ESG due diligence in IT procurement means systematically evaluating the environmental, social, and governance risks associated with your technology purchasing decisions. As regulatory requirements expand and stakeholder expectations rise, organisations that integrate ESG considerations into their procurement processes are better positioned to manage risk, meet compliance obligations, and demonstrate responsible business practices.
What ESG Due Diligence Looks Like in Practice
ESG due diligence for IT procurement goes beyond checking a box on a vendor scorecard. It involves understanding the full lifecycle implications of the equipment you buy, from raw material extraction through manufacturing, use, and end-of-life management. In practice, this means asking questions and seeking evidence at every stage of the procurement process.
Before purchasing, consider the environmental footprint of the equipment (embodied carbon, energy efficiency, recyclability), the labour practices in the manufacturer’s supply chain, the governance structures and ethical standards of the vendor, and how the equipment will be managed at end of life and what options exist for refurbishment, recycling, or responsible disposal.
Environmental Due Diligence
Environmental due diligence for IT procurement covers several areas. Embodied carbon matters because the manufacturing of IT equipment is energy intensive. A single laptop carries roughly 300 to 400 kg of embodied CO2e, and servers can carry several tonnes. Requesting this data from suppliers and factoring it into procurement decisions helps you manage your Scope 3 emissions.
Energy efficiency during the use phase is also important. Equipment with better energy ratings reduces your operational environmental footprint. Look for ENERGY STAR certification and compare power consumption specifications across options.
Design for recyclability varies significantly between manufacturers. Equipment designed with recyclability in mind, using fewer mixed materials, fewer adhesives, and more modular construction, is easier and less costly to process at end of life, and recovers a higher percentage of materials.
Hazardous substance management is relevant because regulations like the EU’s RoHS (Restriction of Hazardous Substances) restrict certain toxic materials in electronics. Verifying RoHS compliance, even for equipment sold in Australia where RoHS is not directly applicable, ensures a higher environmental standard.
Social Due Diligence
Social due diligence focuses on the human impacts of your IT supply chain. Labour practices in electronics manufacturing have been widely documented as an area of concern, with issues including excessive working hours, inadequate wages, poor health and safety conditions, and in some cases forced labour or child labour.
Practical social due diligence steps include reviewing manufacturers’ Modern Slavery Statements and sustainability reports, checking whether manufacturers participate in industry initiatives like the Responsible Business Alliance, asking about conflict minerals policies and responsible sourcing programmes, understanding the manufacturer’s approach to worker health and safety, and enquiring about the labour practices of subcontractors and component suppliers.
For Australian organisations above the $100 million revenue threshold, the Modern Slavery Act 2018 (Cth) creates specific obligations to identify and report on modern slavery risks in your supply chain, including IT procurement.
Governance Due Diligence
Governance due diligence evaluates the ethical standards, transparency, and accountability of your IT vendors. This includes anti-corruption and bribery policies, data privacy and security practices (particularly important for vendors who may have access to your systems during installation or maintenance), corporate governance structures and board oversight, transparency of reporting and willingness to share information, and track record on regulatory compliance and any history of violations or controversies.
For ITAD providers specifically, governance due diligence should also examine their data destruction processes and certifications, their chain of custody documentation, their insurance coverage, and their contractual willingness to accept liability for data breaches or environmental incidents caused by their operations.
Integrating ESG into Procurement Processes
Effective ESG due diligence is embedded in your procurement process rather than treated as a separate exercise. At the policy level, your IT procurement policy should include ESG criteria and minimum standards. At the tender stage, requests for proposal should include ESG questions and require evidence of certifications, policies, and performance data. During evaluation, ESG criteria should carry a defined weight in the overall vendor scoring. In the contract, ESG obligations should be formalised, including reporting requirements, performance standards, and audit rights. And during the ongoing relationship, regular reviews should assess ESG performance alongside commercial and technical performance.
Common Challenges
Organisations commonly encounter several challenges when implementing ESG due diligence in IT procurement. Data availability can be an issue, as not all vendors readily provide detailed environmental or social data. Starting with what is available and progressively requesting more is a practical approach. Resource constraints mean that thorough due diligence takes time and expertise. Focusing your deepest assessment on the highest-risk and highest-spend vendor relationships prioritises your effort effectively. Cost pressure arises because more sustainable options sometimes cost more upfront, though they often deliver lower total cost of ownership when lifecycle factors are considered. Building the business case for lifecycle costing helps justify these decisions. Internal alignment requires buy-in from IT, procurement, finance, and sustainability teams. A cross-functional working group can help align priorities and share the workload.
For a broader view of how ESG considerations apply across the IT lifecycle, including procurement and end-of-life management, see our guide on ESG reporting and e-waste for Australian businesses.
]]>