GIF Metric

Hence, the GIF Metric is the third component of the GIF Framework.

“Risk” significantly means “effect of uncertainty on objectives”. A risk is “a combination of the consequences of an event and the associated likelihood of occurrence” (ISO 31000).

Risk = likelihood x consequence

Unlike a traditional “compliance-non-compliance” binary metric, the GIF Metric adopts a quantitative approach typical of risk assessment. In other words, the GIF Metric does not follow traditional single choice (Yes/No/NA). Rather it adopts a scoring oriented methodology aiming to represent the exposure level to risks in each Area.

GIF Metric and risk matrix

“Area” scoring

For the purpose of the overall risk evaluation, the metric firstly requires the calculation of the “Score per area”. Basically, the score takes into consideration the assessment points of the Framework. In detail, the scoring scale is a multiple of 5 within a range from 0 to 100.

Hence the GIF Metric follows this logic:

  1. Governance and Management System Area: “the higher the score, the better the Governance and Management System prevent ESG risks and then, the lower the risk”.
  2. Risk-oriented Areas: “the higher the score, the lower the risk exposure level”.
Grade Criterion “Governance & Management System” Criteria Social /Safety/ Environment/Business Ethics

80-100

Very Good

  • Complete evidence of planning based on Stakeholders’ needs with a clear rational covering all social responsibility aspects and exceeding applicable legal requirements
  • Implementation managed through structured and integrated processes
  • Complete evidence of regular review and structured improvement process
  • Learning and innovation drive the improvement actions definitions

Very Low

  • “Core Areas”: very low exposure
  • “Non-Core Areas”: very low exposure

60-75

Good

  • Clear evidence of planning based on Stakeholders’ needs with a rational covering all social responsibility aspects and exceeding applicable legal requirements
  • Implementation managed through defined processes
  • Evidence of a regular review and improvement processes
  • Some learning and innovation activities support the improvement actions definitions

Low

  • “Core Areas” : low exposure
  • “Non-Core areas”: some exposure

40-55

Acceptable

  • Evidence of a planning based on Stakehoders’ needs with a rational covering all social responsibility aspects and exceeding applicable legal requirements
  • Implementation defined through established processes
  • Few learning and innovation activities support the improvement actions definitions

Acceptable

  • “Core Areas”: acceptable exposure
  • “Non-Core Areas”: moderate exposure

20-35

Poor

  • Some evidence of planning based on Stakeholders’ needs partially covering the social responsibility aspects in compliance with applicable legal requirements
  • Some evidence of implementation managed through processes
  • Sporadic evidence of review and improvement processes
  • Sporadic evidence of learning and innovation activities to support the improvement

High

  • “Core Areas”: high exposure
  • “Non-Core Areas”: high exposure

0-15

Very Poor

  • Poor evidence of planning based on Stakeholders’ needs partially covering the social responsibility aspect
  • Poor evidence of compliance with applicable legal requirements
  • Implementation not managed through defined processes
  • No evidence or sporadic evidence of review and improvement
  • No evidence of learning and innovation activities to support the improvement actions definitions

Very high

  • “Core Areas”: extreme exposure
  • “Non-Core” Areas: extreme exposure

“Topic’s scoring”

Secondly, the metric consists of the calculation of the “Score per topic”. For this purpose this score is the average of the scores assigned to those areas included in the Topic.

“Criterion’s scoring”

Thirdly, the score per Criterion (Governance and Management System, Social, Safety, Environment and Business Ethics) is the average of the scores assigned to each Topic of the Criterion.

“Overall” scoring

In conclusion, the Overall Score is the average of the scores per Aspect and represents the total exposure level of the Organization to ESG risks.

The overall Score reflects both the extent to which the Organization implements the social responsibility management system and the actual or potential exposure level to ESG risks that can result into present or future adverse impacts.

In brief, the GIF hyerarchy of ESG risk exposure consists of 5 grades. The lowest score corresponds to a very high exposure level, while the highest score corresponds to a very low exposure level.

Rating Risk Level Description

80-100

Very Low

Organization exposed to very low ESG risks and capable of managing and monitoring them without exposing Stakeholders to unexpected costs or other adverse impacts. No specific risk oriented actions are needed but improvement actions will be beneficial.
60-79

Low

Organization exposed to low ESG risks and capable to manage them without exposing the Stakeholders to the most relevant unexpected costs and adverse impacts. Few risk reduction oriented actions are needed and there are few areas for improvement.
40-59

Acceptable

Organization exposed to acceptable ESG risks of adverse impacts in every “core area”. Few risk reduction oriented actions are needed and there are areas for improvement.
20-39

High

Organization exposed to high ESG risks related to one or more “core areas” that can result into high costs or adverse impacts on the Stakeholders. Robust improvement and risk reduction oriented actions must be planned and implemented to reduce the risk exposure level.
0-19

Very High

Organization exposed to very high ESG risks in “core” and “non-core” areas. A governance and management system for social responsibility review is required. Robust improvement and risk reduction oriented actions are needed.

Thresholds to pass Due Diligence

All things considered an organization positively pass the Due Diligence if the following criteria are met:

  • minimum overall score = 40
  • minimium score per “Governance & Management System” = 40
  • minimum score per “core area” = 40

On one hand the minimum score means the alignment wih the OECD Guidance for Due Diligence.

On the positive side the GIF Metric assigns the highest score to Organizations with “very low risks” in every area.

Therefore the highest score represents the alignment with both OECD Guidance and ISO 2600 recommendations.