Disclosure LibraryPractitioner guidance for every reporting disclosure
Home Disclosure Library GRI GRI 407 GRI 407-1
GRI 407: Freedom of Association and Collective Bargaining · 2016
Disclosure GRI 407-1

Operations and suppliers in which the right to freedom of association and collective bargaining may be at risk

Practical guidance for preparing this disclosure. Use this card to identify datapoints, verify claims and organise supporting evidence. For exact requirements, always refer to the official GRI source.

Dr Ross Kurinko, GRI Certified Trainer
Reviewed by Dr Ross Kurinko · GRI Certified Trainer LRA educational guidance · Not issued or endorsed by GRI
To prepare this disclosure
Disclosure focus

This disclosure asks an organisation to explain where, in its own activities and in its supply chain, workers may face a higher risk that their right to join together, choose representatives and bargain collectively is not fully protected. The focus is not on saying the organisation supports these rights in principle, but on identifying the parts of the business and the supplier base where the risk is present and describing them clearly.

In practice, the emphasis is on coverage across the whole organisation rather than only highlighting a few well-known sites. A useful response should show which operations and which suppliers are included in the assessment, where the risk is concentrated, and whether the organisation has looked beyond flagship locations to less visible parts of the business.

This LRA educational guidance supports disclosure preparation. For the exact requirements, always refer to the official GRI source.

Before you start

A quick mental checklist before you prepare this disclosure — tick each as you settle it.

Preparation

Key datapoints to prepare

Datapoint What to capture Evidence hint Owner
At-risk operations List the operations where workers’ ability to join together, choose representatives, or bargain collectively could be restricted or at heightened risk, and note whether the risk comes from the kind of operation or from the country or area where it operates. Risk assessment, country or site risk review, human rights due diligence, local legal review, incident logs, and any internal mapping of higher-risk operations. Human rights / Sustainability / Operations
At-risk suppliers List the suppliers where workers’ ability to join together, choose representatives, or bargain collectively could be restricted or at heightened risk, and note whether the risk comes from the supplier type or from the country or area where the supplier operates. Supplier risk screening, procurement records, supplier due diligence, country risk mapping, audit findings, and supplier segmentation files. Procurement / Supply chain / Human rights
Support measures taken Describe the actions taken during the reporting period to help protect workers’ ability to join together and bargain collectively, including the main measures put in place and where they were applied. Policy updates, training records, worker engagement notes, remediation plans, grievance records, collective bargaining support actions, and implementation trackers for the period. Human rights / HR / Employee relations
+ Show GRI 407-1 sub-elements (LRA working checklist)

How to prepare it

1Set the reporting boundary first: decide which parts of the business and which supplier groups you will assess, and which countries or locations you will treat as higher risk for worker voice and bargaining rights.
2Agree the screening rules you will use to flag risk, so the same approach is applied to each operation and supplier and the basis for inclusion is clear.
3Gather the supporting material for each flagged area, such as internal assessments, supplier checks, site reviews, audit notes, grievance records, or other records that show why the area was identified.
4Prepare the disclosure content in two parts: list the operations and suppliers that meet your risk screen, then summarise the actions taken during the year to support those rights.
5Record any exclusions, scope changes, or changes in how you identified risk, so readers can see what was left out and whether the current year is directly comparable with prior reporting.
6Check the final draft against the official source and your evidence pack to confirm the named areas, the reported actions, and the scope treatment all match the underlying records.
Request the data

Request the supplier and site risk evidence

Translate the disclosure into an internal business question — then adapt it to your organisation's own language.

Which parts of our own operations and supplier base may need to be flagged because worker voice or bargaining arrangements could be constrained, and what actions did we take in the period to support those rights?

Use your organisation’s own labels first, then map them to the reporting wording. For example, ask for your high-risk sites, business units, vendor groups, countries, labour channels, or contract types rather than using framework terms in the request itself.

Weak request

Please provide the GRI 407-1 evidence for operations and suppliers at risk and the measures taken to support freedom of association and collective bargaining.

Why it fails: It uses framework language only, so the owner has to translate the ask before they can respond. It also does not say which internal lists, systems, or labels to pull from, or what period and evidence trail to include.

Better request

Please send the current list of sites, business units, supplier groups, or sourcing channels you have flagged because worker voice or bargaining arrangements could be constrained, plus any actions taken in [period] to support worker representation or bargaining. Use your own internal names, the source system or file, the reason each item was flagged, and the latest review date.

Formal email template
Subject: Request for supplier and site risk evidence for [reporting period]

Hi [name/team],

We are preparing the sustainability reporting pack and need your help with the data and supporting evidence for [reporting period]. Please share the records you hold for:

1) Any sites, business units, countries, or operating locations you have flagged as needing attention because worker voice or bargaining arrangements could be constrained;
2) Any supplier groups, vendor categories, countries, or sourcing channels you have flagged for the same reason; and
3) Any actions taken during the period to support worker voice, employee representation, or bargaining arrangements.

Please use your own internal labels and source systems, and include a short note explaining how each item was identified.

For each record, please provide:
- the internal name or code;
- the reason it was flagged;
- the source system or file;
- the date last reviewed;
- the action taken in the period, if any;
- the owner/contact for follow-up; and
- any supporting file or link.

If you have a better internal way of grouping this information, please use that and tell us how to map it back to the reporting pack. Please also note anything that is still in draft.

Thank you,
[preparer name]
[team]

Please check the official source before sign-off.
Short Teams / Slack version
Hi [name] — could you send over the site/supplier risk list for [period], plus any actions taken in the period to support worker voice or bargaining? Please use your own internal names and source files, and add the reason each item was flagged. Thanks.
Industry examples
Manufacturing

Context. A multi-site producer with direct materials, maintenance contractors, and labour agencies across several countries.

Adapted request. Please share the plant, warehouse, contractor, and agency lists for [period] where worker voice or bargaining arrangements were flagged as needing attention, plus the actions taken in the period to support worker representation. Use your site names, supplier categories, and risk register fields.

Example response. Plant 3 and Warehouse East were flagged due to country risk and a contractor model with limited worker representation; two supplier groups were flagged in logistics and cleaning. Actions included site briefings, supplier follow-up meetings, and an updated contract clause pack. Evidence attached from the risk register and action tracker.

Retail / Distribution

Context. A retailer with stores, distribution centres, and outsourced transport and cleaning services.

Adapted request. Please provide the store, depot, and outsourced service lists for [period] where worker voice or bargaining arrangements may be constrained, plus any steps taken to support those rights. Use your store codes, depot names, and supplier categories rather than reporting terms.

Example response. Three depots and one store cluster were flagged because of local labour-market conditions and contractor arrangements; transport and cleaning suppliers were also flagged. Actions included manager training, supplier meetings, and a worker hotline refresh. Evidence came from the compliance log and procurement tracker.

Draft your disclosure

Notes that turn data into a disclosure

LRA training templates — adapt them to your organisation, and check the official source before sign-off.

Method note

Explain how the organisation decided which operations and suppliers to flag as higher risk, including the basis used to define the risk screen and how the reporting boundary was set.

Context note

Set out what the figures mean in practice by linking the flagged operations and suppliers to the organisation’s exposure to possible restrictions on workers’ ability to organise and bargain collectively, and summarise the support measures taken in the period.

Fluctuation statement

If the number or spread of flagged sites or suppliers changed materially, describe the main drivers, such as changes in the business footprint, supplier mix, or the scope of the risk review, and note any corresponding change in support actions.

Content index entry
GRI 407-1 Operations and suppliers in which the right to freedom of association and collective bargaining may be at risk — [location / page] / [notes]
Download Centre

Preparation tools & forms

Professional preparation tools for GRI 407-1 — free with an LRA Community membership. Register once (it's free) and every download unlocks, together with the Disclosure Library, templates and the LRA AI-assistant.

Free · Community members
Assurance readiness

For each claim, check the evidence

ClaimRiskEvidence to check
We mapped the coverage figure from our own review of the disclosed operations, using location and operating-model checks to flag where worker representation rights could be exposed to higher risk.An assurer may question whether the screening was applied consistently, whether the risk flags were based on defined criteria, and whether any relevant sites or business units were left out.Risk-screening methodology; site or entity list used for the review; country and operating-model risk assessment; working papers showing how locations were included or excluded; sign-off on the final coverage list.
For the supplier side, we built the figure from our supplier population and then narrowed it to the parts of the supply chain we judged more exposed, based on supplier type and geography.An assurer may probe whether the supplier universe was complete, whether the selection logic was applied consistently, and whether the same approach was used across all relevant procurement categories.Supplier master data extract; supplier risk assessment criteria; procurement category mapping; records showing how higher-risk suppliers were identified; review and approval notes for the final supplier set.
We prepared the disclosed list by combining internal records with local knowledge from the business, then checked the result against known operating and sourcing locations before publication.An assurer may ask whether the underlying records were current, whether local inputs were documented, and whether the final list was reconciled back to source data.Source data extracts; local management confirmations; reconciliation file to operating and supplier records; version history; evidence of pre-publication review and approval.
Where we included a location or supplier, we kept the supporting evidence on file to show why it was treated as higher risk and how that judgement was reached.An assurer may test whether the evidence is specific enough to support the judgement, whether it is dated and attributable, and whether it matches the final reported population.Country or site risk notes; supplier due diligence files; meeting minutes; correspondence with local teams; dated assessment records linked to each included item.
Before we published the figure, we ran a final quality check to confirm the totals, remove duplicates, and make sure the narrative matched the underlying working papers.An assurer may look for arithmetic errors, duplicate counting, inconsistencies between the narrative and the data, and weak controls over final edits.Final calculation workbook; duplicate-check logs; cross-checks between narrative and tables; editorial review notes; approval trail showing who checked and signed off the disclosure.

Evidence pack to prepare

Common reporting gaps

The information is presented without a date or as-at point.The scope or boundary of the statement is left undefined.Key terms are used inconsistently across the report.Material changes since the previous period are not disclosed.Assertions are made without supporting detail or a source record.Boilerplate is used that does not actually answer what is asked.
Common gaps

Mistakes to avoid when collecting the data

Wrong owner, wrong language
The request goes to the wrong team, or it is framed in framework terms instead of the business labels people actually use, so the source data never gets pulled from the right place.
Scope left vague
No one pins down which sites, countries, service lines, or supplier groups are in scope, so different teams send different populations that cannot be reconciled.
Risk screen not defined first
The team starts collecting names before agreeing what counts as a higher-risk operation or supplier, so the list reflects guesswork rather than a consistent screen.
Period basis is mixed up
Some contributors use the reporting year while others use a different cut-off date or snapshot, which makes the final population inconsistent.
Counting rules are not aligned
One source counts legal entities, another counts sites or contracts, and the numbers are merged as if they were the same basis.
Source labels get stripped out
The original tags, site names, country codes, or supplier identifiers are lost during consolidation, so the evidence cannot be traced back to the first record.
Separate populations are merged
Operations and suppliers are blended into one list too early, which hides where the risk sits and makes later checking much harder.
Evidence trail is incomplete
The file contains names but not the supporting notes, dates, or document references, so no one can show how the data was assembled or reviewed.
No sign-off record
The draft is circulated without a named reviewer or approval trail, so there is no clear record of who checked the figures and when.

Where judgement is often needed

Set the reporting boundary after acquisitions and disposals
Use the same cut-off date and consolidation basis as the rest of the report, then explain any newly added or removed sites or suppliers and whether they were assessed for risk in the period they were in scope.
Choose one country-risk basis and apply it consistently
If local law, labour practice or operating conditions point in different directions, document the rule you used to flag a location or supplier as higher risk and keep that rule stable across the year unless you explain the change.
Decide how to treat mixed-risk operations
Where only part of a site, business line or contract sits in a higher-risk setting, state whether you classify the whole item or only the exposed part, and describe the logic behind that split.
Handle suppliers at the edge of the supply chain
Be clear whether you include direct suppliers only or also lower-tier sources where you have enough visibility, and explain any exclusions where the link to the supplier is too indirect or the evidence is too weak.
Separate measured evidence from informed judgement
If you do not have a full site-by-site or supplier-by-supplier review, say which entries are confirmed by records and which are based on a reasoned estimate, together with the basis used for that estimate.
Fix the timing of the assessment window
State whether the list reflects conditions at period end, an average across the year, or events during the year, and make sure the timing matches the measures you describe for the same period.
Use a privacy-safe level of detail
When naming locations, supplier groups or worker populations could expose individuals or sensitive relationships, aggregate the information to a safe level and explain the level of grouping you used.
Round counts without changing the picture
If you present numbers of sites, suppliers or actions, round them in a way that does not distort the result, and note the rounding approach where it could affect interpretation.
Explain how you treat temporary or contingent labour
If agency staff, contractors or other non-permanent workers are part of the relevant workforce, say whether they are included in the assessment and why they are or are not treated as in scope.
Describe the measures taken in plain operational terms
For the period’s actions, distinguish between policy updates, training, grievance routes, supplier engagement and remediation, and explain which of these were actually carried out rather than planned.
Examples

Illustrative examples

Synthetic, written by LRA — not from a company report, not text from any standard.

Illustrative (synthetic) example — Apparel manufacturing

*Synthetic illustration only.* During the year, we reviewed our own sites and key third-party factories to identify where employee representation and bargaining arrangements could be constrained, and we prioritised follow-up in higher-risk countries and labour-intensive production lines. - Our review covered 14 owned or controlled operations; 5 were flagged as higher risk because of location or operating model, and 2 of those were in the highest-risk category. - We also screened 38 direct suppliers; 11 were treated as higher risk, including 4 in higher-risk countries and 3 labour brokers used for temporary staffing. - To support worker voice, we updated supplier contracts, trained 126 managers and procurement staff, opened 7 worker-feedback channels, and carried out 19 follow-up assessments with corrective actions where needed.

This example shows how to describe where worker representation may be weaker, both in the company’s own activities and across its supply chain, and then summarise the practical steps taken during the period to strengthen worker voice.

Illustrative (synthetic) example — Food processing and distribution

*Synthetic illustration only.* We mapped our facilities and sourcing base to spot places where staff may find it harder to organise or bargain collectively, then focused our attention on regions with weaker labour protections and on outsourced logistics and seasonal labour providers. - Of 9 company-run sites, 3 were identified as higher risk because of geography or operating profile. - Of 52 suppliers assessed, 8 were identified as higher risk; this included 5 agricultural suppliers and 2 logistics providers operating in higher-risk locations. - In response, we refreshed our supplier code, ran 11 site briefings, completed 6 worker-engagement sessions, and escalated 4 cases for remediation planning with suppliers.

This example illustrates a concise narrative that separates the company’s own operations from supplier relationships, identifies where the risk is concentrated, and then lists the main actions taken to support employee and worker representation during the reporting period.

Company reports

How companies report GRI 407-1

Real reports where this topic is disclosed. These are report practice, not exact disclosure templates to copy.

Cogna Educação S.A.
Education Services · Brazil · 2024
Open report →
Cogna Educação S.A.’s 2024 Relato Integrado report provides evidence of collective bargaining coverage, noting operations and suppliers where the right to freedom of association and collective bargaining applies (p.160), and states that all employees are covered by collective bargaining or employment agreements (p.138). The report also mentions screening of new suppliers for environmental criteria (p.150) and includes workforce demographic data by employee category and ethnicity (p.145). However, details on remediation plans or specific supplier risk assessments for forced labor are less clear, with only a brief mention of suppliers at risk (p.149) and no explicit remediation actions reported.
London Luton Airport Operations Ltd.
Air Transportation — Airport Services · United Kingdom · 2024
Open report →
London Luton Airport Operations Ltd.'s Sustainability Report 2024 includes coverage of collective bargaining and child labour risks, referencing GRI 407 and 408 standards on page 71. The report also provides supply chain data, including the number of suppliers and total spend, on page 49. However, details on the progress of community relationship reviews and certain land-use actions remain unclear or not started as of 2024 (p.64-65), and while collective bargaining agreements are mentioned, the extent of their implementation is not fully detailed (p.70).
China Airlines, Ltd.
Air Transportation — Airlines · Taiwan · 2024
Open report →
China Airlines' 2024 Sustainability Report provides coverage on human rights issues, including collective bargaining risks and child labor concerns, with specific references on page 184 to operations and suppliers where these risks may be significant. The report also details procurement practices related to irreplaceable suppliers and their cumulative annual procurement amounts on page 74. However, the report does not clearly specify quantitative data or detailed outcomes related to these human rights risks, leaving some aspects of the disclosure unclear.
✓ LRA AI Assistant · Human-in-the-loop
Dr Ross Kurinko
Ask Study Studio AI assistant about this disclosure
Get a practical answer for your reporting context. Your first answer is free — create a free account to continue the conversation.
TryHow do I prepare GRI 407-1?What data do I need to collect?Where can I see a real-report example?What mistakes should I avoid?
1 free answer
Check your understanding

Scenarios to work through

A manufacturer runs one plant in a country where employee representation is tightly controlled, and another site in a region where labour disputes have recently led to restrictions on worker organising. The reporting team has a list of both sites, but no formal risk note yet.

QShould these sites be included in the narrative, and what basis should be used to decide that?
Reveal model answer →

A group buys packaging from a small supplier in a jurisdiction with weak labour protections, but the supplier has not reported any union-related complaints. The procurement lead argues that, because there is no known incident, the supplier should be left out.

QHow should the preparer decide whether to name that supplier in the disclosure?
Reveal model answer →

During the year, a company introduced a supplier code, trained site managers in high-risk locations, and added a worker-voice channel for two factories. The sustainability team is unsure whether these actions belong in the same disclosure as the risk list.

QWhat should be reported about these actions, and how should they be framed?
Reveal model answer →

A retailer has 18 direct suppliers and 42 indirect suppliers. After review, it identifies 3 direct suppliers and 5 indirect suppliers as higher risk because of their locations and labour conditions. The draft report currently mentions only the direct suppliers.

QWhat should the preparer check before finalising the disclosure?
Reveal model answer →
Framework references

Related framework references

How this disclosure maps across the major reporting frameworks.

GRI
GRI 407-1
within GRI 407: Freedom of Association and Collective Bargaining
Open official source →
Primary
Related & explore
FAQ

Questions this page answers

For GRI 407-1, what data do I need to collect before I start drafting the disclosure?+
How do I scope GRI 407-1 so I do not overstate or understate the disclosure?+
Who should own the GRI 407-1 data collection in practice?+
What evidence should I keep to make a GRI 407-1 disclosure assurance-ready?+
What are the most common mistakes people make when reporting GRI 407-1?+
How should I use the GRI 407-1 workbook download to prepare the disclosure?+
What is the printable GRI 407-1 Library Card for, and when should I use it?+
Can I use the synthetic example on the GRI 407-1 page as a template for my own disclosure?+
How do I turn my GRI 407-1 data into a draft narrative and table?+
What should I include in the GRI 407-1 evidence pack before assurance review?+
More questions this page can help with