Applying Key Governance Tools and Frameworks
Organizations of all sizes and from all sectors are experiencing growing pressure to demonstrate how they manage sustainability risks and opportunities and report them publicly.
The focus of this paper is to show how integrated thinking and reporting, effective internal control, enterprise risk management (ERM), and independent assurance provided by internal audit functions align to help organizations achieve their objectives and meet stakeholder expectations. It is critical to long-term value creation to apply ERM broadly, including to environmental, social, and governance (ESG)-related risks, to understand their impacts and interdependencies throughout the value creation process, and to embrace the value of independent assurance.
The paper's objectives are to:
- Increase understanding and awareness of integrated thinking and reporting.
- Demonstrate parallels among the COSO frameworks (Internal Control and ERM), The Institute of Internal Auditors' (IIA's) Three Lines Model, and the International Integrated Reporting Framework, in terms of:
- Informing the content, preparation, and presentation of an integrated report.
- Reinforcing the role internal audit plays in ensuring the integrity of information underpinning integrated thinking and reporting by providing independent assurance over that information.
- Helping organizations embed integrated thinking into their approach to ERM.