The Systems Approach to Social Responsibility Assessments

Intent

Has the Social Standard been addressed?

What to look for:

• Commitment statements, policies (e.g. Policy on Human Trafficking and Forced Labor, Child Labor Policy)

• Ways of assessing Social Responsibility Risks (e.g. Child Labor Risk Assessment)

• Relevant laws and customer requirements tracked

• Social Responsibility goals and performance targets set

Additional Guidance

Risk Assessment

Risks are the external and internal obstacles to conforming with requirements and making continual improvement. Examples include the company’s external operating environment (e.g. corruption, poverty, high dependency on migrant labour) as well as gaps in the business processes (e.g. ability to screen out underage workers or be sure labour recruiters are operating ethically.) A risk assessment will allow a company to prioritize the areas of the management system that need to be strengthened first.

Relevant laws and customer requirements tracked

It is important to have a process for keeping up to date on laws, regulations, and customer requirements, which will guide improvement planning.

For organizations hiring foreign migrant workers, they need to be up to date on both origin and destination countries’ laws.

Goals and performance targets set

The result of the risk assessment is one source of objectives for improvement, which should include specific, measurable targets so that progress in meeting the policy commitment can be tracked. Staff effectiveness in carrying out their responsibilities should be part of their performance evaluation.

Implementation

How well does the actual practice meet the standard?

What to look for:

• Management accountability and responsibility
• Capability building, training
• Communication program
• Controls placed to manage identified risks
• Supplier alignment

Additional guidance

Management accountability and responsibility

To make sure your procedures are carried out effectively, you will need to assign individual staff clear responsibility – and accountability – for implementation.

A senior manager should have formal accountability for achieving the company’s specific policy goal; individuals should be assigned responsibility for carrying out the specific procedures and tasks.

Capability building, training

Everyone in the organization should receive regular communication on the company’s labor policies, their rights, and responsibilities under the law and the Monterey Principles and standards. To make sure these individuals with implementation roles are effective, they need to be trained on how to do their jobs. A combination of orientation and technical skills training, along with refresher training may be required.

The organization’s suppliers should clearly understand these requirements, which should be among the terms and conditions in their contracts.

Controls placed to manage identified risks

Procedural and physical controls need to be put in place to effectively manage risks and implement each of the organization’s policies. These procedures must include ways to avoid or eliminate the risks the organization has identified in their risk assessment.

For example: age verification procedures to manage child labor risks and recruitment fees policy and procedures for verification to manage risks of excessive recruitment fees.

Effectiveness

Does the practice deliver the intended results?

What to look for:

• Worker feedback mechanism; verification procedures
• Internal audits
• Labor agency monitoring
• Continuous monitoring program
• Corrective Action and Remediation Program (CARP)
• Management review

Worker feedback mechanism; verification procedures

A primary source of information on the effectiveness of the organization’s HR policies, processes, and procedures is through worker communication channels. An organization will need to analyze both grievances received as well as data from anonymous surveys on particular issue areas.

Internal audits

Checking is how an organization makes sure that processes and procedures are effective and control risks. The primary methods are continuous monitoring including incident investigations, and routine self-assessments and internal audits.

An organization needs to have a program to govern how these internal audits will be conducted (how often, who does it, what kind of training do these internal auditors need, what audit tools to be used).

Continuous monitoring program

It is important to use KPIs in assessing the effectiveness of your processes or risk controls based on the measurable targets you have set.

Corrective Action and Remediation Program (CARP)

When an organization’s monitoring identifies an actual or potential uncontrolled risk, they will need to evaluate how and why it occurred, with the objective of identifying the root cause(s).

The task then is to determine the appropriate corrective and preventive actions that will address the immediate issue and prevent a recurrence.

Corrective and preventive actions should be assigned to specific owners to be completed within a designated timeframe.

Management Review

In addition to being accountable for the achievement of the Organization’s policy commitments, senior management is also responsible for leading a regular review of the effectiveness and suitability of the entire management system. The results of the Management Review (minutes, action items, etc.) should serve as the basis for the next year’s “Plan” cycle.