All Stewardship articles – Page 12
-
Engagement guide
Corporate disclosure on cyber security governance: assessment
12. Does the company conduct audits of information/cyber security policies and systems?
-
Engagement guide
Corporate disclosure on cyber security governance: board communication
6. Does the company communicate cyber risks to the board (and how, by whom and how often?) 7. Does the board receive detailed information about the company’s cyber/information security strategy (including what information it receives and how it assesses this information)?
-
Engagement guide
Corporate disclosure on cyber security governance: legal compliance
1. Does the company publicly commit to complying with relevant laws, including those related to cyber and data protection?
-
Engagement guide
Corporate disclosure on cyber security governance: conclusion and next steps
This report analysed data from 100 companies for observations on standards of corporate disclosure relating to cyber security practices. It presented overall findings across the data; results by each specific indicator; and different regional legislative and regulatory standards.
-
Engagement guide
Corporate disclosure on cyber security governance: key takeaways
While companies generally perceived cyber security as a key organisational risk, very few communicated that they have policies, governance structures and processes that were effective at tackling cyber threats.
-
Engagement guide
Corporate disclosure on cyber security governance: policy
2. Does the company publicly disclose a privacy and/or data protection policy? 3. Does the policy explicitly cover its entire operations, including third parties?
-
Engagement guide
Corporate disclosure on cyber security governance: skills and resources
8. Does the company disclose that it has a cyber or information security team and/or dedicated budget? 9. Does the company state that it works with relevant industry initiatives on cyber security and/or has access to internal or external expertise on cyber security? 10. Does the company actively seek cyber ...
-
Engagement guide
Corporate disclosure on cyber security governance: training
11. Does the company provide training on information/cyber security requirements to all employees?
-
Engagement guide
Corporate disclosure on cyber security governance: processes and procedures
13. Has the company established an incident management plan (including disaster recovery and business continuity)? 14. Has the company disclosed information or cyber security as a key part of its risk assessment/business continuity plan?
-
Engagement guide
Corporate disclosure on cyber security governance: overview of regulatory landscape
Standards of legislation relating to data protection and cyber security that companies are expected to adhere to vary widely by region. This section provides an overview of key legislation in force across the regions from which the company sample was drawn.
-
Engagement guideStepping up governance on cyber security
This report presents the research findings on companies’ cyber security disclosures that informed PRI’s collaborative engagement on the topic.
-
Engagement guide
How did companies in the human rights and extractives engagement assess human rights risk?
High-level trends Human rights risk assessment - identifying In 2015, two companies reported on human rights risk identification; this increased to 25 in 2017, making it one of the most improved areas. Almost all target companies have incorporated human rights considerations into their risk management processes and evaluated their ...
-
Engagement guide
How did companies in the human rights and extractives engagement monitor business relationships?
High-level trends Business relationships - selection Over half of the companies now report on the criteria used to select business relationships e.g. suppliers and security providers. While all categories have made progress on this indicator, companies in emerging markets have shown most improvement with almost half of them now ...
-
Engagement guide
How did companies in the human rights and extractives engagement show a commitment to human rights?
High-level trends All 32 companies publicly commit to respecting human rights. However, the level of commitment varies: a third has reached a very sophisticated level of commitment (standalone human rights policy/active participation in multi-stakeholder initiatives, etc.); a third has a clear and well-defined commitment but may not be as ...
-
Engagement guideEngaging with extractives companies: five key insights
Moving the laggards, the middle and the leaders Rooted in a risk-based approach, investors tend to focus on portfolio companies that have a poor human rights approach and performance. However, it was highlighted in engagement dialogues that investors should consult not only with laggards but also the ...
-
Engagement guide
How did companies in the human rights and extractives engagement respond to human rights incidents?
High-level trends Half of the companies evaluated now report on the way they respond to human rights allegations. While companies from developed markets have slightly progressed, companies from emerging countries have stalled – with the same 14% disclosing on this area as in 2015. What ...
-
Engagement guide
How did companies in the human rights and extractives engagement embed human rights into corporate practice?
High-level trends Governance and oversight Companies have made continuous progress in terms of governance and oversight – in particular there are now twice the number of companies from emerging markets and smaller sized companies that disclose how their board and senior management oversees the human rights policy and due ...
-
Engagement guideHow did companies in the human rights and extractives engagement engage stakeholders and tackle grievance mechanisms?
High-level trends Stakeholder engagement Just over half the companies reported on stakeholder engagement in 2015, while as of 2017 almost all of them do. Companies that already reported on this indicator have strengthened their level of disclosure and the overall quality of stakeholder engagement. Companies participating in multi-stakeholder ...
-
Engagement guide
Summary of PRI-coordinated engagement on human rights in the extractives sector
From 2015 – 2017, 51 PRI signatories representing USD $7.3 trillion in assets engaged with 32 companies in the extractives sector.
-
Engagement guide
Human rights and the extractives sector
There are different impacts on human rights along different phases of the value chain – exploration, operation and production – which are important to take into consideration when engaging.
