Software & IT Services

Select Language
Current language: English
The Software & Information Technology (IT) Services industry offers products and services globally to retail, business and government customers, and includes entities that develop and sell applications software, infrastructure software and middleware. The industry generally is competitive but with dominant players in some segments. Although relatively immature, the industry is characterised by high-growth entities that place a heavy emphasis on innovation and depend on human and intellectual capital. The industry also includes IT services entities delivering specialised IT functions, such as consulting and outsourced services. New industry business models include cloud computing, software as a service, virtualisation, machine-to-machine communication, big data analysis and machine learning. Additionally, brand value is important for entities in the industry to scale and achieve network effects, whereby wide adoption of a particular software product may result in self-perpetuating growth in sales.

Relevant Issues (6 of 26)

Why are some issues greyed out? The SASB Standards vary by industry based on the different sustainability-related risks and opportunities within an industry. The issues in grey were not identified during the standard-setting process as the most likely to be useful to investors, so they are not included in the Standard. Over time, as the ISSB continues to receive market feedback, some issues may be added or removed from the Standard. Each company determines which sustainability-related risks and opportunities are relevant to its business. The Standard is designed for the typical company in an industry, but individual companies may choose to report on different sustainability-related risks and opportunities based on their unique business model.
  • Environment
    • GHG Emissions
    • Air Quality
    • Energy Management The category addresses environmental impacts associated with energy consumption. It addresses the company’s management of energy in manufacturing and/or for provision of products and services derived from utility providers (grid energy) not owned or controlled by the company. More specifically, it includes management of energy efficiency and intensity, energy mix, as well as grid reliance. Upstream (e.g., suppliers) and downstream (e.g., product use) energy use is not included in the scope.
    • Water & Wastewater Management
    • Waste & Hazardous Materials Management
    • Ecological Impacts
  • Social Capital
    • Human Rights & Community Relations
    • Customer Privacy The category addresses management of risks related to the use of personally identifiable information (PII) and other customer or user data for secondary purposes including but not limited to marketing through affiliates and non-affiliates. The scope of the category includes social issues that may arise from a company’s approach to collecting data, obtaining consent (e.g., opt-in policies), managing user and customer expectations regarding how their data is used, and managing evolving regulation. It excludes social issues arising from cybersecurity risks, which are covered in a separate category.
    • Data Security The category addresses management of risks related to collection, retention, and use of sensitive, confidential, and/or proprietary customer or user data. It includes social issues that may arise from incidents such as data breaches in which personally identifiable information (PII) and other user or customer data may be exposed. It addresses a company’s strategy, policies, and practices related to IT infrastructure, staff training, record keeping, cooperation with law enforcement, and other mechanisms used to ensure security of customer or user data.
    • Access & Affordability
    • Product Quality & Safety
    • Customer Welfare
    • Selling Practices & Product Labeling
  • Human Capital
    • Labor Practices
    • Employee Health & Safety
    • Employee Engagement, Diversity & Inclusion The category addresses a company’s ability to ensure that its culture and hiring and promotion practices embrace the building of a diverse and inclusive workforce that reflects the makeup of local talent pools and its customer base. It addresses the issues of discriminatory practices on the bases of race, gender, ethnicity, religion, sexual orientation, and other factors.
  • Business Model and Innovation
    • Product Design & Lifecycle Management
    • Business Model Resilience
    • Supply Chain Management
    • Materials Sourcing & Efficiency
    • Physical Impacts of Climate Change
  • Leadership and Governance
    • Business Ethics
    • Competitive Behavior The category covers social issues associated with existence of monopolies, which may include, but are not limited to, excessive prices, poor quality of service, and inefficiencies. It addresses a company’s management of legal and social expectation around monopolistic and anti-competitive practices, including issues related to bargaining power, collusion, price fixing or manipulation, and protection of patents and intellectual property (IP).
    • Management of the Legal & Regulatory Environment
    • Critical Incident Risk Management
    • Systemic Risk Management The category addresses the company’s contributions to or management of systemic risks resulting from large-scale weakening or collapse of systems upon which the economy and society depend. This includes financial systems, natural resource systems, and technological systems. It addresses the mechanisms a company has in place to reduce its contributions to systemic risks and to improve safeguards that may mitigate the impacts of systemic failure. For financial institutions, the category also captures the company’s ability to absorb shocks arising from financial and economic stress and meet stricter regulatory requirements related to the complexity and interconnectedness of companies in the industry.

Disclosure Topics

What is the relationship between General Issue Category and Disclosure Topics? The General Issue Category is an industry-agnostic version of the Disclosure Topics that appear in each SASB Standard. Disclosure topics represent the industry-specific impacts of General Issue Categories. The industry-specific Disclosure Topics ensure each SASB Standard is tailored to the industry, while the General Issue Categories enable comparability across industries. For example, Health & Nutrition is a disclosure topic in the Non-Alcoholic Beverages industry, representing an industry-specific measure of the general issue of Customer Welfare. The issue of Customer Welfare, however, manifests as the Counterfeit Drugs disclosure topic in the Biotechnology & Pharmaceuticals industry.
General Issue Category
(Industry agnostic)

Disclosure Topics (Industry specific) for: Software & IT Services

Energy Management
  • Environmental Footprint of Hardware Infrastructure

    With the growth of cloud-based service offerings, entities in this industry own, operate or rent increasingly more data centres and other hardware. Thus, managing the energy and water use associated with IT hardware infrastructure is relevant to value creation. Data centres must be powered continuously, and disruptions to the energy supply can have a material effect on operations, depending on the magnitude and timing of the disruption. Entities face a trade-off between energy and water consumption because of data centre cooling needs. Cooling data centres with water instead of chillers improves energy efficiency, but this method may create dependence on significant local water resources. Data centre specification decisions are important for managing costs, obtaining a reliable supply of energy and water, and reducing reputational risks, particularly with the increasing global regulatory focus on climate change and the opportunities arising from energy efficiency and renewable energy innovations.
Customer Privacy
  • Data Privacy & Freedom of Expression

    As software and IT services entities increasingly deliver products and services over the Internet and through mobile devices, they must carefully manage two separate and often conflicting priorities. On the one hand, entities use customer data to innovate and provide customers with new products and services and to generate revenues. On the other hand, there are privacy concerns associated with entities having access to a wide range of customer data, such as personal, demographic, content, and behavioural data. This dynamic is leading to increased regulatory scrutiny in many countries around the world. The delivery of cloud-based software and IT services also raises concerns about potential access to user data by governments that may use it to limit the freedoms of citizens. Effective management in this area is important to reduce regulatory and reputational risks that can lead to decreased revenues, lower market share, and regulatory actions involving potential fines and other legal costs.
Data Security
  • Data Security

    Software & IT services entities are targets of growing data security threats from cyber attacks and social engineering, which puts their own data and their customers’ data at risk. Inadequate prevention, detection, and remediation of data security threats can influence customer acquisition and retention and result in decreased market share and lower demand for the entity’s products. In addition to reputational damage and customer turnover, data breaches can also result in increased expenses, commonly associated with remediation efforts such as identity protection offerings and employee training on data protection. Meanwhile, new and emerging data security standards and regulations are likely to affect the operating expenses of entities through increased costs of compliance. Additionally, entities in this industry are well-positioned to uncover revenue opportunities by providing secure software and services to meet the demand for ensuring data is kept secure.
Employee Engagement, Diversity & Inclusion
  • Recruiting & Managing a Global, Diverse & Skilled Workforce

    Employees are key contributors to value creation in the Software & IT Services industry. While the number of job openings in the industry continues to grow, entities commonly find it difficult to recruit qualified employees to fill these positions. The shortage in technically skilled domestic employees has created intense competition to acquire highly skilled employees, contributing to high employee turnover rates. To respond to talent shortages, entities often hire foreign nationals and offshore operations, creating employee management and sustainability challenges and related business risks. Some entities contribute to relevant education and training programs to expand the availability of domestic, skilled employees. Entities offer significant monetary and non-monetary benefits to improve employee engagement and therefore retention and productivity. Initiatives to improve employee engagement and work-life balance may influence the recruitment and retention of a diverse workforce. The industry is characterised by relatively low representation from women and minority groups; efforts to recruit from and develop diverse talent pools can serve to address the talent shortage and generally improve the value of entity offerings. Greater workforce diversity is important for innovation and helps entities understand the needs of their diverse and global customer base.
Competitive Behavior
  • Intellectual Property Protection & Competitive Behaviour

    Entities in the Software & IT Services industry spend a significant proportion of their revenues on IP protection, including acquiring patents and copyrights. While IP protection is inherent to the business model of some entities in the industry and is an important driver of innovation, entities’ IP practices can sometimes be a contentious societal issue. Entities could sometimes acquire patents and other IP protection to restrict competition and access to benefits from innovation, particularly if they are dominant market players. Due to the complexity of software, its abstract nature, and increasing IP rights protection related to software, entities in the industry must navigate overlapping patent claims to be able to operate. As a result, entities in the industry may find themselves constantly in litigation or subject to regulatory scrutiny either due to allegations of patent violations if they engage in unethical business practices, or are perceived as doing so, or because they are suing others for IP infringement. Adverse legal or regulatory rulings related to antitrust and IP can expose entities in the industry to costly and lengthy litigations and potential monetary losses as a result. Such rulings may also affect an entity’s market share and pricing power if its patents or dominant position in key markets are legally challenged, with potentially significant impacts on revenue. Therefore, entities that can balance the protection of their IP and its use to spur innovation while ensuring their IP management and other business practices do not unfairly restrict competition, have the potential to lower regulatory scrutiny and legal actions while protecting their market value.
Systemic Risk Management
  • Managing Systemic Risks from Technology Disruptions

    With trends towards increased cloud computing and Software as a Service (SaaS), software and IT service providers must ensure they have robust infrastructure and policies in place to minimise disruptions to their services. Disruptions such as programming errors or server downtime may generate systemic risks, because computing and data storage functions move from individual entity servers in various industries to data centres of cloud-computing service providers. The risks are increased particularly if the affected customers are in sensitive sectors, such as financial institutions or utilities, which are considered critical national infrastructure. Entities’ investments in improving the reliability and quality of their IT infrastructure and services may attract and retain customers, thereby creating revenue and opportunities in new markets.

Select up to 4 industries

Current Industry: Software & IT Services

Technology & Communications
Consumer Goods
Extractives & Minerals Processing
Food & Beverage
Health Care
Renewable Resources & Alternative Energy
Resource Transformation

Tell Us About Yourself

While it’s free to download SASB Standards, we request the following information to better understand how the Standards are being used.

Content Use Policy

The SASB Standards are made available for free for non-commercial use, such as corporate disclosure. The content in the SASB Standards is copyrighted. All rights reserved. Commercial use of the content in the SASB Standards – including for investment analysis, data services, and product development - is not permitted without consent. To request more information, please contact us at: [email protected].

Stay Informed: Please tick the below boxes to subscribe to specific email updates. The IFRS Foundation is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us.

You can unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow the IFRS Foundation to store and process the personal information submitted above to provide you the content requested.

We encourage you to visit the IFRS Foundation notification dashboard to register for an account and sign up for additional email subscriptions you may be interested in, such as notifications about the ISSB and the IFRS Sustainability Disclosure Standards.