Neglecting Environmental, Social and Governance (ESG) principles in IT Asset Disposal (ITAD) can have disastrous consequences, including significant financial losses, legal troubles and reputational damage, says Xperien CEO, Wale Arewa.
Gartner Inc. highlights that strong governance in ITAD is crucial for risk mitigation and regulatory compliance.
Addressing these challenges is vital for preserving the integrity and sustainability of ITAD operations. When considering ESG, attention often focusses on environmental stewardship and social responsibility.
However, let's delve into some frequently overlooked daily challenges that emphasise the critical role of Governance in ITAD.
Regulatory Compliance Versus Accreditation
The ITAD industry is just a decade old and has even younger professional bodies. As a result, clients may not know which accreditations to look for when choosing a service provider. This often leads management to prioritise cost-saving over data security and reputation protection, not recognising that reputational damage can be catastrophic.
While management may seek statements of compliance with data protection and environmental laws, accreditation verifies that service providers have been audited for these requirements.
For example, a service provider might claim compliance with POPIA and GDPR rather than holding an R2v3 accreditation. Good governance ensures clients understand the difference, preventing incidents like Morgan Stanley's, which faced a USD$60-million class-action fine after selecting an unaccredited ITAD service provider to save USD$100 000.
Budgeting Versus Apathy at End-of-Life Disposal
ITAD, as the final sector in the IT management life cycle, has often been overlooked until data and environmental laws mandated its existence. Historically, IT assets were auctioned, stored, sent to scrap dealers, or landfilled — posing risks to both data security and the environment.
These traditional methods required minimal resources and compliance. Today, some executives remain disconnected from the need to manage ITAD properly or budget for professional services, leading to poor decision-making and the use of unaccredited service providers.
Residual Value Versus Misappropriation
Cost recovery is often the sole criterion for ITAD, usually at the expense of data security. However, governance in ITAD processes should involve executives developing an ITAD/ITAM policy that balances residual value and data security. Without a clear policy, improper data disposal and misappropriation of residual value can occur.
Companies lacking asset disposal policies encourage poor accountability, allowing IT assets with substantial residual values to be misappropriated. This creates a dangerous scenario where management prioritises personal benefits over data security.
Disposal Versus Impact Report
While disposing of obsolete or faulty equipment and destroying personal or proprietary information is essential, ITAD projects include several additional tasks, impacting sustainability that should be incorporated into company-wide impact reporting.
These tasks can encompass:
- inventory management to close the loop on company assets
- secure logistics to ensure a chain of custody for data
- corporate social responsibility
- the recovery of residual value to help reduce costs, and
- monitoring scope one, two and three carbon sequestration for disposed IT assets.
In conclusion, governance is a critical pillar in ITAD, ensuring that environmental and social responsibilities are met with equal rigor. Proper governance not only mitigates risks but also enhances the credibility and sustainability of ITAD practices.
It ensures that executives establish ITAD policies that promote sustainable disposal practices and reporting in compliance with SDG 16 (strengthening institutions).
For more information, visit www.xperien.co.za. You can also follow Xperien on LinkedIn or on Instagram.
*Image courtesy of contributor