Disclosure LibraryPractitioner guidance for every reporting disclosure
Home Disclosure Library California California SB 261 SB261-RISK-MITIGATION-ADAPTATION
California SB 261: Climate-Related Financial Risk Act · 2026-initial-regulation-as-amended-sb219
Disclosure SB261-RISK-MITIGATION-ADAPTATION

Measures to reduce and adapt to climate-related financial risk

Practical guidance for preparing this disclosure. Use this card to identify datapoints, verify claims and organise supporting evidence. For exact requirements, always refer to the official CARB source.

Dr Ross Kurinko, Sustainability Reporting Trainer
Reviewed by Dr Ross Kurinko · Sustainability Reporting Trainer LRA educational guidance · Not issued or endorsed by CARB
To prepare this disclosure
Disclosure focus

This disclosure asks an organisation to explain what it is doing to reduce climate-related financial risk and to adapt its business to those risks. In practice, that means describing the measures in place, the risks they are meant to address, and how those measures are intended to protect the organisation’s finances, assets, operations, and resilience over time.

The practical focus is on the breadth and usefulness of the response, not just on a few headline projects. Organisations should think about whether their actions cover the full business where relevant, including operations, supply chains, sites, and other material parts of the business, rather than only flagship locations or isolated initiatives. The aim is to show how risk reduction and adaptation are being embedded in the organisation’s overall approach.

This LRA educational guidance supports disclosure preparation. For the exact requirements, always refer to the official CARB source.

Before you start

A quick mental checklist before you prepare this disclosure — tick each as you settle it.

Preparation

Key datapoints to prepare

Datapoint What to capture Evidence hint Owner
Adaptation actions Record the actions the business has put in place to adjust to climate-related financial risk. Board papers, risk register updates, adaptation plan, project tracker, or approved management actions. Risk management / Sustainability
Effectiveness view Capture the expected result of each action: what change it should deliver and how that expectation was formed. Business case, scenario analysis, risk assessment, or management memo setting out the expected outcome. Risk management / Finance
Accountable owner Identify the person or function responsible for overseeing each risk response measure. RACI, committee terms of reference, delegated authority schedule, or risk ownership matrix. Risk management / Governance
Delivery stage State whether each measure is planned, underway, completed, paused, or otherwise at its current stage. Project status report, implementation tracker, steering committee pack, or milestone log. Project management / Risk management
Funding set aside Capture the amount of money set aside for each risk response measure, in USD, for the reporting period. Budget approval, capex/opex plan, forecast, ledger extract, or funding request. Finance
Risk reduction actions Record the actions the business has put in place to lower climate-related financial risk. Risk treatment plan, board papers, control register, or approved management actions. Risk management / Sustainability
+ Show SB261-RISK-MITIGATION-ADAPTATION sub-elements (LRA working checklist)

How to prepare it

1Set the boundary for the disclosure first: decide which climate-related financial risk measures are in scope, and separate the actions aimed at adapting to those risks from the actions aimed at reducing them.
2List each measure in plain business language, then note who in the organisation owns it, so the governance lead for each action is clear.
3Gather support for every measure: keep the documents, approvals, plans, or other records that show the action exists and can be traced back to the organisation’s decision-making.
4For each measure, record its current stage and explain how well it is expected to work, using a short narrative where a number is not available and a figure where resources have been set aside in US dollars.
5If anything is left out, changed, or only partly covered, explain that clearly so the disclosure matches the actual position rather than an idealised version.
6Before finalising, compare the draft against the official source and confirm that the scope, ownership, status, resources, and effectiveness statements all align with the underlying requirement.
Request the data

Request the climate risk mitigation and adaptation evidence

Translate the disclosure into an internal business question — then adapt it to your organisation's own language.

What actions are in place to reduce and adapt to climate-related financial risk, who owns them, how far along are they, what resources support them, and how effective are they expected to be?

Use your organisation’s own terms first, then map them to the disclosure language. For example, if you talk about business continuity, site resilience, asset hardening, or transition planning internally, use those labels in the request and only translate them afterwards for reporting.

Weak request

Please provide the measures adopted to adapt to climate-related financial risk, the expected effectiveness, governance owner, implementation status, and resources allocated.

Why it fails: It uses framework language that may not match how the business tracks work, so the owner may not know which projects, budgets, or approvals to pull. It also does not say which part of the business, which period, or which source records to use.

Better request

Please send the current list of resilience, continuity, and risk-reduction actions for [business unit/site/portfolio] for [period], including the owner for each action, whether it is planned or already under way, the budget or spend attached to it, and a short note on how well it is expected to work. Use your normal project names and attach the source file or system reference.

Formal email template
Subject: Request for climate risk mitigation and adaptation evidence for [reporting period]

Dear [name/team],

We are preparing the climate-related risk section for [reporting period] and need your help to gather the evidence for the actions already in place, the actions being delivered, and the support behind them.

Please send, for [business unit / site / portfolio], the following in your own internal wording where possible:
- the measures currently in place or underway to reduce exposure to climate-related financial risk;
- the measures used to adapt operations, assets, or plans to climate-related financial risk;
- who owns or oversees each measure;
- the current delivery status of each measure;
- the resources set aside or spent on each measure; and
- your view of how effective each measure is expected to be.

Please include the source document or system for each item, the period covered, and any approval or governance reference. If you use different internal labels, please keep those and add a short mapping note so we can translate them for reporting.

A possible LRA training template is attached below. Please adapt this to your organisation and check the source material before sign-off.

Many thanks,
[preparer name]
[team]
[contact details]
Short Teams / Slack version
Hi [name] — could you share the evidence for the climate risk actions in [business unit/site/portfolio] for [period]?

We need: what’s in place, who owns it, current status, budget/spend, and how effective it’s expected to be. Please use your normal internal labels and add the source link or file name.

A possible LRA training template is attached below. Please adapt this to your organisation and check the source material before sign-off. Thanks.
Industry examples
Manufacturing

Context. A plant team tracks flood barriers, backup power, and heat controls in a maintenance and capital project log.

Adapted request. Please share the plant-level resilience and continuity actions for [site] in [period], including the project name, engineering owner, delivery status, approved spend, and the expected impact on downtime and asset protection. Use the names from the maintenance and capital tracker.

Example response. Returned table includes: project name, site, owner, status, approved budget (USD), spend to date (USD), expected impact, source record, and sign-off reference.

Financial services

Context. A risk team tracks branch continuity, data-centre resilience, and supplier continuity in the enterprise risk register and business continuity plans.

Adapted request. Please provide the current risk-reduction and resilience actions for [business unit] in [period], with the risk owner, committee oversight, implementation status, allocated budget, and a short note on expected effectiveness. Please use the risk register and continuity plan labels already in use.

Example response. Returned table includes: control or project name, risk category, owner, committee, status, budget (USD), expected effectiveness note, source register entry, and review date.

Draft your disclosure

Notes that turn data into a disclosure

LRA training templates — adapt them to your organisation, and check the official source before sign-off.

Method note

Describe how the company defined the climate-related financial risk actions, how it distinguished steps to limit exposure from steps to adapt, and what basis it used to judge progress, ownership, resources, and expected effectiveness.

Context note

Explain what the figures show about the company’s readiness to manage climate-related financial risk, including which actions are in place, who is accountable, how far implementation has progressed, and how much support has been committed.

Fluctuation statement

If the numbers changed from the prior period, note whether that reflects new actions added, measures completed, changes in assigned responsibility, revised resource levels, or a different view of how effective the actions are likely to be.

Content index entry
SB261-RISK-MITIGATION-ADAPTATION Measures to reduce and adapt to climate-related financial risk — [location / page] / [notes]
Download Centre

Preparation tools & forms

Professional preparation tools for SB261-RISK-MITIGATION-ADAPTATION — free with an LRA Community membership. Register once (it's free) and every download unlocks, together with the Disclosure Library, templates and the LRA AI-assistant.

Free · Community members
Go deeper · SB261-RISK-MITIGATION-ADAPTATION
Learn to prepare this disclosure end-to-end

This guide covers one statutory requirement. The California Climate Regulation course walks SB 253 and SB 261 end to end — applicability, GHG inventories, climate-risk reporting and assurance — with exercises on your own data.

Available as Guided Flex, Live Cohort, 1:1 Expert Mentorship or Corporate Programme.

Assurance readiness

For each claim, check the evidence

ClaimRiskEvidence to check
We mapped the disclosed measures to the specific climate-risk issues we said we were addressing, and we limited the coverage to the parts of the business included in the report.Assurer checks whether the coverage is complete, whether any relevant operations, sites or activities were left out, and whether the scope matches the basis used elsewhere in the report.Scope memo; list of included entities, sites and activities; boundary-setting paper; cross-check to the report’s defined perimeter; sign-off showing the same scope was used consistently.
For each measure, we kept a short note on what it is meant to do, so the reader can see how it is intended to lower exposure or help the business adjust.Assurer probes whether the description is specific enough, whether the measure really relates to the stated risk, and whether the wording overstates what the action can achieve.Measure register; project briefs; risk-to-action mapping; management papers explaining the intended purpose; review notes showing the description was checked against source documents.
Where we said a measure was already in place, we had evidence that it had moved beyond planning and into delivery or operation.Assurer checks whether implementation status is accurate, current and supported, and whether any item described as live is still only planned, approved or partially started.Project status reports; implementation tracker; approvals; completion certificates; meeting minutes; dated evidence of launch or operation; version history showing the status was updated before publication.
We named the person or function responsible for each measure and used internal records to confirm who was accountable for delivery.Assurer probes whether the named owner is real, current and appropriately senior, and whether accountability is clear where more than one team is involved.RACI or ownership matrix; org chart; committee terms of reference; appointment emails or minutes; role descriptions; evidence of escalation routes and oversight.
We set out the budget or other resources linked to the measures using the same currency basis throughout, and we checked the figures against finance records before release.Assurer checks whether the amounts are complete, correctly converted to USD where needed, and tied to the right period and project set; they also test whether any shared costs or assumptions were handled consistently.Finance extracts; budget approvals; cost centre reports; currency conversion workings; allocation methodology; reconciliation to ledger or management accounts; review and approval evidence.
Before publication, we carried out a final consistency check so the narrative, the status of the measures and the amounts disclosed all matched the underlying files.Assurer probes whether the final pack is internally consistent, whether there are contradictions between sections, and whether the published wording is supported by the working papers.Final disclosure pack; review checklist; legal/compliance or sustainability review comments; redline changes; sign-off sheet; evidence of issue resolution and final approval.

Evidence pack to prepare

Common reporting gaps

Figures are stated without the supporting narrative, or narrative without figures.Scope is inconsistent between the text and the numbers.The reporting boundary is left undefined.Material changes since the previous period are not disclosed.Estimates and measured values are not distinguished.Source records for the figures are not identified.
Common gaps

Mistakes to avoid when collecting the data

Wrong owner asked
The request goes to a policy team or sustainability lead when the person who actually tracks the controls, budget, or delivery status is elsewhere in the business.
Framework language used
The data call is sent in disclosure jargon, so teams cannot map it to their own project names, risk registers, or operational workstreams.
Scope left vague
No one states which business units, assets, or activities are in scope, so different teams send different slices of the same topic.
+ Show 5 more

Where judgement is often needed

Acquisition or disposal changes the reporting perimeter
Set out whether the measures list and spend cover the business as it stood at period end or are adjusted for bought or sold operations, and explain the basis used if the perimeter moved during the year.
Different country labels for the same control
If the same action is described differently across locations, map those local labels to one group-wide description and note any country-specific differences that affect how the measure works.
Units at the edge of the scope
Decide whether to include partially owned, newly launched, dormant, or outsourced activities where they materially affect the risk response, and explain the inclusion rule used.
+ Show 5 more
Examples

Illustrative examples

Synthetic, written by LRA — not from a company report, not text from any standard.

Illustrative (synthetic) example — manufacturing

We have put in place a programme to cut and manage climate-related financial exposure through flood defences at two sites, heat-resilient equipment upgrades, and a supplier continuity plan; these actions are led by the risk committee, with day-to-day delivery owned by the chief risk officer. Of the £12.0 million set aside for this work, £7.2 million is already committed and £4.8 million remains available, and we expect the package to lower our near-term loss exposure by about 35% once fully rolled out. - The main actions are already under way, with site works 60% complete and supplier planning complete. - We judge the measures to be moderately to highly effective because they address the largest weather-related loss drivers in our operations and logistics network.

Synthetic illustration only; shows how a reporter might describe actions taken to both limit and adapt to climate-linked financial exposure, who owns delivery, how far implementation has progressed, what resources are assigned, and the expected level of benefit.

Illustrative (synthetic) example — financial services

Our group has introduced portfolio screening, client transition support, and branch resilience upgrades to reduce and adapt to climate-related financial exposure; oversight sits with the board risk committee, while the chief sustainability officer coordinates implementation across business lines. We have allocated €3.5 million in total, of which €1.4 million has been spent and €2.1 million is reserved for the next 18 months, and we expect the measures to reduce the relevant exposure by roughly 28% once the remaining work is finished. - Implementation is partly complete: portfolio screening is live, client support is in pilot, and branch upgrades are 40% complete. - On current plans, the measures should be effective at lowering the most material weather- and transition-linked losses, though the full benefit depends on completion of the remaining actions.

Synthetic illustration only; shows a different sector using plain language to describe mitigation and adaptation actions, governance ownership, delivery status, budgeted resources, and expected effectiveness.

Company reportsReal published reports
Compare side by side →Get it free

How companies report SB261-RISK-MITIGATION-ADAPTATION in practice

Real reports where this topic is disclosed. These are report practice, not exact disclosure templates to copy.

CSX Corporation
Ground Transportation — Railroads · United States · 2024
Open report →
CSX Corporation’s 2024 Sustainability Report includes evidence of adaptation measures related to climate risk mitigation, specifically mentioning the integration of climate-related risks with enterprise risk management and engagement with Risk Leaders to prepare for nationwide impacts (p.48). However, the report does not provide clear information on the governance owner responsible for these adaptation measures, with only related context found but no explicit disclosure (p.10). Additionally, there is no quotable evidence regarding the expected effectiveness, implementation status, resources allocated, or specific risk reduction measures for adaptation in the report.
Ingersoll Rand Inc.
Electrical Equipment and Machinery · United States · 2024
Open report →
Ingersoll Rand’s 2024 Sustainability Report provides some context on governance related to climate risk management, mentioning enterprise risk management and board supervision over climate-related risks (p.64, p.71). The report also references the need to adopt adaptation measures and indicates plans to implement them if necessary, though details on resources allocated or specific implementation status are not clearly disclosed (p.73). Notably, there is no explicit information on risk mitigation adaptation measures, their expected effectiveness, or specific risk reduction actions within the report.
Cargill
Food Production — Agricultural · United States · 2025
Open report →
Cargill’s 2025 Impact Report references climate-related risks and its risk management process, including the use of an enterprise risk management framework and structured risk assessments (pp. 13, 111). The report mentions disclosure of Scope 1, Scope 2, and potentially Scope 3 greenhouse gas emissions in relation to risk management (p. 111). However, there is no evidence found regarding specific adaptation measures, governance ownership, resource allocation, implementation status, or expected effectiveness of risk mitigation actions related to SB 261 (no pages).
✓ LRA AI Assistant · Human-in-the-loop
Dr Ross Kurinko
Ask Study Studio AI assistant about this disclosure
Get practical answers for your reporting context. Your first two answers are free — join LRA Community for free to continue without a limit.
TryHow do I prepare SB261-RISK-MITIGATION-ADAPTATION?What data do I need to collect?Where can I see a real-report example?What mistakes should I avoid?
2 free answers
Check your understanding

Scenarios to work through

A finance team has approved a flood barrier upgrade for one warehouse and a heat-resilience plan for a distribution hub. The project note says the work is partly complete, but no one has named who oversees delivery or whether the budget is enough.

QShould the disclosure cover the actions taken, who is overseeing them, the current delivery stage, and the money set aside, even if some details are still being finalised?
Reveal model answer →

A risk committee has agreed to relocate some critical stock away from a coastal site and to add backup power at another facility. Management believes these steps will help, but there is no formal assessment yet showing how much risk reduction they are expected to deliver.

QCan the disclosure simply list the measures, or does it also need a plain statement of the expected effect of those measures?
Reveal model answer →

A group has split responsibilities between the sustainability lead, the operations director, and the audit committee for different climate-risk actions. The team is unsure whether to name one person, several people, or the committee structure in the disclosure.

QHow should the preparer decide who to identify as the governance owner for the risk measures?
Reveal model answer →

A company has set aside USD 2.4 million for drought planning, equipment hardening, and staff training. Two of the projects are already underway, while the training programme is scheduled for next quarter, and the team is unsure how to present the mix of completed and planned work.

QShould the disclosure separate what has already started from what is still planned, while keeping the total resources allocated clear?
Reveal model answer →
Framework references

Related framework references

How this disclosure maps across the major reporting frameworks.

California
SB261-RISK-MITIGATION-ADAPTATION
within California SB 261: Climate-Related Financial Risk Act
Open official source →
Primary
Related & explore
Go deeper · SB261-RISK-MITIGATION-ADAPTATION
Learn to prepare this disclosure end-to-end

This guide covers one statutory requirement. The California Climate Regulation course walks SB 253 and SB 261 end to end — applicability, GHG inventories, climate-risk reporting and assurance — with exercises on your own data.

Available as Guided Flex, Live Cohort, 1:1 Expert Mentorship or Corporate Programme.

FAQ

Questions this page answers

For SB261-RISK-MITIGATION-ADAPTATION, what data points do I need to gather before drafting the disclosure?+
How do I use the step-by-step 'how to prepare' section for SB261-RISK-MITIGATION-ADAPTATION?+
What should I include in the evidence pack for SB261-RISK-MITIGATION-ADAPTATION so I am assurance-ready?+
What are the six assurance claims to verify for SB261-RISK-MITIGATION-ADAPTATION?+
What are the common reporting gaps or mistakes on the SB261-RISK-MITIGATION-ADAPTATION page?+
How can I use the Prep & Assurance workbook for SB261-RISK-MITIGATION-ADAPTATION?+
What is the printable Library Card for SB261-RISK-MITIGATION-ADAPTATION used for?+
How do I turn the SB261-RISK-MITIGATION-ADAPTATION data into a draft disclosure?+
What kind of synthetic example disclosure does the SB261-RISK-MITIGATION-ADAPTATION page show?+
Can I reuse data prepared for ESRS E1 (Climate Change) for SB261-RISK-MITIGATION-ADAPTATION?+
More questions this page can help with
SB261-RISK-MITIGATION-ADAPTATION checklist for sustainability manager: what do I need before drafting?SB261-RISK-MITIGATION-ADAPTATION evidence pack: what should I collect for assurance?SB261-RISK-MITIGATION-ADAPTATION workbook download: how do I use the xlsx file?SB261-RISK-MITIGATION-ADAPTATION common mistakes: what should I avoid in the disclosure?SB261-RISK-MITIGATION-ADAPTATION narrative starters: how do I write the first draft?SB261-RISK-MITIGATION-ADAPTATION content index line: what should it look like?SB261-RISK-MITIGATION-ADAPTATION accountable owner: who should own the data and sign-off?SB261-RISK-MITIGATION-ADAPTATION delivery stage and funding set aside: how should I report progress?SB261-RISK-MITIGATION-ADAPTATION effectiveness view: how do I describe whether actions are working?SB261-RISK-MITIGATION-ADAPTATION risk reduction actions: what counts as useful supporting information?SB261-RISK-MITIGATION-ADAPTATION from company reports: how do I use the linked examples?SB261-RISK-MITIGATION-ADAPTATION ESRS E1 correspondence: what data can be reused across frameworks?
How this library is built 312 published reports indexed 63171 pages with page-level citations 247 practitioner guides