Skip to main content

RM2.3: Governance Risk Assessment

Above Green
  • Updated

(3.55 points)

Intent

The intent of this indicator is to assess the entity’s understanding and mitigation of material governance risks. Systematic responses to governance issues include effective risk assessment, thoughtful mitigation planning, and implementation of action plans.

Requirements

Select Yes or No: If selecting Yes, select applicable sub-options.

Has the entity performed a governance risk assessment(s) within the last three years?

  • Yes
    • Select elements of the risk assessment process undertaken by the entity (multiple answers possible)
      • Risk assessments are regularly conducted or reviewed and updated
      • Risks are analyzed
      • Risks are evaluated and treated
    • Select all material issues for which risk is assessed (multiple answers possible)
      • Audit committee structure/independence
      • Board composition
      • Board ESG oversight
      • Bribery and corruption
      • Compensation committee structure/independence
      • Conflict of interest
      • Data protection and privacy
      • Delegating authority
      • Executive compensation
      • Fraud
      • Independence of board chair
      • Lobbying activities
      • Political contributions
      • Shareholder rights
      • Whistleblower protections
      • Other issues: ____________
  • No
    • Provide additional context for the answer provided (not validated, for reporting purposes only)

      ________________________

 

 

2020 changes: i). ‘Conflicts of interest’, ‘Delegating authority’, ’Shareholder rights’, ‘Board ESG oversight’ were added as governance issues. ii.) ‘Fiduciary duty’ was removed.

Contractor and/or operator engagement: In some cases, an indicator addresses an activity that applies to the reporting entity, yet is undertaken by an assigned contractor, operator and/or contracted entity. This is often the case, for example, for PPP type arrangements. In these cases, when providing evidence, the participant should specify the entity undertaking the activity and the relationship to that entity, to verify how these actions are applicable to the reporting entity. Copies of redacted contractual agreements/clauses to verify these relationships are acceptable.

Validation

Evidence: Document upload or hyperlink. The evidence should sufficiently support all the items selected for this question. If a hyperlink is provided, ensure that it is not outdated and the relevant page can be accessed within two steps.

The provided evidence piece(s) should:

  • Confirm that a governance risk assessment was conducted.
  • Contain all selected elements of the risk assessment process, highlighting or bringing attention to these where possible.
  • Include all selected issues within the assessment, highlighting or bringing attention to these where possible.

Evidence examples may include but are not limited to:

  • A document describing the entity’s governance risk assessments or other tangible proof of the entity's risk assessment activity.
  • Acceptable evidence may include an extract of a procedure undertaken such as register or matrix, checklists, scenario analysis or a section of a governance management plan addressing governance risks.

Evidence completeness: Evidence does not necessarily need to be provided in full. Rather, the evidence needs to be sufficient to verify the existence of the claimed risk assessment for each issue.

Reporting Year:Evidence provided must refer to an assessment that has taken place within the last three years; up to and including the end of the reporting year identified in EC3.

Note: If certain governance issues are embedded in law and/or regulation in the countries of operation, the entity may select the issue and evidence can be provided as a reference to the specific law or regulation and how it has been complied with, on the provided Evidence template.

Other: State the other governance issue. Ensure that the other answer provided is not a duplicate of a selected option above (e.g., Information security when ‘Cybersecurity’ is selected). It is possible to report multiple other answers. If valid, the issue will be assigned Medium Relevance.

Document uploaded: Participants may upload several documents. When providing a document upload, it is mandatory to indicate where relevant information can be found within the document.

See Appendix 4 of the reference guide for additional information about GRESB Validation.

Scoring

This indicator is scored as a Two Section Indicator (i.e. Section 1: 'Elements' response and, Section 2: 'Evidence' response).

Section 1:Fractional points are awarded depending on the participant having i.) financial or non-financial consequence of ESG targets and ii.) the selected group(s) of employees. Employee groups are not equally scored. Fractional points are then aggregated to calculate the indicator’s final score. It is not necessary to select all checkboxes to receive maximum points.

Other:Any ‘other’ answer provided will be manually validated and must be accepted before achieving the respective fractional score. If multiple ‘other’ answers are listed, more than one may be accepted in manual validation, but only one will be counted towards the score.

Materiality-based scoring: This indicator applies materiality-based scoring. Specific materiality weightings are assigned to the entity for each ESG issue in the GRESB Materiality Assessment indicator (RC7). The weightings are set at one of four levels for each of the ESG issues: No Relevance, Low Relevance, Medium Relevance, and High Relevance. Where an issue is of 'No relevance' or ‘Low relevance’ then the issue is not considered in scoring (i.e. there is no impact on score whether or not the issue is addressed). If an issue is of 'Medium relevance' then the issue counts towards the score with ‘medium’ weighting. If an issue is of 'High relevance' then the issue counts towards the score with ‘high’ weighting.

All issues of “Medium relevance” and “High relevance” need to be selected and addressed in the evidence to obtain the maximum score. For more details refer to the section on Materiality Based Scoring in this Reference Guide or download the GRESB Materiality & Scoring Tool.

Section 2:‘Evidence’ is mandatory for this indicator. Therefore, no points will be awarded unless the hyperlink and/or the uploaded document is considered valid, based on the evidence criteria stated above. The evidence is validated which determines a multiplier, according to the table below:

Evidence: The evidence is manually validated and assigned a multiplier, according to the table below. The evidence must support the validation requirements. If any requirements are not met, the evidence may be partially accepted or not accepted depending on the level of alignment with the requirements.

Validation status Score
Accepted 2/2
Partially accepted 1/2
Not accepted/not provided 0

Terminology

Audit committee structure/independence: A corporate board of directors establishes an audit committee to assist in discharging its fiduciary responsibility. An effective audit committee is an important feature of a strong corporate governance culture, and should have a clear description of duties and responsibilities.

Board composition: Composition of the board and its committees by (i)Executive or non-executive, (ii) Independence, (iii) Tenure on the governance body, (iv) Number of each individual’s other significant positions and commitments, and the nature of the commitments, (v) Gender, (vi) Membership of under-represented social groups, (vii) Competences relating to economic, environmental and social impacts, (viii) Stakeholder representation.

Board ESG oversight: The highest committee or position that formally reviews and approves the organization’s sustainability report and ensures that all material topics are covered.

Board-level issues: Governance issues that should be recognized at board-level by the entity.

Bribery: The offering, giving, receiving or soliciting an item of value to influence the actions of an official or other person in charge of a public or legal fiduciary duty.

Compensation committee structure/independence: Compensation decisions are central to the governance of many entities. Compensation committees or analogous organizations are established to govern employee compensation and ensure employee remuneration decisions are made in a fair, consistent and independent manner. An independent compensation committee may be one indicator of effective governance.

Conflicts of interest: Situations where an individual is confronted with choosing between the requirements of his or her function and his or her own private interests.

Corruption: Abuse of entrusted power for private gain.

Cybersecurity: The protection of internet-connected systems, including hardware, software and data, from any unauthorised use or access. Malicious attacks in particular can pose a significant threat to infrastructure assets.

Data protection and privacy: Customer privacy includes matters such as the protection of data; the use of information or data for their original intended purpose only, unless specifically agreed otherwise; the obligation to observe confidentiality; and the protection of information or data from misuse or theft.

Delegating authority: The process for delegating authority for economic, environmental, and social topics from the highest governance.

Executive compensation: The financial and non-financial compensation of executives, in a manner that motivates executives to perform their roles in alignment with the entities objectives and risk tolerance.

Fraud: Wrongful deception intended to result in financial or personal gain.

Independence of Board chair: A non-executive member of the board who does not have any management responsibilities within the organization and is not under any other undue influence, internal or external, political or ownership, that would impede the board member’s exercise of objective judgment.

Lobbying activities: Any activity carried out to influence a government or institution’s policies and decisions in favor of a specific cause or outcome.

Operational issues: Governance issues that should be recognized on operational-level by the entity.

Political contributions: Disclosure of and guidelines for political contributions, such as the amounts and recipients of all monetary and non-monetary contributions made by an organization, which include political contributions made through third parties.

Risk assessment: Careful examination of the factors that could potentially adversely impact the value or longevity of an infrastructure asset. The results of the assessment assist in identifying measures that have to be implemented in order to prevent and mitigate the risks.

Shareholder rights: Assessing the potential risk of breaking or working against the entity’s contractual shareholder rights. Shareholder rights are defined in the company’s charter and bylaws.

Whistle-blower mechanism: A process that offers protection for individuals that want to reveal illegal, unethical or dangerous practices. An efficient whistle-blower mechanism prescribes clear procedures and channels to facilitate the reporting of wrongdoing and corruption, defines the protected disclosures, outlines the remedies and sanctions for retaliation.

References

DJSI CSA 2019 - 3.3.3 Emerging Risks

DJSI CSA 2019 - 3.3.4 Risk Culture

GRI Standards 2016 - 102-29: Identifying and managing economic, environmental and social impacts

© Copyright 2020 GBCI. All Rights Reserved.

 

Comments

0 comments

Please sign in to leave a comment.