Neglecting Environmental, Social, and Governance (ESG) principles in ITAD can have disastrous consequences, including significant financial losses, legal troubles, and reputational damage. Gartner highlights that strong governance in ITAD is crucial for risk mitigation and regulatory compliance.
By Wale Arewa, CEO of Xperien
Addressing these challenges is vital for preserving the integrity and sustainability of ITAD operations. When considering ESG, attention often focuses on Environmental stewardship and social responsibility. However, let’s delve into some frequently overlooked daily challenges that emphasise the critical role of Governance in ITAD.
Regulatory compliance versus accreditation
The ITAD industry, just a decade old, has even younger professional bodies. As a result, clients may not know which accreditations to look for when choosing a service provider. This often leads management to prioritise cost-saving over data security and reputation protection.
Not recognising that reputational damage can be catastrophic. While management may seek statements of compliance with data protection and environmental laws, accreditation verifies that service providers have been audited for these requirements.
For example, a service provider might claim compliance with PoPI and GDPR rather than holding an R2v3 accreditation. Good governance ensures clients understand the difference, preventing incidents like Morgan Stanley’s, which faced a $60-million class-action fine after selecting an unaccredited ITAD service provider to save $100 000.
Budgeting versus apathy at end-of-life disposal
ITAD, as the final sector in the IT Management life cycle, has often been overlooked until data and environmental laws mandated its existence. Historically, IT assets were auctioned, stored, sent to scrap dealers, or landfilled, posing risks to both data security and the environment.
These traditional methods required minimal resources and compliance. Today, some executives remain disconnected from the need to manage ITAD properly or budget for professional services, leading to poor decision-making and the use of unaccredited service providers.
Residual value versus misappropriation
Cost recovery is often the sole criterion for ITAD, usually at the expense of data security. However, governance in ITAD processes should involve executives developing an ITAD/ITAM policy that balances residual value and data security. Without a clear policy, improper data disposal and misappropriation of residual value can occur.
Companies lacking asset disposal policies encourage poor accountability, allowing IT assets with substantial residual values to be misappropriated. This creates a dangerous scenario where management prioritises personal benefits over data security.
Disposal versus impact report
While disposing of obsolete or faulty equipment and destroying personal or proprietary information is essential, ITAD projects include several additional tasks impacting sustainability that should be incorporated into company-wide Impact Reporting.
These tasks can encompass Inventory Management to close the loop on company assets, Secure Logistics to ensure a chain of custody for data, corporate social responsibility, the recovery of residual value to help reduce costs, and monitoring Scope 1, 2, and 3 carbon sequestration for disposed IT assets.
In conclusion, governance is a critical pillar in ITAD, ensuring that environmental and social responsibilities are met with equal rigor. Proper governance not only mitigates risks but also enhances the credibility and sustainability of ITAD practices.
It ensures that executives establish ITAD policies that promote sustainable disposal practices and reporting in compliance with Sustainable Development Goal (SDG) 16: Strengthening institutions.