Integrating corporate social responsibility ("CSR")
into compliance structures and processes can be critical to
ensuring a company's CSR commitments are communicated and acted
upon. Only then can a company reap the intended benefits of a
voluntary commitment, whether those benefits are legal,
reputational, or operational. Ideally, CSR should be integrated
into training, learning, report, and auditing vertically and
horizontally across a company.
It is a mistake... to confuse the
aspirational nature of many CSR commitments for unattainable goals,
and a mistake to believe that those commitments cannot be broken
down into concrete deliverables, procedures, and policies for use
in achieving compliance. In fact, it is the process of converting a
CSR standard into tangible goals with an aspirational context, and
the dialogue and broad thinking that this process requires, which
can be the driver of successful implementation of the
In order to integrate aspirational commitments into concrete
compliance targets, companies should establish what those
commitments will require on a daily basis for the various business
units and departments. In the article, I suggest that companies
review the following steps as part of this exercise:
Articulate the standard.
Articulate the company commitment.
Identify existing complementary commitments or standards that
may impact implementation.
Create a working group to identify operational goals.
Identify relationships (e.g., contractor, supplier, JV partner,
host government) potentially impacted by implementation of
Articulate operational goals for each commitment.
Identify sources of information regarding risks and sources of
Identify key implementation steps for each standard.
Identify training, reporting and auditing requirements.
Identify Key Performance Indicators ("KPIs") for each
standard (group by group as appropriate).
Ultimately, transforming aspirational commitments into concrete
performance goals is fundamental to achieving real improvements in
the company's operations and the impacts of those operations on
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Now that the Final Omnibus Rule under HIPAA, originally published on January 25, 2013, is in full force, covered entities (CEs) and their continuing business associates (BAs) should be examining their existing pre-Final Omnibus Rule HIPAA Business Associate Agreements (BAAs).
Earlier this month, the U.S. Supreme Court resolved the question of whether the whistleblower protection provisions of the Sarbanes-Oxley Act of 2002 protect employees of private contractors of publicly traded companies from retaliation for reporting potential fraud.