How to Prepare
If your company will be impacted by California’s climate reporting laws, here are some steps you can take to get ready.
1. Conduct Your Gap Analysis
First, evaluate your organization’s existing sustainability reporting program, if one is in place. Your company may already be fulfilling some of the California laws’ requirements through voluntary disclosures or other mandatory reporting.
Take inventory of any climate-related disclosures, including any TCFD and emissions reporting. Additionally, determine if your company is already obtaining assurance over some or all of your emissions data or claims. If not, determine whether processes for assurance readiness are in place.
After establishing this baseline, identify the gaps in your data, processes, controls and reporting that you will need to address to comply with California’s requirements.
2. Design Your Roadmap
Next, formalize your plan to establish leadership, processes, controls and protocols to comply with California’s laws. This will likely require a team that represents business functions across your organization. Members of your team and their roles may include:
- Sustainability, Operations and/or Finance — Conduct greenhouse gas inventory assessments and collate required information for disclosure, including execution of controls to validate data. Also lead coordination with a third-party assurance provider.
- Internal Audit — Lead efforts toward assurance readiness. Evaluate controls and processes.
- Investor Relations and/or Communications — Manage disclosure drafting, publication and filing.
- Enterprise Risk Management — Integrate the climate risk assessment into broader risk management functions.
- Legal — Oversee compliance and legal risk exposure.
- IT — Implement the necessary software for emissions data collection.
3. Collect and Report Your Data
Finally, your company will be ready to execute your roadmap.
This step may include more work to define your emission sources or other relevant climate-related information, and it may require collecting additional data. It will also require the design and/or evaluation of internal data collection controls and processes around metrics. A flowchart and risk control matrix will be helpful in this effort.
Engagement with an independent third party to obtain assurance before reporting your disclosures will also be part of this step.