opportunity capture.

Stora Enso

Stora Enso has demonstrated the importance of corporate governance for integrating sustainability into Enterprise Risk Management (ERM). In 2014, the company took steps to more clearly integrate sustainability-related issues in ERM from the board level to every aspect of its supply chain. They appointed a Senior Vice President of ERM with relevant sustainability experience to oversee ERM development in collaboration with the sustainability function. Also, an internal ERM working group has been established to coordinate risk management across the organization. Using governance to integrate sustainability into ERM has strengthened Stora Enso’s management and oversight of sustainability issues and risks. These activities underscore the importance of sustainability to the company which is more than a stated purpose; it is deeply embedded in the company’s culture of responsibility to the community.

CLP Group

On page 6 of their Sustainability Report 2018 CLP Group describes its rigorous and evidence-based process to identify their material topics. Their process was guided by the Applying enterprise risk management to environmental, social and governance-related risks guidelines published by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) and the World Business Council for Sustainable Development (WBCSD) in October 2018


We have curated a list of resources that may be useful to board directors, this is not intended to be an exhaustive list, but rather an example of further reading that can be done to enhance board awareness of key environmental, social and governance considerations.

If there are any resources that you think are missing, or that we should refer to, please do not hesitate to email us

This work is funded by the Gordon and Betty Moore Foundation as part of a conservation and financial markets collaboration.
For more information, please see

Copyright © 2023
World Business Council for Sustainable Development

All rights reserved | Privacy Policy


Avenue du Bouchet 2bis,
1209 Geneva,

Tel: +41 (22) 839 3100

How to find us

Share This