The Role of IT in the ESRS Framework: Addressing E, S, and G in CSR

Written By Irma Bazelyte

In the last few articles I have focused on the connection between the IT and the CSRD reporting. Today, I want to look slightly closer into how IT links with the backbone of CSRD: Environment, Social and Governance aspects.


When people think about sustainability, they often picture wind turbines, electric cars, and recycling bins overflowing with paper. But there’s one major sustainability factor that often gets overlooked: IT. As businesses work to comply with the European Sustainability Reporting Standards (ESRS) under the Corporate Sustainability Reporting Directive (CSRD), they must assess Environmental (E), Social (S), and Governance (G) impacts. And IT plays a bigger role in all three.

Despite its enormous influence on sustainability, IT can often remain in the background of corporate reporting. It’s time to change that. Here I explore how IT fits into the ESRS framework and offers practical steps companies can take to integrate IT into their sustainability strategies.

E – Environmental: The Carbon Footprint of IT and How to Reduce It

The Energy Demands of IT

IT is one of the biggest, yet least discussed, energy consumers in modern business. From data centers running 24/7 to countless company laptops and cloud services, IT significantly contributes to a company’s environmental footprint. Here’s why:

  • Data centers account for approximately 1-2% of global electricity use and produce substantial greenhouse gas (GHG) emissions.

  • E-waste is growing at an alarming rate, with over 50 million metric tons generated each year—much of it improperly recycled.

  • Cloud computing and AI demand huge resources, requiring high-powered servers and cooling systems that consume massive amounts of electricity.

What Can Companies Do?

To align IT with ESRS environmental goals, companies should:

  • Measure and report IT-related emissions: Track energy consumption in offices, data centers, and cloud services under Scope 1, 2, and 3 emissions.

  • Use energy-efficient IT solutions: Upgrade to low-energy servers, implement virtualization to optimize server use, and use real-time energy monitoring and management tools.

  • Switch to renewable-powered data centers: Many cloud providers now offer options powered by wind, solar, or hydroelectric energy.

  • Reduce e-waste: Extend the life of company devices, promote reparability, and participate in IT equipment take-back programs.

S – Social: IT’s Impact on Employees and Society

Technology’s Role in Workplace Wellbeing and Ethics

IT is more than just hardware and software—it affects how employees work and interact. Under ESRS’s social pillar, companies must evaluate IT in terms of human rights, accessibility, and ethical technology use. Key areas include:

  • Cybersecurity and data privacy: Is personal data protected against breaches and misuse?

  • Fair AI and automation: Are algorithms used in hiring and decision-making free from bias?

Best Practices for Responsible IT in the Workplace

  • Implement strong cybersecurity policies: Data breaches can erode customer trust and damage reputations. Companies must ensure IT systems follow best security practices.

  • Make digital tools accessible: Websites, internal systems, and software should follow recognized accessibility standards (e.g., WCAG) to ensure inclusivity.

  • Commit to ethical IT sourcing: Companies should work with suppliers that adhere to fair labor practices and avoid unethical manufacturing processes.

G – Governance: Strengthening IT Risk Management and Compliance

IT Governance and Regulatory Challenges

Governance is where IT really shows its critical role in corporate responsibility. Companies must manage IT-related risks, ensure compliance, and maintain transparency. Some of the biggest governance challenges include:

  • Regulatory non-compliance: Failing to meet data protection standards like GDPR, NIS2, and DORA can lead to hefty fines and reputational damage.

  • IT security risks: Weak cybersecurity practices make businesses vulnerable to ransomware, hacks, and system failures.

  • Lack of transparency in AI use: Automated decision-making, especially in hiring or financial services, must be clear and free from bias.

  • Third-party IT risks: Companies must assess the security and sustainability of their IT vendors and cloud providers.

Steps to Improve IT Governance

  • Implement a strong IT risk management framework: Identify, assess, and mitigate risks related to IT security, infrastructure, and regulatory compliance.

  • Strengthen vendor oversight: IT supply chain security and sustainability should be key factors when selecting external IT providers.

  • Develop IT sustainability policies: Set clear guidelines on energy efficiency, data security, and ethical IT practices.

Final Thoughts: IT Must Be Part of the CSRD Conversation

As companies move toward greater sustainability, IT can no longer be ignored. It plays a critical role in:

  • Reducing environmental impact through energy-efficient practices and sustainable hardware use.

  • Ensuring ethical, inclusive, and secure digital practices in the workplace.

  • Strengthening governance by improving IT risk management and compliance with global standards.

Businesses that fail to include IT in their sustainability reports are missing a crucial piece of the puzzle. As regulations tighten and investors push for transparency, companies that integrate IT into their ESRS disclosures will be better positioned for long-term resilience and success.

Irma Bazelyte
Previous

Power Hungry: Addressing IT Systems’ Energy Consumption
Next

How Circular IT Practices Boost ROI