Accountability through Sustainability Data Governance: Reconﬁguring Reporting to Better Account for the Digital Acceleration

: Accountability assessment is a highly relevant challenge for companies nowadays. The COVID-19 pandemic prompted a digital acceleration in business environments, which in turn brought more focus on sustainability practices that could help organizations better demonstrate their accountability, thus making them more resilient to the ever-changing socio-economic context. Therefore, this paper aims to evaluate how to further improve corporate accountability (on a strategic and operational level), taking advantage of the digitalization changes that companies are being forced to go through and applying them to the sustainability evaluation process, including the reporting as its ﬁnal output. The ﬁrst research outcome is a combined framework, based on data governance and sustainability literature models, seeking to optimize the manageability of sustainability data. The second outcome is a matrix, based on a content analysis of 20 sustainability reports, representing eight possible types of behavior that companies adopt when integrating digitalization practices into their sustainability evaluation process. The aim is to explore how the communication of digital activities could reﬁne the diligence of the sustainability assessment process, with disclosure representing its last step. Finally, the ‘leading’ case was broken down into the general strategic components that could potentially be included in a balanced data-sustainability reporting strategy.


Introduction
Corporate digitalization is a currently relevant topic that, up until recently, has been dictated by regular competitive dynamics. Market leaders, seeking to align their productivity levels to the market's evolving needs (and having the investment capacity to do so), introduce innovations that transform conventional business models and set benchmarks. This has a ripple effect on the digital transformation of the remaining companies, which begin to apply advanced technologies that would enable them to seize novel market opportunities, also by adapting to the changing digitalization expectations of consumers [1].
At the beginning of 2020, however, the entire world was forced to undergo a sudden transition. The outbreak of the COVID-19 pandemic prompted the implementation of a series of containment measures that resulted in the acceleration of the digital transformation globally [2][3][4]. Such interventions greatly increased society's reliance on digital systems, with internet traffic growing up to 60% [5]. In the business context, specifically, such a rushed digitalization became the new imperative for companies' continuity, both in terms of growth of operations and survival in the market, with small-medium enterprises (SMEs) struggling the most [6][7][8]. Several firms subsequently began acquiring digital tools more intensively (e.g., +3% surge of e-commerce in 2020's share of global retail trade) [5].
Despite being perceived as highly coercive in a business context, many firms were receptive to this digital 'migration', as they realized the long-term benefits that it could bring to their activity. The SMEs that are now actively transitioning, for example, do so because this could: (i) greatly improve their organizational resiliency to potential future company-wide accountability, which has the function of making corporate data practices more flexible and adaptable to emerging market demands and business models [31][32][33]. The European Commission, thus, reiterated its commitment through the Next Generation investment plan, in order to help the European society and businesses become more resilient by using recovery funds to expedite the twin transition even further [34]. In light of the 'twin transition' path set forward by the European policy context, and considering that the COVID-19 pandemic has only intensified the need for digitalization and accountability, while at the same time providing an opportunity to improve both (through the tools that companies began using more intensively), this study aims to provide an answer to the following question: How can the tools and practices that have been normally applied to support digitalization be of service to making sustainability assessment more rigorous, thus helping companies to better demonstrate their accountability?
In order to gain an in-depth understanding of this aspect, a macro-micro corporate perspective is applied in the analysis: • On a macro-strategic level: how can data governance, a digitalization construct built on the accountability approach, be combined with the sustainability assessment process to further improve the accountability of a business? • On a micro-operational level: how do companies communicate their digitalization efforts to strengthen sustainability reporting, the ultimate outcome of the sustainability assessment process, ultimately increasing their accountability to stakeholders?
This paper will therefore be making two main contributions, respectively. First, by resorting to the elements of data governance and sustainability assessment found in the extant literature, an integrated framework is proposed. Second, a matrix of the reporting behaviors adopted by companies is developed based on an empirical analysis of sustainability disclosure documents, with the 'leading' case being then analyzed more in depth.
The remainder of the paper is structured as follows: Section 2 presents the theoretical concepts that are at the core of data governance and sustainability assessment; Section 3 describes the adopted research method and information gathered; Section 4 presents the main outcomes of the paper, the framework and matrix; Section 5 discusses the results and concludes the paper.

Digital Transformation and Business Strategy
COVID-19 brought along several challenges for businesses-including in the domains of management of employees and supply chains, planning budgets, inventory management, production, definition of suitable business models [35], and knowledge management [36]. Nonetheless, emerging technologies (e.g., big data, Artificial Intelligence-AI) have disrupted business as usual, proving to be efficient tools in driving the business innovative capacity [37], promoting high performance levels [38], and providing operational guidance to firms in the present scenario, and possible similar situations in the future [35]. The nature of accounting and auditing, in particular, was profoundly changed in the way they are administered, requiring a new digital skillset and the right digital technologies to increase their reliability [39,40].
A digital transition at the corporate level, in order to be successfully carried out, requires businesses to develop an integrated and interdisciplinary approach [41] while supplementing the adoption of new technologies with a strategic change. A company can pursue a digital strategy that either focuses on the digital solution itself (data and product/service) or the excellence in customer experience. Whatever the focus, a digital strategy will simultaneously take into consideration the organizational culture and business model, employee preparedness, networks (e.g. partnerships, strategic alliances, supply chain agility and automation), customer engagement, operations (decision-making, process efficiency, and automation) [42], as well as portfolio innovation [43] and digital risks (obsolescence, unauthorized data use, inefficient business processes, lacking digital skills, etc.) [44]. These elements eventually define the digital performance level of an organization [1].
A digital strategy performs six main functions: (1) setting a long-run vision for the digital transformation path; (2) dividing the digital vision into different objectives; (3) assessing the current digital maturity level of the company (identifying strengths, weaknesses, opportunities for improvements, competitive environments and gaps in capabilities, resources, and technologies); (4) selecting and prioritizing technologies, capabilities, and methods for allowing employees to adjust to the new/re-engineered way of working; (5) defining how the new digital culture will be created; (6) monitoring progress and effectiveness of the strategy [43,44].
The ability of the digital strategy to be efficient also depends on how digital architecture can align the information technology (IT) function and the overall organization strategy and provide the necessary methods and tools (e.g., frameworks, system development, and management) to manage the digital transformation complexity (costs, system rigidity, delays in change deliveries, etc.) [45].

Digital Transformation and Data Governance
The uptake of the digital transformation led to an increase in available data, which is nowadays becoming a progressively strategic commodity, comparable to a currency that 'fuels' the digital transition itself and demonstrates its advancement. It should be, hence, handled properly, similarly to facility and people assets [46][47][48][49]. However, its abundance brings along several issues related to security breaches, reputation, intellectual property rights, management costs, and unsure returns from technology investments, which all call for the adaptation and improvement of management capabilities [47,50,51].
One fundamental principle of data management that should be addressed in the first place to optimize the value of corporate data assets is data governance [52], whose purpose is to ensure that company targets can rely on accessible, complete, relevant, shareable, and qualitative data across the entire organization. Data governance helps to manage the collection, integration (from various sources), monitoring, analytics and modeling (for data-driven decisions), and control of data throughout its life cycle [46,47,50,51], ensuring the maximization and ethical-regulatory compliance of the data potential [53].
At its very core, governance builds upon a data strategy that-similarly to the more comprehensive digital transformation strategy-helps to define a vision with the related objectives, the strategic principles against which every strategic decision will be validated, as well as a set of clearly defined and easily measurable performance metrics for assessing the impact of each activity or project [51]. Data policies represent an extremely useful instrument in circulating the data vision across the functions, but especially in making the company commitment more explicit [47,54]. Furthermore, three other important data management capabilities support the efficient execution of data governance: namely, data stewardship, data-oriented organizational culture, and data architecture. The first concept refers to the internal assignment of responsibilities for the various digital change activities [50,55], while the second deals with the engagement of workers, making them willing to accept the new digital transition and mindset [50,56] while reinforcing their digital skills and literacy to allow for a smoother transition [47,57]. For what concerns data architecture, it refers to the technology infrastructure and the practical aspects of mapping, handling, and combining various technologies (e.g., software, hardware, and monitoring tools) [47,51,54] for managing the lifecycle (acquisition, storage, processing, and disposal), quality across the lifecycle [58], and value of data resources [59]. The complexity of data governance increases when dealing with inter-organizational relationships, such as in the case of business groups or networks. Such entities are composed of various organizations that share data and resources amongst each other, therefore data governance must take a different conceptual form. In fact, in these instances, it is often referred to as data ecosystem governance, a type of interactive and collaborative environment for co-creating service value based on data. The evolution of such data ecosystems strictly depends on the success of the technical infrastructures, which in this particular instance are platform-based [60].
The above concepts have been gathered into comprehensive data governance frameworks (DGF), both in academic and practice literature. The most complete ones are the DGF for the industry 4.0 environment [61], the DGF from the Data Governance Institute [62], the data quality process framework [63], and the enterprise DGF [64], which follow the same structure. At the very top, there is the strategic planning, with a definition of the vision, goals, key performance indicators (KPIs), and data policies/rules. These elements are supported by the identification of process owners and stakeholders, the organizational culture (managing the change for employees), and the technologies adopted. Data lifecycling ensures quality and risk management through periodic controlling procedures on the key attributes' completeness, accuracy, consistency, timeliness, and security. The results and sources of data quality discrepancies and inconsistency between goals and results are analyzed to then implement any improvement plans.

Sustainability Data, Reporting, and Digital Tools
The sustainability performance of a company is usually measured through the triple bottom line (TBL), which refers to the accounting of financial, social, and environmental variables [65]. Every topic belonging to each of these three sustainability dimensions can be converted into a distinct sustainability data item [66] by referring to sustainability accounting. This is an integrated financial system that defines the principles and procedures for measuring sustainability metrics [67,68]. The Global Reporting Initiative (GRI)-currently cooperating with the European Financial Reporting Advisory Group (EFRAG) to foster international convergence in sustainability reporting [69]-represents the most common methodology in practice to compute these evaluations. Sustainability data is presented to stakeholders in a corporate sustainability report [70], representing the final product of the sustainability assessment process [71,72]. Such conventional management evaluations as KPI, when combined with the TBL approach, become the sophisticated building blocks of nonfinancial (or sustainability) reporting [19].
A sustainability report is a publication through which the majority of firms (around 80% globally) respond to the growing demand by stakeholders (e.g., investors, nongovernmental organizations, customers, regulators) to assess the non-financial performance of businesses [73,74], along with their ability to manage sustainability risks [75], making it the main reporting reason in around 50% of cases [76]. This is strictly related to the ability of stakeholders to influence an organization's reputation and subsequent capacity to attract investments, customers, and talents.
Sustainability results are deemed credible by stakeholders only if they are comparable across years and firms and if the collected information is verifiable through the use of widely adopted frameworks (such as the aforementioned GRI), and is also balanced, hence considering both negative and positive impacts, but also includes completeness of data perspectives (social-environmental, short-long term, quantitative-qualitative) [73,74]. Sustainability disclosure is also an important feedback mechanism for the entire sustainability strategy, which enables assessment of outcomes and resetting goals if needed [75].
The reporting process consists in defining the material topics (corporate sustainability impacts that are considered critical by both the company and its stakeholders) [20], collecting and aggregating data, developing the content, and publishing it. These tasks are somewhat time-consuming for a firm, especially considering that most organizations manually gather and elaborate information through legacy systems (e.g., spreadsheets or surveys for enquiring on stakeholder materiality). This is where digital solutions for data mining-such as artificial intelligence for data extraction, software, blockchain, and XBRL technologies-can help automate and speed up the entire reporting process, while at the same time improving data accuracy and transparency [29].
Additionally, digital technologies can be incorporated into the sustainability reporting process downstream, with respect to communication formats. This helps companies to move beyond the traditional PDF file, which does not provide an efficient ground for an open dialogue with the reader, towards more interactive and tailored reports for each stakeholder category, with engaging data visualization, animation, and storytelling [77].
In both cases, a cultural shift is deemed mandatory, since it would introduce the workforce of a certain company to a new data-driven mindset [29].
The sustainability assessment process has also been analyzed from a framework perspective in literature. It is interesting to note the similarities of certain constructs to those found in DGFs: the sustainability strategy sets a vision and targets, declining the sustainability values, policies, and indicators, along with the stakeholders and processes responsible for them and defining the internal sustainability culture. In addition to the DGF, organizational sustainability assessment frameworks [78][79][80] and the business excellence model for sustainability [81] found in literature contribute in terms of the methods and tools for evaluating sustainability data, as well as the reporting and controlling of results.

Methods and Data
Given that digitalization and sustainability are challenges that go hand-in-hand in the present societal context, companies could leverage the existing data governance paradigms to improve the overall management quality of their economic, social, and environmental accountability. Under the previous assumptions, this paper will seek to test the following propositions: P1) Companies can improve the clarity and solidity of their sustainability assessment process as a whole by making use of data governance principles and structure.
P2) When dealing with the last phase of the assessment, reporting, businesses adopt various degrees of integration between information on their sustainability initiatives and digitalization efforts to demonstrate their accountability to stakeholders.
P3) Among such reporting attitudes, certain company cases are interesting to be analyzed in depth because they provide a good content balance between overall company data/digitalization and sustainability data.
The methodological approach adopted in this paper was based on a two-fold qualitative analysis, both on a corporate macro-strategic and micro-operational level.
The first assessment relied on a literature analysis of conceptual frameworks on data governance and sustainability assessments, carried out in the theoretical background section. The objective of this analysis was to find the parallelisms between the digitalization and sustainability strategy, and therefore the points of 'contact' between the two, as well as the additional factors that could help improve the solidity of the sustainability assessments process through certain constructs which support the accountability of corporate digitalization (data governance). The criteria used to select the frameworks in literature were (1) comprehensiveness of the DGFs (that include all the most common elements of data governance found in literature) and (2) fit of sustainability assessment frameworks with DGF structure (presence of common elements). This resulted in the proposal of a framework for improving the quality of sustainability data governance, based on the integration of various models found in literature into a new, unified model.
As for the operational level, secondary data was collected from a sample of 20 selected corporate sustainability reports, retrieved through the search engine. The sample size was chosen according to expert recommendations [82], whereas the search engine was picked as a retrieval method due to the fact that the sustainability report is a digitalized tool, hence requiring publication on the corporate website (traditional PDF or digital content) for transparency to external audiences [77]. Additionally, considering that search engine optimization (SEO) ensures a competitive advantage in visibility, firms in the first positions are the ones willing to promote the quality of sustainability web content more [83], therefore guiding the disclosing attitude in their market of reference [84].
For this reason, the companies that constituted the sample are leading companies, whose example is interesting to study due to their capability to determine the speed and Sustainability 2021, 13, 13814 7 of 18 mode of adaptation of the rest of the market players, and especially SMEs, which tend to get inspired in their actions by the leaders [1].
The following table (Table 1) presents the sampled companies and their sectors, linking each to their respective reporting behavior, described under Section 4.2. The selection criteria adopted to identify suitable reports were: (i) availability, within the document, of any information on the digitalization practices adopted by the company (with at least a mention through a keyword); (ii) English or Italian as the reporting language; (iii) publication of the full-text in PDF format on the company's website or dedicated web page combining digitalization values and sustainability initiatives. The keywords used to find such reports were: "sustainability report" and "digital/digitalization/ data governance".
A content analysis was performed on the reports to identify the differences between how companies reported on their digitalization activities within their sustainability disclosures, as additional information to what the most mainstream sustainability disclosure frameworks usually require. The aim of this second evaluation was to understand the degree of integration of the two 'twin-concepts' of sustainability and digitalization in the final output of the assessment process, assuming that a higher integration also means a better demonstration of accountability. Afterward, the reports were compared to summarize any common patterns of disclosing behavior, assigning a label to each. This screening served as a basis to draw a matrix illustrating the typical digital disclosing positions that a company might find itself in (degrees of integration of data governance into sustainability reporting). Finally, the most extreme company case was further broken down to extrapolate the characteristics of its sustainability-data reporting strategy, which, among the sampled firms, appeared to be the most integrated.
Summing up, based on the above propositions, the outcomes that resulted from this study are: P1) A sustainability data governance framework P2) A matrix of reporting behaviors P3) An analysis of the leading case from the matrix

Theoretical Framework for Sustainability Data Governance
Data is an indispensable component in the success of corporate sustainability projects, including reporting effectiveness and sustainability assessments of supply chain procurement requested by clients. Especially because the larger the volume, the more potentially valuable insights can be derived from data about a company's sustainability performance, which in turn enables decision-making on whether a certain sustainability aim is worth pursuing or if the path should be slightly adjusted. The challenging part, however, comes with sustainability data governance, because any kind of information needs to be processed in order to become useful, but given the time-consuming nature of data management (e.g., cleaning data, computing indicators), organizations tend to neglect its importance [85].
Sustainability data is indeed peculiar, due to the non-immediate measurability of environmental and social metrics, as well as a set of other specific issues. These include, but are not limited to, the lack of data credibility perceived by stakeholders [86], inaccuracies and inconsistency of reporting metrics, wrong data imputation [30], gaps in data [87], poor data transmission between functions [85], no clear assignment of data responsibility [88], inconsistent methodologies for data normalization [89], and diverse data provision frequencies and details required by different stakeholders [29].
Most companies (58%) are aware that data reliability represents a fundamental challenge for their sustainability reporting, closely following the definition of company impact indicators (78%), which can be easily overcome through a materiality analysis. The lack of data credibility builds upon inefficient systems for collection (56%), analysis and use (53.7%). Such inefficiencies can, however, be explained by the fact that, in over half of the cases (60%), firms keep on relying on Excel for manually managing the complexity of sustainability data (increasing error likelihood), with a mere 30% adopting a dedicated sustainability reporting software and 20% an internal customized software [76].
When it comes to aggregating data from various entities (e.g., in a supply chain, network, or business group), the additional issues of data consolidation, coordination, and retrieval add up because each organization sticks to its own methods, tools, and schedules [29].
Only data quality (accuracy, timeliness, comprehensiveness, comparability) can help derive the most value out of sustainability indicators and provide support to successfully pursue the goals defined through the sustainability strategy. Should a company fail to account for quality, it would risk incurring expenses of up to 30% of its profit [85].
A solution offered by literature is to adopt technologies for data visualization (filters, graphs, comparing charts) and data collection automation, for simplifying the summarization and manipulation of large data volumes, improving cross-functional coordination and transparency, as well as cutting out time to dedicate to more strategic activities (e.g., stakeholder communication, management of sustainability projects) [85].
Nevertheless, the effectiveness of the entire disclosing process can only be achieved if data governance concepts are incorporated starting from the sustainability strategy and throughout the entire sustainability assessment procedure [28]. Therefore, based on the analysis of frameworks from the theoretical background (2.2, 2.3), this study proposes an At the very top, the integrated strategy represents the core element of the model. One of its main functions is to help a company define a vision, splitting it into goals, as well as the strategic benchmarking principles of its corporate sustainability and data. This will allow company-wide and sustainability-related data to accurately support the sustainability assessment process while moving in the same direction. In order to formally ensure this commitment, companies can develop specific internal data policies (or rules) that will guide the management of sustainability information within the organization, and through which a business can become more accountable to its stakeholders. Given the centrality of key performance indicators in the assessment process, these are to be defined as a strategic element at the very beginning of the evaluation. Within this layer, the data management function will assist in finding those metrics that can transmit a firm's sustainability impact in the most immediate and comprehensible way.
Once the strategy is defined, it will be then necessary to establish data stewardship by assigning the responsibilities and supervision roles for sustainability data within the company (which business functions provide, elaborate, and collect data), while at the same time mapping the (potential or actual) stakeholders to the type of sustainability data they expect the company to monitor.
Additionally, the organization in question should properly handle the essential but, at the same time, sensitive topic of corporate culture (which revolves around the people that are part of an organization), both throughout the recurring implementation of the assessment process in time, as well as whenever a change occurs within the system (introduction of new methods, switching strategic directions, etc.). To control for this aspect properly, the company would need to appoint the most appropriate internal specialists to the new roles, but also train the entire workforce on the themes of sustainability and digitalization, so that the strategic change can occur without much struggle.
Sustainability and digital culture are relatively novel concepts for companies [90,91], meaning that industry best practices on how to deal with them are still under development, and it will take time to understand how to properly manage this aspect. Accordingly, a firm should carefully consider the best approaches to engage and involve employees in the change process, through training and distribution of new tasks that fit with individual aspirations and abilities, for example.
The ones seen so far are the most higher-level elements of the assessment process. Once they are defined, they will serve as a reference for all the operational activities. The company can, thus, move on to designing (new) or running (existing) operational activities. On the digital side, this translates into the development of the organizational data architecture; that is to say, the management of data resources across their entire lifecycle At the very top, the integrated strategy represents the core element of the model. One of its main functions is to help a company define a vision, splitting it into goals, as well as the strategic benchmarking principles of its corporate sustainability and data. This will allow company-wide and sustainability-related data to accurately support the sustainability assessment process while moving in the same direction. In order to formally ensure this commitment, companies can develop specific internal data policies (or rules) that will guide the management of sustainability information within the organization, and through which a business can become more accountable to its stakeholders. Given the centrality of key performance indicators in the assessment process, these are to be defined as a strategic element at the very beginning of the evaluation. Within this layer, the data management function will assist in finding those metrics that can transmit a firm's sustainability impact in the most immediate and comprehensible way.
Once the strategy is defined, it will be then necessary to establish data stewardship by assigning the responsibilities and supervision roles for sustainability data within the company (which business functions provide, elaborate, and collect data), while at the same time mapping the (potential or actual) stakeholders to the type of sustainability data they expect the company to monitor.
Additionally, the organization in question should properly handle the essential but, at the same time, sensitive topic of corporate culture (which revolves around the people that are part of an organization), both throughout the recurring implementation of the assessment process in time, as well as whenever a change occurs within the system (introduction of new methods, switching strategic directions, etc.). To control for this aspect properly, the company would need to appoint the most appropriate internal specialists to the new roles, but also train the entire workforce on the themes of sustainability and digitalization, so that the strategic change can occur without much struggle.
Sustainability and digital culture are relatively novel concepts for companies [90,91], meaning that industry best practices on how to deal with them are still under development, and it will take time to understand how to properly manage this aspect. Accordingly, a firm should carefully consider the best approaches to engage and involve employees in the change process, through training and distribution of new tasks that fit with individual aspirations and abilities, for example.
The ones seen so far are the most higher-level elements of the assessment process. Once they are defined, they will serve as a reference for all the operational activities. The company can, thus, move on to designing (new) or running (existing) operational activities. On the digital side, this translates into the development of the organizational data architecture; that is to say, the management of data resources across their entire lifecycle (acquisition, processing and analysis, warehousing and disposal). It is at this stage that the identification of material topics should also take place. Data architecture additionally allows companies to leverage on internal data sharing and visualization to support their decision-making, as well as to provide relevant information to external auditors. During this phase, the best technologies (for example artificial intelligence and blockchain), tools and methods are also selected to allow for automated and flawless data operation management.
The sustainability function supports this phase by deploying its own tools; namely sustainability management accounting and control, both increasing the rigor and accuracy [92] of digital architecture. Particularly, sustainability controlling-through its scrupulous methodology-is what has a greater impact on improving the reliability and quality of data (completeness, accuracy, consistency, timeliness of attributes), ensuring that data security and privacy are equally preserved.
This cross-operation between the sustainability and digital departments allows creating valuable data insights, that have been internally audited and are, therefore, ready to be gathered and communicated to external stakeholders. The integrated disclosure approach will then allow the company to develop both accurate and engaging content for the sustainability report. This document will not only describe the efforts carried out in the triple bottom line of the financial, social, and environmental accounts but will also largely cover how the firm is able to leverage its digital transformation initiatives to deliver those positive sustainability impacts. Each company will choose the most appropriate way to disclose and incorporate the digital and data supporting elements into their sustainability report, depending on their level of digital maturity and the preferred strategy, choosing from among the best practices described in the next section.
The last step of the assessment process will be to review the entire flow together with the reporting outcomes, which will help the company under assessment to learn about any inefficiencies (e.g., discrepancies between results and goals or data quality causes) in their management of digital sustainability and deploying corrective plans, feeding this information back into the strategic level, where the strategic direction will be readjusted, when appropriate and viable.

Reporting Behaviors of Reporting Companies
From a practical point of view of the content in sustainability reporting, it appears that companies behave in a number of different ways when it comes to integrating information on digital initiatives or data management into their sustainability reports. Based on the analyzed sample, the sectors that were most proactive in doing so are the ones primarily involved in software and hardware development, electronics, financial services, IT and communication services, and industrial insulation.
By analyzing the reported contents of a sample of selected firms (Table 1)-and considering the digital domain, and related type and extension of content on digital initiatives -it was possible to observe that they followed eight common patterns of reporting behavior when deciding to include additional information on their digitalization progression. Each attitude has been mapped out into a matrix, labeling each type from the least to the most complex. Figure 2 provides a summary of the characteristics of each type of behavior. The horizontal axis represents the extent to which digital management initiatives become part of pre-existing sustainability report sections or form an innovative component of it. The vertical axis, on the other hand, shows the depth and extension of digitalization information, in terms of the complexity of initiatives, details disclosed, and portion of the report dedicated to them. The simplest strategies can be observed in the first quadrant, featuring the highest reliance on traditional sustainability disclosing strategies and the lowest complexity of the digitalization activities. OPFG takes the time to produce two different reports each year: a stand-alone data balance sheet, in addition to an integrated reporting, merging both financial and sustainability results. Despite all the afore-presented reporting behavior being equally viable according to each specific corporate context, this company can be categorized for the convenience of definition as a 'leading' example in balancing sustainability and digitalization governance, thus integrating the respective strategies. It processes the overall corporate (and specific sustainability) data responsibly, putting their main digitalization efforts (events, services, advanced analytics through artificial intelligence applications, etc.) under the spotlight and treating data as a value-adding asset, while at the same time dedicating equal importance to the disclosure of sustainability initiatives. OP Financial Group's model can be taken as one potential way of dealing with accountability on both the sustainability and digitalization side, and its model can be adopted by other companies, in its entirety or in some of its sections, to develop their own reports or some additional sections in it. OPFG's model can be summarized in the following structure ( Figure  3): 1. A breakdown of the general ICT strategy (e.g., mobile, Application Programming interfaces-API, cloud, technology competencies, agile working, cost management) and data management strategy, defining the scope of the company's data capital (distinction between internal and external data available-e.g., databases, e-documents) and data assets (processes and services/products that use data capital for the benefit of sustainable value and the business/customer/operating environment). 2. A focus on how the defined data capital can be used to better serve customers, create benefits for them, and gain customer insights.
a. Which service channels have been digitized and how services have been automized (digital services performance and technologies adopted-e.g., API, mobile, chatbots, cash flows management through a corporate hub). b. Use of the obtained customer insights for providing fact-based support, datadriven recommendations and marketing communications on services/products of interest, as well as for guiding company operations (e.g., real-time services that can be connected directly to the firm's systems, such as automated payments). c. How the company's data capital can support and simplify responsible investment.
3. Illustration of the data governance framework of reference (as a strategic component), along with all the elements taken into consideration (e.g., data capital life

•
At the very basic level, firms tend to simply include a few relevant keywords on "data", "privacy", and "security", scattered throughout the text of the document (key-wording).

•
The second group of companies would figuratively 'checkmark' that they have done the minimum that was required of them, according to frameworks like the GRI, etc. They may, hence, dedicate a one-statement paragraph at most, to a specific data privacy and security paragraph, including only a statement on data collection, confidentiality, and protection, or a one-page paragraph with the general internal data policy on data privacy. This category represents the majority of businesses in the sample. • On a step higher are those businesses that have already planned a (two-page) roadmap for the implementation of new digitalization projects for the following year, despite not having deployed any concrete actions to that point (road-mapping). Quadrants II and III represent slightly more advanced strategies: • Firms in the second quadrant understand the importance of listing a variety of specific and more significant digital activities that are carried out by a dedicated cybersecurity team (e.g., developing a threat intelligence center; managing cybersecurity risks through a new framework; third party audits; special training for employees, consumers, and vendors). They can do so within one page. They usually add a new paragraph in addition to the pre-defined reporting scheme, however, they do so all in one page (listing).

•
Other firms, in the third quadrant, highly rely on the popular 'projects' section of the report for social-environmental impact, but only to support the disclosure and measurement of sustainability initiatives by describing the value of more complex initiatives that have been developed for the company's specific purposes, such as new digital services and tools (supporting). This represents the second most popular type of behavior in the sample.
Finally, quadrant IV of the matrix shows the reporting solutions created by the most innovative companies.

•
Some of them provide an archetype of digital expertise that other players in the industry can adopt as a best practice for framework development: they normally include a dedicated chapter detailing their digital transformation journey, ethos, and expertise (frameworking). • Then, other businesses produce a unified annual document, or feature a dedicated page on their website, where their digital and sustainability strategies are completely intertwined (e.g., data governance for sustainability data), with digital ambitions serving as leverage to contribute to specific Sustainability Development Goals (SDGs), for promoting societal and environmental change at every step of the way (e.g, better digital lives for families, digital skills mentorship for jobseekers, SMEs support in the digital economy, advocating for green recovery through campaigns, and platforms) (integrating). • Finally, at the very extreme of the reporting efforts, we find those of the role assigned to one specific company, OP Financial Group (OPFG), the largest Finnish provider of financial services (leading).
OPFG takes the time to produce two different reports each year: a stand-alone data balance sheet, in addition to an integrated reporting, merging both financial and sustainability results. Despite all the afore-presented reporting behavior being equally viable according to each specific corporate context, this company can be categorized for the convenience of definition as a 'leading' example in balancing sustainability and digitalization governance, thus integrating the respective strategies. It processes the overall corporate (and specific sustainability) data responsibly, putting their main digitalization efforts (events, services, advanced analytics through artificial intelligence applications, etc.) under the spotlight and treating data as a value-adding asset, while at the same time dedicating equal importance to the disclosure of sustainability initiatives. OP Financial Group's model can be taken as one potential way of dealing with accountability on both the sustainability and digitalization side, and its model can be adopted by other companies, in its entirety or in some of its sections, to develop their own reports or some additional sections in it. OPFG's model can be summarized in the following structure ( Figure 3): (1). A breakdown of the general ICT strategy (e.g., mobile, Application Programming interfaces-API, cloud, technology competencies, agile working, cost management) and data management strategy, defining the scope of the company's data capital (distinction between internal and external data available-e.g., databases, e-documents) and data assets (processes and services/products that use data capital for the benefit of sustainable value and the business/customer/operating environment). (2). A focus on how the defined data capital can be used to better serve customers, create benefits for them, and gain customer insights.
a. Which service channels have been digitized and how services have been automized (digital services performance and technologies adopted-e.g., API, mobile, chatbots, cash flows management through a corporate hub). b.
Use of the obtained customer insights for providing fact-based support, datadriven recommendations and marketing communications on services/products of interest, as well as for guiding company operations (e.g., real-time services that can be connected directly to the firm's systems, such as automated payments). c.
How the company's data capital can support and simplify responsible investment.
(3). Illustration of the data governance framework of reference (as a strategic component), along with all the elements taken into consideration (e.g., data capital life cycle/availability, quality/reliability, security and risk management, architecture and models, databases, documents and content, data warehousing-if decentralization or centralization of data on the cloud or in data centers). (4). Focus on data protection and security. a.
Cybersecurity operating model (e.g., integrated for self-managed and agile working, boosting app development). b.
Control (corporate bodies responsible for coordinating data protection activities, third-party auditing, use of external white hat hackers for testing system vulnerabilities). c.
How the organization intends to increase the data protection competence internally (internal roles, personnel digital training, regular internal cyber security drills to simulate and prevent cyber-attacks). d.
Mechanisms in place to protect rights of data and timely respond to the data security breaches detected (e.g., central processing, reporting to authorities and data subjects, monitoring, cookie consent, responding to customer complaints and requests to access personal data). (5). Some summary key figures, showing improvements in each of the above areas [93].
b. Control (corporate bodies responsible for coordinating data protection activities, third-party auditing, use of external white hat hackers for testing system vulnerabilities). c. How the organization intends to increase the data protection competence internally (internal roles, personnel digital training, regular internal cyber security drills to simulate and prevent cyber-attacks). d. Mechanisms in place to protect rights of data and timely respond to the data security breaches detected (e.g., central processing, reporting to authorities and data subjects, monitoring, cookie consent, responding to customer complaints and requests to access personal data).
5. Some summary key figures, showing improvements in each of the above areas [93].

Conclusions
The purpose of the present paper is to investigate how companies can take advantage of currently relevant and emphasized notions, procedures, and tools to improve their accountability towards stakeholders. In fact, the COVID-19 crisis brought a renovated concern to corporate digitalization [2][3][4] and corporate sustainability as the most suitable means to provide accountability effectively [21,22]. According to research, the integration of sustainable practices into financial reporting will have to become compulsory and more structured in the post-pandemic scenario, with the aim of showing how value is created over time [94], while at the same time proving the internal and external validity of the collected data [95].
Therefore, more specifically, this research sought to explore the ways in which the constructs supporting digitalization (data governance and communication of digital activities) could refine the diligence of the sustainability assessment process, of which the last reporting step generates the communication output to stakeholders [71,72]. To summarize, this research uncovered three principal outcomes, as follows: First, a new sustainability data governance framework was derived by combining existing data governance and sustainability assessment frameworks from literature. The evaluation allowed us to find the alignment between processes belonging to each separate

Conclusions
The purpose of the present paper is to investigate how companies can take advantage of currently relevant and emphasized notions, procedures, and tools to improve their accountability towards stakeholders. In fact, the COVID-19 crisis brought a renovated concern to corporate digitalization [2][3][4] and corporate sustainability as the most suitable means to provide accountability effectively [21,22]. According to research, the integration of sustainable practices into financial reporting will have to become compulsory and more structured in the post-pandemic scenario, with the aim of showing how value is created over time [94], while at the same time proving the internal and external validity of the collected data [95].
Therefore, more specifically, this research sought to explore the ways in which the constructs supporting digitalization (data governance and communication of digital activities) could refine the diligence of the sustainability assessment process, of which the last reporting step generates the communication output to stakeholders [71,72]. To summarize, this research uncovered three principal outcomes, as follows: First, a new sustainability data governance framework was derived by combining existing data governance and sustainability assessment frameworks from literature. The evaluation allowed us to find the alignment between processes belonging to each separate domain, given that the two concepts have similarities in their structures (strategy of data and sustainability, supporting responsibilities and culture, operational data analysis, presentation of results). The main levels of this novel model develop from strategy definition to reporting of activities and outcomes. Given that the accountability principle is at the basis of data governance [31][32][33], the incorporation of its phases into the integrated sustainability data governance process here described has the potential to improve the overall sustainability assessment of a company [28]. The above-described new framework represents, therefore, an attempt to corroborate the first proposition (P1).
The second result described the present sustainability reporting trends with regards to additionally communicating digital change. It was found that businesses disclosing a formal document on their sustainability performance may follow one out of eight main behavioral patterns in describing their social and environmental impacts through digital activities and projects. The majority of the sampled cases presented at least a general description of what cybersecurity and data privacy means to them. This attitude can be explained by the fact that the most common reporting framework that they adopt-GRI-explicitly requires companies to disclose on customer privacy protection. However, companies are free to choose whether to provide specific data on privacy breaches complaints, data leaks or loss occurrences, or simply by writing a free form description of commitments on data protection [96], which appears to be the most encountered case. Other organizations allocate the sections dedicated to the projects implemented over a year to describe the digital tools, services, and initiatives they have started focusing on. A rarer type of disclosing attitude is to dedicate an entire chapter to cybersecurity, having come to realize how crucial it is to monitor risks starting from the very inception of the digital transition. This makes sure that remedial actions can be promptly implemented in case of breaches, without letting digitalization compromise business security [10]. The digital transformation stimulated by the pandemic has prompted a rise in phishing, scams, and malware events to the detriment of companies, underlining the need for more robust data security [97]. Summing up, this paper section presented a detailed description of various strategies for integrated sustainability-digital reporting behaviors by company, thus providing evidence for the second proposition (P2).
In one case only, the enterprise created a stand-alone report for disclosing on its digital activities and protection of data assets, in addition to its sustainability-centered document. The integration between digital and sustainable activities can be interpreted on a more strategic level (despite not having the two integrated into one unitary report), hence referring to the fact that both aspects are dedicated equal attention and effort to within the same organization. Assuming this, it makes sense to then deduce that an organization having a structured procedure for assessing the management of its overall corporate data is equally well equipped to filter its sustainability assessment process through the same lenses, therefore potentially achieving better accountability in general. Whatever the case, a firm can choose to adopt either of the presented behaviors, as long as it is in line with the degree of its digital maturity. To this scope, the data report of the 'leading' case was broken down into the main elements that could be mix-and-matched to create the most suitable sustainability data reporting solution for each firm needing to review its strategy. This validates the third proposition (P3) that leading firms can set the example for the industry through a well-balanced strategy, and the example selected represents a leading company because it 'governs' its sustainability and digitalization strategies equitably.
The above findings are consistent with the literature's conclusion that data governance fosters the relevance, completeness, accessibility, shareability, and quality [46,47,50,51] of sustainable knowledge creation, which, in turn, leads to higher accountability and therefore transparency of information and performance [98].
In conclusion, the COVID-19 crisis represented an unprecedented chance to optimize business operations-and sustainability operations in particular-making them more easily adaptable to digital practices, resilient to risks that cannot be easily accounted for, and strengthening their accountability. Businesses were forced to revise their sustainability reporting strategy and adjust to the new recovery scenario, as they are now transitioning from facing the pandemic impact for the first time to providing societal relief to the most affected stakeholder groups, resuming and optimizing expenses and operations, and finally entering the post-COVID-19 world in a more resilient state. The novel sustainability assessment scheme will have to centrally consider the risks faced during the pandemic, while also enabling engagement with stakeholders by means of more agile technologies and platforms [99]. Thus, this paper aimed to explore how businesses could better control and coordinate this process while making it more robust through the addition of data governance mechanisms.
Implications: the presented outcomes could be beneficial to companies in various terms. Firms can refer to the integrated sustainability data framework to improve their overall sustainability assessment and data management process, both at the strategic level and in their daily operations. Moreover, this study contributes to helping companies to better understand their competing environment and what other players in the market are doing at present to make their sustainable business models more innovative. This will allow them to assess their digital readiness and draw some inspiration for integrating data-driven concepts into sustainability reporting.
These models may also be of use to the research community to develop empirical studies that test and extend the matrix of reporting behaviors further by analyzing the evolution of corporate behavior in the post-pandemic period, but also the practical applicability of integrated frameworks within the current corporate scenario.
Limitations: the limited sample of reports used might not have accounted for all possible cases. As for the frameworks applied for building the sustainability data governance model, some of them provided a generic overview, not allowing the determination of the specifics of the model.
Future research: the literature presents inadequate empirical evidence of the integration between digital tools and sustainability responses. Upcoming studies could, thus, focus on testing the model outlined in this paper through empirical research (e.g., case studies), in order to further detail the theoretical process based on corporate experiences to see if it indeed benefits companies. A larger number of digital-sustainability reports should also be evaluated to further develop the behavioral matrix according to the future post-pandemic scenario.