Coro’s Blog: On Purpose

By Coro Strandberg and Stephen Mallory


Coro Strandberg is Co-Chair and Founder of the Canadian Purpose Economy Project and the President of Strandberg Consulting. Stephen Mallory is CEO of Directors Global Risk Consulting Inc.

More companies than ever are embracing a social purpose as their reason for being—a bold and necessary shift in how businesses contribute to society and the environment. But a company’s purpose is only as credible as its ability to live it.

What’s often missing from this equation is how purpose is treated in risk management. Few organizations consider that their purpose carries its own risk profile: there are risks to achieving the purpose, and there are risks that arise from pursuing it. As we enter a new phase of sustainability maturity, it’s time for sustainability and risk leaders to close this gap.

Purpose Isn’t Risk-Free

Purpose can be a company’s greatest strength—attracting talent, aligning strategy, engaging stakeholders, and opening new markets. But it also introduces new vulnerabilities. For example:

• Stakeholders may doubt the organization’s commitment and call out “purpose-washing”
• Employees might not understand how to act on the purpose in their roles
• Strategic priorities might drift away from the core purpose
• Boards may fail to govern purpose properly, putting long-term value at risk

At the Canadian Purpose Economy Project (CPEP), we see these as risks that deserve boardroom-level attention. Yet most companies don’t include them in their enterprise risk management systems.

That’s why CPEP partnered with Directors Global Risk Consulting to publish Enhancing Risk Management Practices: A How-to Guide for Social Purpose Companies—the first guide of its kind to help risk and sustainability leaders integrate purpose into their risk frameworks. The message is simple: to advance purpose effectively, we must also manage its risks systematically.

Beyond ESG: A New Risk Lens for Purpose-Led Business

Environmental, social and governance (ESG) risks have become well-established in most risk and sustainability programs. But purpose risks are different. ESG risks assess how external factors impact company performance. Purpose risk asks: What could derail our reason for being? What risks might arise as a result of pursuing it?

Purpose risks are strategic, operational, cultural, and reputational. Ignoring them puts the entire purpose journey at risk—and can quickly erode stakeholder trust.

Our guide offers a five-step approach to managing purpose-related risks and opportunities, adapted from standard enterprise risk management practices:

1. Risk Identification – Use external scans and stakeholder input to identify factors that could impede or arise from pursuing your purpose.
2. Risk Assessment – Prioritize based on impact, likelihood, and the strength of existing controls.
3. Risk Treatment and Optimization – Mitigate top risks and optimize opportunities, embedding purpose risk into strategy, innovation, and crisis planning.
4. Monitoring – Use key risk indicators (KRIs) linked to purpose progress.
5. Reporting – Internally and externally, communicate how risks to and from the purpose are being addressed.

Critically, every step involves deepening your purpose commitment. The way to manage purpose risks isn’t to dial back your purpose—it’s to double down on it.