Before launching or enhancing your ESG or sustainability program, creating the right team to lead your efforts is essential. But who should own ESG in your organization — and what does “good” ESG governance and strategy look like?
Read on for a breakdown of the key ESG roles and responsibilities with a sample org chart, and download AuditBoard’s full Sustainability and ESG Guide for actionable solutions to build a resilient and effective ESG program.
Sustainability Is a Team Sport
Nobody “owns” ESG today, since responsibility for ESG spans the entire enterprise and no individual can make ESG happen on their own.
While the ESG steering committee can help develop a vision and strategy, only a cross-functional team can deliver it. The necessary distribution of responsibilities means there is no one-size-fits-all approach to ESG program management. Further, given the cross-functional nature of ESG program management, contributors from different areas of the business — all with their own domain experience — are now required to collaborate more than ever.
The Evolving ESG Program Manager and ESG Controller Roles
The job functions of the ESG Program Manager and ESG Controller are quickly developing into distinct buckets of work that appear to align with how The IIA describes the second line. Many people performing these roles have different titles and “official” functions, even as ESG program management and controllership have become integral to their work.
In our experience, ESG Program Managers often have backgrounds in internal audit, risk, rating agencies, academia, or sustainability. ESG Controllers may have a background that combines financial oversight, deep understanding of ESG metrics, and experience with both the operational and financial aspects of reporting efforts. Though job descriptions evolve and mature daily, primary responsibilities for these two roles include:
- ESG Program Manager: Owns ESG data collection/verification, stakeholder engagement, framework mapping, and report writing. Creates policies, processes, and tools and manages issues. Helps shape ESG initiatives and strategy, advise on risks/issues, and train others.
- ESG Controller: Owns data verification and integrated reporting of financial and nonfinancial information as mandated by ESG disclosure requirements.
With the ESG steering committee, program manager, and controller leading the way, the following is an example of how other business groups may fit into an ESG program. While the breakdown of roles and responsibilities will vary based on resource availability, industry-specific requirements, and the materiality of different ESG factors, this table echoes common practices we see.
ESG Governance and Oversight
- Board: Provides oversight of ESG governance, risk management, reporting, and integration with corporate strategy and operations.
- Executive Leadership: Develops/oversees implementation of ESG strategy and risk management, ideally integrating with overall business strategy. Benchmarks against peers and sets targets.
ESG Assurance
- Internal Audit: Acts as an objective third line in ensuring audit-ready ESG data, relying on guidance (e.g., Finance, Compliance/Ethics) to ensure coverage against frameworks/requirements. Also helps identify risks and improve reporting.
- External Audit: Third party engaged to provide limited or reasonable assurance on ESG data metrics.
ESG Reporting and Communications
- ESG Controller: Owns data verification and integrated reporting of financial and nonfinancial information as mandated by ESG disclosure requirements.
- Legal or General Counsel: Advises on understanding/mitigating ESG risks (e.g., compliance, reputational damage, fair labor, “greenwashing”), developing policies on ethical business practices, and setting goals.
- ESG Program Manager: Gathers key metric data, leads internal reporting and framework reporting efforts, and contributes to annual sustainability reporting.
- Marketing: Owns ESG press releases, report design and publication, and marketing efforts around ESG reporting, commitments, goals, and progress.
- Investor Relations: Owns ESG communications with existing and potential investors. Also helps assess materiality.
ESG Performance
- Procurement or Supply Chain: Assesses ESG compliance/data across the entire supply chain and implements initiatives (e.g., GHG goals/progress, fair labor, waste reduction, responsible/resilient sourcing).
- Operations: Responsible for implementing the operational changes required to achieve ESG targets, identifying gaps in aligning with ESG priorities, and helping to manage third-party ESG risk.
ESG Risk Management
- Risk Management: Ensures that ESG is integral to and aligned with overall risk management. Identifies, assesses, and monitors ESG risk, including materiality and priority. Helps to build an ESG-aware culture.
- Corporate Compliance and Ethics: Owns governance/oversight of ESG policies and procedures, mapping to frameworks, risk monitoring/mitigation, regulatory compliance, monitoring stakeholder expectations, etc.
ESG Program Management
- Sustainability or ESG team (if present): Leads strategy development, coordinates execution and communication, and ensures visibility/prioritization of ESG at C-Suite level. Makes recommendations to C-Suite and board and acts as SMEs in developing impactful strategies.
- ESG Program Manager: Helps shape ESG initiatives and strategy, advise on risks/issues, and train others.
The future of more responsible sustainability and ESG reporting starts with informed and proactive steps today. For more insight on navigating the challenges of new and upcoming ESG disclosures, AuditBoard’s Sustainability and ESG Guide provides actionable solutions to ensure a resilient and effective ESG program. Seize the opportunity to stay ahead — download the full guide to uncover essential tips and best practices for shaping your ESG strategy.
