Chief Compliance and Ethics Officers Should Address Seven Questions When Considering a Human Rights Policy


By Dian Zhang, Research Senior Principal at Gartner

Growing environmental, social, and governance (ESG) expectations and expanding global laws are propelling organizations to consider whether they need a standalone human rights policy. Chief compliance and ethics officers have a critical role to play in making this decision and can take concrete steps to contribute to the company’s ESG endeavors.

Traditionally, companies put out a brief statement to declare their support for human rights or include such language in their codes of conduct. It’s still a common approach — 44 percent of legal and compliance leaders employ this practice, according to a Gartner poll in a September 2023 webinar.1 But this approach appears less sufficient today, as companies are under pressure to take a broader scope of actions to assess, avoid, and disclose risk in the human rights space.

Two Reasons Why a Standalone Policy May Be Necessary

A dedicated human rights policy can help organizations lay out comprehensive standards in response to increasing expectations from:

  1. ESG stakeholders. Seventy-two percent of business leaders report increased ESG commitment in the past 12 months.2Shareholder proposals and media reports continue to put human rights concerns within companies and their supply chains under public scrutiny. In particular, the existence of a stand-alone policy is among the positive factors that several ESG rating firms use when scoring a company’s ESG maturity, organizations told us.
  2. Global regulators. Under new laws such as the European Union’s Corporate Sustainability Reporting Directive and relevant European Sustainability Reporting Standards, subject companies must report social issues — including human rights — in their own workforce, value chain, affected communities, customers, and end users. Furthermore, existing laws such as the U.S. Uyghur Forced Labor Prevention Act and the U.K.’s Modern Slavery Act already come with specific mandates that apply to businesses operating in those jurisdictions.

Seven Questions to Determine the Need for a Human Rights Policy   

To help your organization decide whether it needs a human rights policy, gather details from relevant stakeholders to answer the following questions:

Evaluating Question Stakeholders to Provide Input
  1. Does a stand-alone human rights policy fit into our corporate strategy and ESG strategy?
  • Board
  • ESG or sustainability committee/working group
  • Corporate strategy


2. Does our industry, geography, and/or business model pose a high risk of human rights abuses in the value chain?
  • Enterprise risk
  • Legal and compliance
  • Supply chain
  • Procurement
  • Business units
3. Are our investors asking how we manage human rights issues? Are they inquiring about the existence of any related policies?
  • Investor relations
  • ESG or sustainability committee/working group


4. Are our customers and/or employees asking us to articulate our commitment in this space?
  • HR
  • Customer relations
  • Marketing
  • Communications
5. Do our suppliers and/or other third-party partners have questions about our expectations of them?
  • Supply chain
  • Procurement
  • Legal and compliance
  • Business units
6. Has an ESG evaluator asked us about the existence of a stand-alone policy?
  • Public relations
  • Investor relations
  • Communications
  • ESG or sustainability committee/working group
7. Are we subject to any regulations that require the existence of a stand-alone human rights policy?
  • Legal and compliance


Next, synthesize the feedback and use it to determine if your organization would be best served by implementing a standalone human rights policy.

Three Emerging Practices from Early Movers

The best human rights policies are clear, transparent, and enforceable – and include the three following practices:

  1. Feature Broader Topics and Supporting Documents

Effective human rights policies include workplace civility topics including anti-harassment, anti-discrimination, diversity and inclusion, safety, and anti-violence. Addressing labor standards is also important, which can include prohibitions on human trafficking, forced labor, unsafe or unsanitary work conditions, guidance on work hours, prohibitions on child labor, fair wage and overtime practices, and benefits standards.

These rules should apply both inside and outside of an organization, including employees, contractors, suppliers, third-party partners, and customers. Progressive organizations show how their policy works in tandem with relevant guidelines such as the codes of conduct and existing policies on anti-retaliation, workplace civility, and whistleblower protection. They also share supporting documents such as ESG reports or dedicated human rights disclosures and highlight company engagement and membership in relevant international groups and coalitions.

  1. Spell Out Industry-Specific Challenges

Companies should consider incorporating industry-specific issues. For example, a technology company may cover data protection practices that specify how it balances privacy protection with government surveillance activities. Organizations that work with indigenous communities may want to create a dedicated policy about global community relations and rights of indigenous peoples. For food and beverage companies, land rights and water resources may be another aspect of human rights to highlight, as it is critical to bringing their products to market.

  1. Share How to Uphold and Enforce the Policy

Leading companies are proactive in how they follow through on their human rights policies. These policies should detail the responsibilities of the board, CEO, ESG steering committee, and/or other internal ESG team related to maintain governance. Another way to show enforcement is to share the methods of supplier audits and their results. It is also paramount to implement a program designed to engage, assess, and audit suppliers.

Additional information is available to Gartner clients in the report Crafting or Revising a Human Rights Policy? Factors to Consider.


  1. Gartner Webinar Poll: Compliance 2030 — 10 Shifts to Modernize Your Program (14 September 2023), n = 109
  2. Gartner 2023 ESG Goal-Setting Survey, n = 206