Disclosure LibraryPractitioner guidance for every reporting disclosure
GRI 2: General Disclosures · Universal Standard
Disclosure GRI 2-23

Policy commitments

Practical guidance for preparing this disclosure. Use this card to identify datapoints, verify claims and organise supporting evidence. For exact requirements, always refer to the official GRI source.

Dr Ross Kurinko, GRI Certified Trainer
Reviewed by Dr Ross Kurinko · GRI Certified Trainer LRA educational guidance · Not issued or endorsed by GRI
Disclosure focus

This disclosure asks an organisation to explain the policy commitments that guide how it manages its material impacts, risks and opportunities. In practice, that means setting out the key policies it relies on, what they are intended to achieve, and how they connect to the organisation’s sustainability approach rather than just listing documents by name.

The practical focus is on whether those commitments are real and usable across the organisation. Reporters should make clear where the policies apply, whether they cover the whole organisation or only certain parts of it, and how they are communicated and embedded in day-to-day decision-making. If coverage is uneven, that should be clear too.

* This LRA educational guidance supports disclosure preparation. For the exact requirements, always refer to the official GRI source.

Before you start

A quick mental checklist before you prepare this disclosure — tick each as you settle it.

Preparation
Key datapoints to prepare
DatapointWhat to captureEvidence hintOwner
Responsible business policy basisSummarise the organisation’s commitments on responsible business conduct and name the intergovernmental instruments those commitments draw on.Approved policy text, policy register, or governance paper showing the referenced instruments.Sustainability / Legal / Policy
Due diligence commitmentState whether the responsible business policy says the organisation will carry out due diligence.Policy wording, board-approved policy summary, or internal policy matrix.Sustainability / Legal / Risk
Precautionary approachState whether the responsible business policy says the organisation will use a precautionary approach when making decisions.Policy document, board paper, or compliance review noting the relevant clause.Sustainability / Legal / Risk
Human rights commitmentState whether the responsible business policy explicitly includes respect for human rights.Policy text and any approved summary used for reporting.Sustainability / Legal / HR
Human rights scopeList the human rights standards or rights areas the organisation says its human rights commitment covers.Human rights policy, supplier code, or policy annex that names the covered rights.Sustainability / Legal / Human Rights
Priority stakeholder groupsCapture which stakeholder groups the organisation says it pays special attention to, including any at-risk or vulnerable groups.Human rights policy, stakeholder policy, or impact assessment that names the groups.Sustainability / Human Rights / DEI
Public policy linksRecord the web links to the policy commitments where they are publicly available.Published policy webpage, PDF URL, or intranet-to-public publication record.Communications / Sustainability / Web
No public access reasonExplain why the policy commitments are not publicly available if no public link can be provided.Internal approval note, confidentiality rationale, or legal restriction record.Legal / Sustainability / Communications
Approval levelState which internal level approved each policy commitment and whether that was the highest decision-making level.Board minutes, committee minutes, approval memo, or delegated authority record.Governance / Company Secretariat / Legal
Policy reachDescribe how far each policy commitment applies across the organisation’s own activities and its external business relationships.Policy scope statement, supplier standards, and any group-wide applicability note.Sustainability / Procurement / Legal
Policy communicationDescribe how the organisation shares the policy commitments with workers, business partners, and other relevant parties.Induction materials, supplier communications, intranet posts, training records, or policy distribution logs.HR / Procurement / Communications
Show GRI 2-23 sub-elements (LRA working checklist)
  • Set out how the policy is shared with employees, suppliers, and other relevant parties.
  • State the responsible-business commitments and name the intergovernmental instruments they draw on.
  • State whether the commitments include using a precautionary approach.
  • State whether the commitments include carrying out due diligence.
  • State whether the commitments include respect for human rights.
  • Set out the organisation’s human-rights commitment, including which stakeholder groups it pays special attention to, such as at-risk or vulnerable people.
  • Set out which internationally recognised human rights are covered by the human-rights commitment.
  • If the policy commitments are not public, explain why they are not available.
  • If the policy commitments are public, provide the relevant links.
  • Explain how far the commitments apply across the organisation’s own operations and its business relationships.
  • State where each commitment was approved in the organisation, and whether that was the most senior approval level.

LRA working checklist - paraphrased; see official source

How to prepare
  1. Set the reporting boundary first: decide which policy statements you will include, and make sure you cover every required topic — the business conduct commitments, the human-rights commitment, the named international references, due diligence, precautionary thinking, and the human-rights coverage details.
  2. Define what each item means in your own filing: separate the general conduct commitments from the specific human-rights promise, then map the human-rights promise to the rights it covers and the groups it is meant to protect, including any people who need extra attention because they may be at greater risk.
  3. Gather the source material that proves the content: use the approved policy text, board or committee papers, policy registers, intranet or public web pages, and any internal guidance that shows whether the commitments mention the required instruments, due diligence, precautionary approach, and respect for rights.
  4. Assemble the disclosure in the order the data points need: state the commitments, note whether the human-rights promise is specific and what it covers, add the public link where available or the reason it is not public, identify who approved each commitment and how senior that approval was, explain how far the commitments reach across your own operations and wider business ties, and describe how you share them with staff, partners, and other relevant groups.
  5. Record any gaps, exceptions, or changes clearly: if a commitment is not public, explain why; if wording, coverage, approval level, or communication method has changed since the last report, note what changed and when; keep the explanation tied to the actual policy evidence you hold.
  6. Check the final draft against the source documents line by line: confirm that every required point is answered, the wording matches the underlying policy position, the links work, the approval level is accurate, and the scope, coverage, and communication statements are consistent with the official records.
Want to do this on a real report? Practise GRI social disclosures live with Dr. Kurinko — GRI Standards Certified Training. Explore →
Request the policy pack and approval trail

Translate the disclosure into an internal business question — then adapt it to your organisation's own language.

What policy statements do we have on responsible business conduct, who approved them, how far do they apply, and how are they shared internally and externally?

Use your organisation’s own policy names and governance terms first, then map them to the reporting disclosure. Avoid asking in framework language unless that is already how your team talks.

Weak request

Please provide the GRI 2-23 policy commitments disclosure, including all required elements and the approval hierarchy.

Why it fails: This uses framework wording that many internal owners will not recognise, and it does not tell them which documents, systems, or practical details to pull together. It also risks a partial answer because it does not separate policy content, approval, scope, publication status, and communication methods.
Better request

Please send the current policy statements that cover responsible business conduct, plus the approval trail and how they are shared. For each one, include the policy name, what it covers, whether it mentions due diligence, precautionary approach, and human rights, which human rights topics and stakeholder groups it focuses on, who approved it, whether that was the top decision-making level, whether it is public, the link if it is, and how it is communicated to staff and external partners. Use your own policy names and internal terms, and we will map them for reporting.

Formal email template
Subject: Request for policy documents and approval details for reporting

Hi [name/team],

We are preparing the sustainability report and need a short evidence pack on the organisation’s policy statements about responsible business conduct.

Please send, for each relevant policy or statement:
- the document name and current version
- the date it was approved and by whom
- whether it is published externally, and if so the link
- if it is not published, the reason it is kept internal
- the parts of the business and business relationships it covers
- how it is shared with workers, business partners, and other relevant groups
- any note on whether the approval sat with the most senior decision-making level

Please also confirm the wording used internally for these policies so we can map it correctly in the report.

A simple table is fine. Please include the source file or link for each item, and check the official source before sign-off.

Thanks,
[preparer name]
Short Teams / Slack version
Hi [name/team] — could you share the policy pack for the report? We need the current policy names, approval date/approver, whether each one is public or internal-only, what it covers, and how it’s shared with staff and external partners. A table with links/source files is fine. Please use your own policy names and terms, and we’ll map them for reporting. Thanks, [preparer name]
Industry examples
Manufacturing

Context. A group with factories, contractors, and a supplier code managed by Legal and Procurement.

Adapted request. Please share the current code of conduct, supplier standards, and human rights statement, plus the approval record for each. We need to know what each document covers, whether it mentions due diligence or a precautionary approach, which human rights topics and at-risk groups it focuses on, whether it applies to our sites and suppliers, whether it is public, and how it is communicated to employees, contractors, and suppliers.

Example response. Attached table lists three documents: Code of Conduct, Supplier Standards, and Human Rights Statement. The Code and Human Rights Statement were approved by the board; Supplier Standards were approved by the executive committee. All three are public except the supplier onboarding guide, which is internal only because it contains commercial terms. Communication includes induction, annual refresher training, supplier onboarding packs, and the policy portal.

Financial services

Context. A regulated firm with a conduct policy, supplier policy, and public website policy library managed by Legal / Compliance.

Adapted request. Please provide the current conduct and human rights-related policy statements, the approval route for each, and the public links. We also need confirmation of whether they apply to the firm only or also to suppliers and other third parties, and how they are communicated to colleagues and external partners.

Example response. The policy library includes a public Responsible Business Policy and an internal Third-Party Standards document. The Responsible Business Policy was approved by the board and is published on the website. The Third-Party Standards were approved by the risk committee and are internal only because they contain control details. Both are communicated through the intranet, onboarding, annual attestations, and supplier due diligence packs.

The full request pack — response form, data table, evidence metadata and sign-off — is in the Download Centre.

Draft your disclosure

LRA training templates — adapt them to your organisation, and check the official source before sign-off.

Method note

This disclosure can be built by listing each policy commitment, noting the external principles it refers to, and recording whether it includes due diligence, a precautionary approach, and respect for human rights, together with the approval level, scope of application, communication methods, and any public link or reason for non-public status.

Context note

Taken together, the data show how the organisation frames responsible business conduct in policy, how formally those commitments are authorised, how widely they apply, and how the organisation makes them known to people inside and outside the business.

Fluctuation statement

If the picture changes from one period to the next, explain whether that is because policies were updated, approval moved to a different level, coverage was broadened or narrowed, links were added or removed, or communication practices changed.

Content index entry

GRI 2-23 Policy commitments — [location / page] / [notes]

Assurance readiness
For each claim, check the evidence
ClaimRiskEvidence to check
The information reported for this disclosure reconciles to the underlying source records.What is reported cannot be traced back to the systems or documents it was drawn from, or does not tie out to them.calculation_workbook reconciling the reported value to source_system_export
The information reported for this disclosure is current as at the reporting date.The disclosure reflects a different period, a cut-off before the reporting date, or stale data carried over from a prior period.approval_record showing the data cut-off date and the period covered
The scope behind the information reported for this disclosure is applied consistently.Parts of the organisation are silently in or out of scope, or the scope differs from the prior period without that change being explained.methodology defining the scope and a site_register of what it covers
Everything in scope is included in the information reported for this disclosure — nothing material is left out.Parts of the population that should be reported are omitted, understating or overstating the disclosure.site_register of the full population vs the calculation_workbook of what was actually included
Evidence pack to prepare
  • The governing policy or written commitment behind this disclosure
  • A methodology / definition note setting out how the disclosure was scoped and prepared
  • Source-system exports the figures or facts were drawn from
  • The internal approval / sign-off record for the disclosure before publication
  • Minutes or records evidencing the relevant engagement or consultation
Common reporting gaps
  • The information is presented without a date or as-at point.
  • The scope or boundary of the statement is left undefined.
  • Key terms are used inconsistently across the report.
  • Material changes since the previous period are not disclosed.
  • Assertions are made without supporting detail or a source record.
  • Boilerplate is used that does not actually answer what is asked.
Examples
Illustrative examples

Synthetic, written by LRA — not from a company report, not text from any standard.

Consumer goods manufacturing · synthetic · written by LRA

We have set out our responsible-conduct policy in a public code that points to the recognised human-rights due-diligence expectations, the recognised responsible-business guidance, and the ILO core labour standards; it also says we carry out due diligence, apply a precaution-first approach where impacts are uncertain, and respect human rights across our operations and value chain. Our human-rights commitment covers civil, political, economic, social and cultural rights, with extra attention to migrant workers, women in lower-paid roles, young workers, and people with disabilities.
- The code was approved by the board, which is the most senior approval level for this set of commitments, and it applies to our own sites as well as suppliers, contractors and other business links.
- The policy pack is available on our website at synthetic example links: https://example.com/policy-code, https://example.com/human-rights-policy; we share it through induction, annual refresher training, supplier onboarding, contract clauses, and internal notices to relevant teams and managers.

Synthetic illustration only: this example shows how a reporter might describe the policy basis, approval, scope and communication channels in plain language.
Food and beverage distribution · synthetic · written by LRA

Our sustainability policy refers to the recognised sustainability principles, the OECD guidance for multinational enterprises, and the ILO labour standards, and it states that we expect risk-based due diligence, a precautionary mindset for serious or irreversible harm, and respect for human rights in day-to-day decisions. The human-rights section covers the full range of internationally recognised rights and gives particular attention to seasonal workers, agency workers, smallholder suppliers, and communities near our depots and transport routes.
- These commitments were signed off by the executive committee rather than the board, so they are not approved at the most senior level, and they are intended to cover our operations plus key trading relationships.
- The policies are not posted publicly because they are embedded in internal governance documents and supplier manuals; we communicate them through manager briefings, e-learning, supplier packs, onboarding materials, and periodic reminders from procurement and HR.

Synthetic illustration only: this example shows a non-public policy set, a lower approval point, and internal/external communication routes in a concise narrative form.
Draft output & visualisation ideas

How to turn the collected data into a draft disclosure. Suggested visuals and a GRI content-index line generated from this disclosure's datapoints.

Suggested visuals

  • Policy coverage by topic — table: Which responsible-business topics are covered in the organisation’s policy set, including human rights, due diligence, precautionary approach, and the external principles or instruments the policies draw on.
  • Approval level and governance sign-off — bar: Where each policy was approved inside the organisation, and whether approval came from the most senior decision-making level.
  • Policy scope across the business — stacked bar: How far each commitment applies across the organisation’s own operations and across its business relationships.
  • Communication channels for policy rollout — bar: How the commitments are shared with employees, commercial partners, and other relevant audiences.
  • Public availability of policy documents — donut: The split between commitments that are publicly accessible with links provided and those that are not public, with the stated reason for non-public status.
  • Human rights commitment detail — table: Which internationally recognised rights are covered by the specific human-rights commitment, and which stakeholder groups, including people at higher risk or in vulnerable situations, are given special attention.
From a number to a disclosure

What separates a figure from a disclosure.

Basic

We set out our policy commitments for responsible business conduct, including the intergovernmental instruments they draw on, whether we use due diligence and the precautionary approach, and whether we commit to respect human rights.

Better

We set out our policy commitments for responsible business conduct, naming the intergovernmental instruments they draw on, stating that we use due diligence and the precautionary approach, and explaining that our human-rights commitment covers internationally recognised rights and gives particular attention to at-risk groups.

Best

We set out our policy commitments for responsible business conduct, naming the intergovernmental instruments they draw on, confirming that we use due diligence and the precautionary approach, and explaining that our human-rights commitment covers internationally recognised rights and at-risk groups; the board approved them this year, they apply across our own operations and business relationships, they are published on our website, and we brief workers, business partners and other relevant parties through induction, supplier onboarding and annual refreshers.

From company reports
Real published reports Compare side by side →Get it free

Real reports where this topic is disclosed. The confidence label shows how closely each match maps to GRI 2-23 — these are report practice, not exact disclosure examples.

CompanySector · CountryYearMatchPageReportAssurance
Interconexión Eléctrica S.A. E.S.P. Electric Utilities / IPP / Energy Traders · Colombia 2024 Partial p. 88 →p. 141 →p. 59 → ISA Integrated Management Report 2024 → ey
Evidence in Interconexión Eléctrica S.A. E.S.P.’s report

What the report shows

Interconexión Eléctrica S.A. E.S.P.'s 2024 Integrated Management Report includes coverage of certain narrative items related to sustainability disclosures, such as references to intergovernmental instruments on page 140 and details on due diligence processes and complaint handling on page 142. The report also describes how stakeholder engagement has influenced company actions on page 144. However, several narrative items, including (a-iii), (a-iv), (b-i), (b-ii), (d), and (e), are not found or clearly addressed in the report.

Evidence-based summary of this company’s own report — not a disclosure template to copy, and not a compliance verdict.

Datapoint coverage

DatapointStatusPage
Responsible business policy basisA reported value was found on this page. covered p. 140
Due diligence commitmentA reported value was found on this page. covered p. 142
Precautionary approachNo quotable evidence was found in this report. not found
Human rights commitmentNo quotable evidence was found in this report. not found
Human rights scopeNo quotable evidence was found in this report. not found
Priority stakeholder groupsNo quotable evidence was found in this report. not found
Public policy linksNo quotable evidence was found in this report. not found
No public access reasonNo quotable evidence was found in this report. not found
Approval levelNo quotable evidence was found in this report. not found
Policy reachNo quotable evidence was found in this report. not found
Policy communicationA reported value was found on this page. covered p. 144

Source trail

  • p. 140conduct/ (ii) 44-56 (iii) 89 x i. the intergovernmental instruments to which the commitments refer; x x x ii. whether
  • p. 142business conduct. x x GRI 2-27 Compliance with laws and regulations a. Provide information on the total number
  • p. 59Policy • Information Policy • Asset Management Policy • Environmental Policy • Occupational Safety and Health Policy 7, 9, 11, 13 16 Management
  • p. 142Due diligence. In: https://isasapaginaswebisa001.blob. core.windows.net/paginawebisawordpress/2021/06/Due- Diligence-2020.pdf x b. Describe the approach to identifying and addressing complaints, including
  • p. 144Describe how stakeholder engagement has influenced the actions taken (3-3-d) and how it has informed whether these have
  • p. 88Policy, are committed to creating mechanisms, such as the hierarchy of mitiga- tion, to protect natural resources; avoid, minimize
  • p. 134Describe the highest governance body’s role in overseeing the organization’s due diligence and other processes for identifying
Oberoi Realty Limited Real Estate · India 2025 Topic-family p. 67 →p. 88 →p. 20 → ESG Report FY 2024-25 → EY
Evidence in Oberoi Realty Limited’s report

What the report shows

Oberoi Realty Limited’s ESG Report FY 2024-25 provides covered evidence of policy commitments related to its Code of Conduct on page 126, indicating embedding of these commitments and associated processes. Partial context is given on due diligence processes and employee training on page 36, as well as human rights risk management and monitoring on page 102, though no headline values are presented. Several narrative items, including specific disclosures under (a-iii), (b-ii), (d), (e), and (f), are not found or remain unclear in the report.

Evidence-based summary of this company’s own report — not a disclosure template to copy, and not a compliance verdict.

Datapoint coverage

DatapointStatusPage
Responsible business policy basisA reported value was found on this page. covered p. 126
Due diligence commitmentSupporting context was found, but no headline value. partial p. 36
Precautionary approachNo quotable evidence was found in this report. not found
Human rights commitmentSupporting context was found, but no headline value. partial p. 102
Human rights scopeSupporting context was found, but no headline value. partial p. 67
Priority stakeholder groupsNo quotable evidence was found in this report. not found
Public policy linksNo quotable evidence was found in this report. not found
No public access reasonNo quotable evidence was found in this report. not found
Approval levelNo quotable evidence was found in this report. not found
Policy reachNo quotable evidence was found in this report. not found
Policy communicationNo quotable evidence was found (methodology/narrative). unclear

Source trail

  • p. 126Policy commitments Code of Conduct, Pg 28 2-24 Embedding policy commitments Code of Conduct, Pg 28 2-25 Processes
  • p. 126Policy commitments Code of Conduct, Pg 28 2-24 Embedding policy commitments Code of Conduct
  • p. 20conduct and policies, which form a critical foundation for our approach to responsible business conduct. When viewed
  • p. 20POLICY RISK MANAGEMENT POLICY POLICY ON RELATED PARTY TRANSACTION These policies safeguard the safety, quality, and continuity
  • p. 20POLICY DIVERSITY, EQUITY AND INCLUSIVITY POLICY SUSTAINABLE PROCUREMENT POLICY STAKEHOLDER MANAGEMENT POLICY CORPORATE SOCIAL RESPONSIBILITY POLICY
  • p. 24responsible business practices. JOINT VENTURE PARTNERS SUPPLIERS SHAREHOLDERS INVESTORS About Oberoi Realty About the Report Performance Highlights Risk Management
  • p. 67Policy that reflects the company’s continued focus on responsible growth, environmental stewardship, and sustainable development. This policy
  • p. 102Policy, applicable to all business units and owned entities. All stakeholders, business partners and contractors are encouraged
  • p. 16policy. These disclosures include membership fees paid to business and industry associations that advocate on policy issues
  • p. 36Due diligence processes • Employee awareness and training Reviewed annually during ESG governance review Low likelihood, medium magnitude - due to existing
  • p. 102DUE DILIGENCE AND VERIFICATION GRIEVANCE & MEANS OF REDRESS POLICY AND GOVERNANCE ORL’S HUMAN RIGHTS FRAMEWORK The ultimate
  • p. 103Due Diligence Process We have established a structured and comprehensive due diligence process to proactively identify, assess and address
  • p. 102POLICY WE ASSESS, MANAGE AND MITIGATE HUMAN RIGHTS RISKS AND DESIGN BUSINESS IMPROVEMENT ACTIONS HUMAN RIGHTS MONITORING AND REPORTING
  • p. 67policy is publicly accessible on our corporate website: Environmental Sustainable Policy Policy or Commitment Aspects • Establishing clear
Globalvia Ground Transportation — Highways and Railtracks · Spain 2025 Partial p. 86 →p. 104 →p. 108 → Globalvia Sustainability Report 2025 →
Evidence in Globalvia’s report

What the report shows

Globalvia's 2025 Sustainability Report provides coverage on its business conduct policies, including prevention and detection of corruption and bribery (p.106), and its commitment to human rights (p.104). The report also includes a message from the General Manager addressing policy commitments and due diligence (p.113). However, several narrative items related to other aspects of the disclosure are not found or unclear in the report, indicating gaps in the coverage of certain required elements.

Evidence-based summary of this company’s own report — not a disclosure template to copy, and not a compliance verdict.

Datapoint coverage

DatapointStatusPage
Responsible business policy basisA reported value was found on this page. covered p. 106
Due diligence commitmentA reported value was found on this page. covered p. 113
Precautionary approachNo quotable evidence was found in this report. not found
Human rights commitmentA reported value was found on this page. covered p. 104
Human rights scopeNo quotable evidence was found in this report. not found
Priority stakeholder groupsNo quotable evidence was found in this report. not found
Public policy linksNo quotable evidence was found in this report. not found
No public access reasonNo quotable evidence was found in this report. not found
Approval levelNo quotable evidence was found in this report. not found
Policy reachNo quotable evidence was found in this report. not found
Policy communicationNo quotable evidence was found (methodology/narrative). unclear

Source trail

  • p. 106business conduct policies 5.1.5 Prevention and detection of corruption and bribery 3-3 Management of material topics 2-23 Policy
  • p. 95other business relationships 2.7 Our integrated management system 2-23 Policy commitments 2-24 Embedding
  • p. 103Policy commitments 2-24 Embedding policy commitments Anti-discrimination policy and, where appropriate, diversity management
  • p. 101Commitments and policies 2-24 Embedding policy commitments Employees with a disability. 4.1.2 An equal and diverse
  • p. 113Message of the General Manager 2-23 Policy commitments 2.5.3 Statement of due diligence 2.7 Our Integrated Management System 3.2.5.
  • p. 113business conduct policies 2-24 Embedding policy commitments 2.5.3 Statement of due diligence 2.7 Our Integrated
  • p. 104business conduct policies 5.1.4 Commitment to human rights 3-3 Management of material topics 2-23 Policy
  • p. 105Policy commitments Human rights violation whistleblowing. 5.1.3 Ethics and compliance safeguard mechanisms 2-26 Mechanisms for seeking advice
  • p. 106Policy commitments The results of these policies, which must include relevant key indicators of non- financial results that
  • p. 96Policy commitments The results of these policies, which must include relevant key indicators of non- financial results that
  • p. 108Policy commitments The results of these policies, which must include relevant key indicators of non- financial results that
  • p. 100policy commitments The main risks related to these issues that are associated with the Group's activities, including
Check your understanding
A reporting lead has a draft policy pack that mentions the UN Guiding Principles and the OECD Guidelines, but the human rights section was copied from an old supplier code and does not say whether the company’s own policy covers due diligence or the precautionary approach. The board paper is due for sign-off next week.What should the preparer check before finalising the disclosure on the policy pack?
Model answer. They should make sure the write-up clearly states which intergovernmental references the business policy draws on, and separately says whether the policy includes due diligence, a precautionary approach, and respect for human rights. If any of those points are not actually covered, they should not be implied; the disclosure should reflect the policy as written.
Why this matters. Separate the policy’s source references from the specific commitments it actually contains.
A sustainability manager is drafting the human rights part of the report. The company has a short statement saying it respects human rights, but the team has not yet agreed whether it covers all internationally recognised rights or only a narrower set linked to operations in three countries.How should the preparer handle the scope of the human rights commitment?
Model answer. They need to describe the scope exactly as the policy sets it out, including which recognised rights are covered. If the commitment is narrower than a full human-rights statement, the disclosure should say so plainly rather than broadening it for presentation purposes.
Why this matters. Report the actual reach of the human rights commitment, not an expanded version.
The legal team says the policy is on the intranet, but the external website only has a summary page. The report team is unsure whether to include a link, note that the full text is internal, or say the policy is unavailable to the public.What is the right way to present public access to the policy commitments?
Model answer. If the commitments can be accessed publicly, the disclosure should point readers to that location. If they are not publicly accessible, the report should explain why that is the case instead of leaving the point blank or implying a public link exists.
Why this matters. Either direct readers to a public source or explain why no public access is available.
A group policy was approved by the audit committee, while the parent company’s board later endorsed the same wording for the wider group. The communications team also wants to say the policy applies to employees, joint ventures, and key suppliers, but the current draft only mentions employees and direct suppliers.What should the preparer confirm about approval level and coverage before publishing?
Model answer. They should identify where each commitment was approved and whether that was the most senior decision-making level involved. They also need to state how far the commitments reach across the organisation’s own operations and its business relationships, and describe how the policy is shared with workers, partners, and other relevant audiences.
Why this matters. Show who approved the commitments, how far they extend, and how they are communicated.
Analyse this disclosure across real reports

See how companies actually report GRI 2-23 — drawn from their own published reports, with the exact pages, and an LRA AI-assistant that works through it with you. Available to LRA Community members and to students throughout their platform access.

Related framework references

How this disclosure maps across the major reporting frameworks.

GRIPrimary
GRI 2-23
within GRI 2: General Disclosures
Open official source →
Related & explore
Questions this page answers
For GRI 2-23, what data points do I need to gather before I start drafting the disclosure?

The page lists the main datapoints to prepare, including policy basis, due diligence commitment, precautionary approach, human rights commitment and scope, stakeholder groups, public policy links, access restrictions, approval level, policy reach and how the policy is communicated. Use that list as your collection checklist before you draft. ↑ section

How do I use the step-by-step preparation section for GRI 2-23 in practice?

Use it as a working sequence: confirm the disclosure topic, collect the listed datapoints, check the assurance claims, then build the evidence pack and draft output. It is designed to help you move from raw information to a reviewable draft. ↑ section

What should I include in the evidence pack for GRI 2-23 so it is assurance-ready?

The page includes a five-item evidence pack to support assurance readiness. Use it to assemble the documents and records that back up the datapoints, the claims to verify and the final draft. ↑ section

What are the assurance claims I need to test for GRI 2-23?

The page sets out four claims to verify, each with a linked risk and evidence point. Use them to check whether the disclosure is supported, consistent and traceable before sign-off. ↑ section

How do I avoid the common reporting gaps in a GRI 2-23 disclosure?

The page highlights common mistakes so you can spot missing scope, weak evidence, unclear ownership or incomplete communication detail early. Use that section as a pre-submission quality check. ↑ section

Who should own the GRI 2-23 disclosure in my organisation?

The page is set up for practitioners to assign ownership across ESG, HR, policy or data owners, depending on where the underlying information sits. Use the datapoint list and evidence pack to decide who can confirm each item. ↑ section

How do I decide the scope for the policy reach and human rights scope datapoints in GRI 2-23?

The page asks you to prepare both policy reach and human rights scope, so you need to define what parts of the organisation, workforce or value chain the policy covers. Keep the scope consistent across the narrative, table and evidence pack. ↑ section

What does the page mean by public policy links and no public access reason for GRI 2-23?

These are separate datapoints to prepare: one captures whether the policy connects to public policy, and the other explains why the policy is not publicly accessible if that applies. The page does not add extra rules, so use the wording and evidence from your own records. ↑ section

How do I turn the GRI 2-23 data into a draft disclosure?

The page includes draft-output support with visualisation ideas, narrative starters and a GRI content-index line. Use those to convert your collected data into a short narrative, a simple table if needed and a traceable index entry. ↑ section

Can I use the synthetic example on the GRI 2-23 page as a template for my own disclosure?

Yes, but only as an illustrative guide. The example is synthetic, so you should replace it with your own internally consistent data and evidence. ↑ section

More questions this page can help with
  • GRI 2-23 workbook download: what is the Prep & Assurance workbook for and how should I use it?
  • Where do I find the printable Library Card PDF for GRI 2-23 and what is it for?
  • What should I check before I say the GRI 2-23 disclosure is assurance-ready?
  • How do I evidence approval level and policy communication for GRI 2-23?
  • What are the most common mistakes people make when drafting GRI 2-23?
  • How do I use the from company reports table on the GRI 2-23 page?
  • What narrative starters does the GRI 2-23 page give for the draft output?
  • How should I document due diligence commitment for GRI 2-23?
  • How do I show responsible business policy basis in a GRI 2-23 draft?
  • What evidence should I keep for priority stakeholder groups in GRI 2-23?
  • How do I make sure the GRI 2-23 data table is internally consistent?
  • Does the GRI 2-23 page give an ESRS or ISSB mapping I can rely on?
Dr Ross Kurinko
✓ LRA AI Assistant · human-in-the-loop
Ask Study Studio AI assistant about this disclosure

Get a practical answer for your reporting context. Your first answer is free — create a free account to continue the conversation.

Try
Sources, status and disclaimer

This LRA assistance tool is designed for educational and internal data-collection purposes. It is not an official interpretation of the GRI Standards, IFRS Sustainability Disclosure Standards or EU CSRD/ESRS requirements. When applying these frameworks in professional practice, users should consult and double-check the official standards, guidance and applicable regulatory sources.