Karen L Coyne CPEA14

Co Veris, Inc.

A key component of developing and implementing a sustainability program within an organization will entail a periodic review of that program focusing on "How are we doing?" and "Where do we need to make improvements?" These are two basic tenets behind the management system function known as auditing, which helps an organization determine how they are doing in their journey along the path to sustain-ability. This section will describe what the audit process is and how an organization may audit against a broad-reaching concept such as sustainability. Specifically, we will address the following questions in this section:15

1. What is a sustainability audit?

2. What standards or guidelines are being used to audit against?

3. How and why are sustainability audits different from environmental, health and safety (EHS) audits or management system audits?

4. What are the drivers for conducting sustainability audits?

5. What are the impacts of the Sarbanes-Oxley Act of 2002 and corporate governance forces?

6. What is the role of third-party verifiers16 and how does that impact companies with implemented sustainability programs?

7. Is there a professional certification for sustainability auditors?

8. What are the steps to implement a sustainability audit process? What is a Sustainability Audit? Before specifically addressing sustainability audits, it will be helpful to review some basic terminology,17 such as what is an audit? Simply put, the audit function is a systematic evaluation process. The audit activity is directed at verifying an organization's status with respect to explicit criteria. An audit is distinct from other types of evaluations that involve conclusions

14CPEA is the certification acronym for Certified Professional Environmental Auditor.

15The closely related topic of audit reports and sustainability reporting is covered in Section 6.4 of this chapter, entitled "Reporting Sustainability Performance."

16In this section, the terms auditor, verifier, assessor, and assuror are used interchangeably and have the same meaning.

17Each organization will utilize different terms for the same basic function. In implementing an audit process for a sustainability program, the following terms may also be utilized to describe the audit function, dependent upon regional, cultural, and/or linguistic differences: assurance, verification, measurement, assessment, or review.

based on a limited evaluation or, simply, professional opinion (The Auditing Round-table, 1993). It is an event in time (a "snapshot") measuring performance (or lack thereof) against an established set of audit criteria.

The audit function has been defined by the professional association for EHS auditors as "a systematic, documented process of objectively collecting and evaluating factual information in order to verify a site or organization's [...] status with respect to specific, predetermined criteria" (The Auditing Roundtable, 1997). The audit criteria are "specific measures or requirements against which the auditor tests and evaluates the information collected as a part of the audit process" (The Auditing Roundtable, 1997). Those criteria may be regulations, management standards, performance standards, performance indicators and metrics, principles, guidelines and/ or corporate directives, to name a few.

The audit process follows a prescribed approach involving the following major steps (The Auditing Roundtable, 1997):

• Define the audit program objective and scope.

• Define the audit program organization. This should include defining the entity conducting the audit, the staffing plan, the authority of those staff, the minimum qualifications of audit program personnel, and the selection criteria for the audit team.

• Select the sites to be audited. This should include the frequency of the audits and the methodology behind site selection.

• Select the audit protocols, checklists, or guides to be utilized during the audit. This should include how the selected document was developed, approved, updated, and retained for future records.

• Define the pre-audit activities. This should include planning on-site activities for meetings, file reviews, site tours, and interviews.

• Establish procedures for audit reporting and document management. This should include defining the audit report content, timing, and distribution, as well as how procedures on how documents generated during the audit will be managed.

• Establish procedures for post audit corrective action and tracking of findings. This should include responsibilities and timing for follow-up and mechanisms to remedy any nonconformance identified.

• Define quality assurance processes to be built into the audit process.

A sustainability audit builds on these basic definitions of the audit and audit process and requires measurement and tracking targeted to the three dimensions of any sustainability program. That is, the sustainability audit process measures value, and subsequent progress, in the three dimensions of sustainability: social, environmental, and economic. The values are measured through performance metrics against a set of performance indices (or criteria), or against a set of sustainability guidelines (both are discussed later in this section). These values can often be difficult to quantify. A sustainability expert in Australia succinctly addressed the core issue of measuring sustainability by stating "I think of sustainability as a broad index or set of indices. That is, I judge an action or an activity on a continuum between non sustainable and sustainable. We all embrace sustainability at the macro level, but we are having trouble applying it at the micro level" (Greenfield, 2000). What Standards or Guidelines are Being Used to Audit Against? At the time of publication, there is not yet a global performance standard or management system scheme for what constitutes "sustainability" or "sustainable development." The International Organization for Standardization (ISO) has decided to develop a related Social Responsibility (SR) guidance (ISO, 2004); however, it is not clear the extent to which this may address the three dimensions of sustainability.18 As noted in the press release regarding this news, the following statement was made:

In deciding to develop an SR guidance standard, ISO emphasizes that it is intended to add value to, and not to replace, existing inter-governmental agreements with relevance to social responsibility, such as the United Nations Universal Declaration of Human Rights, and those adopted by the International Labour Organization (ILO), and other UN conventions. Furthermore, it recognizes the need to develop an agreement with ILO on cooperation between the two organizations in the area of social responsibility.

Owing to the lack of a common external standard, the rapidity with which the movement towards sustainability has been developing, and a confusion regarding overlapping terminology, there is a growing proliferation of a broad range of performance standards, guidance documents, principles, guidelines, and frameworks related in one way or another to sustainability (Coyne, 2002). These have been developed by various stakeholders such as governmental, nongovernmental, or advocacy organizations; business or trade associations; or industry groups (BSR, 2000; Coyne, 2002). Some focus exclusively on the social and ethical portions of sustainability, while others include a broader focus including labor, human rights, environment, and corporate governance. Some of these contain principles applicable to an organization's sustainability program, and others are targeted towards the external reporting of these programs. As previously mentioned, none yet combine all three areas of sustainabil-ity under a single standard or management system scheme.

The list of these efforts is growing almost monthly; however, a partial, alphabetical listing of the most well-known principles, guidelines, and standards is as follows:19

18The decision was made by ISO at a senior management meeting held 24-25 June following the input provided before and during the international conference on social responsibility held 21-22 June 2004 in Stockholm, as well as through the efforts of the ISO SR advisory group's analysis and resource report.

19See Appendix 2 for a Directory of Standards and CSR-Related Organizations by Future 500. For a useful comparison document outlining the major guidelines and standards in this area, please see "Comparison of Selected Corporate Social Responsibility Related Standards" (BSR, 2000).

• AA1000S Assurance Standard (AccountAbility, 2003) is an assurance standard developed through AccountAbility, an international membership organ-ization.20 "The standard is designed primarily for assurance providers in guiding the manner in which they provide assurance. The AA1000 Assurance Standard covers the principles that define a robust and credible assurance process, the essential elements of a public assurance statement, and the independence, impartiality and competency requirements for assurance providers. The Assurance Standard can be used for stand-alone assurance, but can be best understood and used in conjunction with the rest of the AA1000 Series and particularly the AA1000 Framework" (AccountAbility, 2003). AA1000 Framework (AccountAbility, 1999) is the initial foundation and general management framework upon which the rest of the AA series is built.

• Caux Round Table Principles for Business (Caux Round Table, 1994) is a global set of aspirational principles developed by business leaders for responsible corporate behavior based on the two ethical ideals of kyosei and human dignity.21 There is a greater focus on business conduct, community involvement and corporate governance, and a lesser focus on environmental and human rights (as distinguished from human dignity) issues (Coyne, 2002).

• Coalition for Environmentally Responsible Economies (CERES) Principles (CERES, 1989) includes ten principles for voluntary organizational endorsement, the purpose of which is to "not only formalize their dedication to environmental awareness and accountability, but also actively commit to an ongoing process of continuous improvement, dialogue and comprehensive, systematic public reporting." These are one of the oldest sets of principles and were originally named the Valdez Principles (CERES, 1989).

• Corporate Responsibility AuditTM (SmithOBrien, 1995) is a systemic, cross-functional assessment of corporate culture and operating practices, applies over 100 performance indicators in corporate governance, quality management systems, environmental performance and energy conservation, human resources, including labor relations, human rights, community involvement, and stakeholder collaboration to evaluate a company's effectiveness at adhering to its core values, industry or international standards, and stakeholder expectations.

• The Global Sullivan Principles (Sullivan, 1999) is an aspirational standard, which includes eight principles on labor, ethics, and environmental practices for global multinationals (BSR, 2000). An annual public pledge by endorsing organizations is required.

20AccountAbility is "an international, not-for-profit, professional institute dedicated to the promotion of social, ethical and overall organizational accountability, a precondition for achieving sustainable development" (AccountAbility, 2003). The AA1000S is available on the Institutes' website through a nocharge download.

21"The Japanese concept of kyosei means living and working together for the common good enabling cooperation and mutual prosperity to coexist with healthy and fair competition. 'Human dignity' refers to the sacredness or value of each person as an end, not simply as a mean to the fulfillment of others' purposes or even majority prescription" (Caux Round Table, 2004).

• Organisation for Economic Development and Cooperation's Guidelines for Multinational Enterprises (OECD, 2000) incorporates voluntary principles and standards endorsed by over 33 countries for responsible business conduct by multinationals covering human rights and environmental issues.

• The Principles for Global Corporate Responsibility: Bench Marks for Measuring Business Performance (ICCR, 2003) is a set of performance standards and expectations for corporate behavior covering a wide range of over 60 issues that ICCR feels are fundamental to responsible corporate actions, including environment, child labor, and corporate governance.

• American Chemistry Council (ACC) Responsible Carew Management System (ACC, 2004) "replaces the current practice of applying six [Responsible Care] Codes (e.g., community awareness and emergency response, distribution, employee health and safety, pollution prevention, process safety and product stewardship) with a combined 106 management practices. Instead, relevant aspects of the existing Codes are subsumed into a RCMS that is based on benchmarked best practices of leading private sector companies, initiatives developed through the Global Environmental Management Initiative, International Standards Organization and other bodies, and requirements of national regulatory authorities" (ACC, 2004).

• Social Accountability (SA) 8000 (SAI, 1998) is a certifiable, auditable standard containing nine principles focused on labor and human rights for international workplaces. Many of the International Labor Organization's workplace standards were incorporated into SA8000.

• Sustainability Reporting Guidelines (Global Reporting Initiative, 2002) are a set of voluntary sustainability reporting guidelines, based on (and with similarities to) financial reporting.

• United Nations (UN) Global Compact (UN, 1999) is a voluntary corporate citizenship compact covering nine principles in the areas of human rights, labor, and the environment. It includes specific practices for endorsing organizations to enact in both internal corporate practices and complementary external public policy initiatives.

The proliferation of guidelines and standards, and their inconsistent coverage of the core principles of sustainability, remains a key reason why many organizations have opted to create their own guidance or principles. In a recent survey of 107 multinationals conducted through a study commissioned jointly by the World Bank and its financial arm, the International Finance Corporation, survey participants were asked to identify what guidelines their organization used to determine corporate social responsibility. Fifty-one percent of survey respondents identified their own organization's code of conduct, while one-third adhered to an external code or standard (WBCSD, 2004a). Until a globally accepted, consensus-based standard is developed, such as that which may form out of the efforts of the International Organization for Standardization, there will likely be little in the way of uniform practice or approach.

In addition to the proliferation of guidelines and standards, much research has also occurred in the (different, yet related) field of sustainability performance indices and associated metrics,22 both within organizations as well as externally through governmental and nongovernmental organizations (NGOs). Performance indices for measuring sustainability or assessing sustainability performance may be developed by each organization, based on organizational-specific sustainability goals, risks, opportunities, and/or commitments. Alternatively, the performance indices and associated metrics may be developed by using external indices with company-specific customization.

A well-known example of the externally derived sustainability indices and metrics may be found as part of the standardized sustainability reporting process under the Global Reporting Initiative (GRI). In the most recent set of sustainability reporting guidelines, a set of hierarchical, core indicators has been developed, whose purpose is "to provide information about the economic, environmental, and social impacts of the reporting organization in a manner that enhances Comparability between reports and reporting organizations" (GRI, 2002).23 These indicators were developed as one way to measure economic, environmental, and social performance of organizations. In the context of developing and implementing a sustainability auditing program with explicit, predetermined criteria, the GRI list of indicators may be a place for organizations to start the process of defining their own indicators and setting up the data collection efforts needed to track those indicators.24

Of the three categories of sustainability performance measurement, the social area may be the most difficult to address. Where financial and environmental indicators lend themselves easily to quantitative performance measurement, "many of the social issues that are the subject of performance measurement are not easily quantifiable" (GRI, 2002). Social indicators must often rely on qualitative measures of the organization's operations. This is an area where further research will be needed. An example of the core social indicators and metrics from GRI's Sustainability Reporting Guidelines is illustrative of this difficulty:

GRI Core Indicators for Social Performance (GRI, 2002):

0 0

Post a comment