How Westin Melbourne Hotel Trimmed its Footprint

Becoming sustainable is a three-pronged process. You must save money and push the buttons the government is pressing you to. But there?s a deeper, more urgent issue. If your customers mark you down for not being green enough you are heading for trouble. Let’s see how well this hotel is doing.

The Melbourne flagship of the Westin hotel chain boasts 262 spacious rooms with views of Melbourne Square and surrounding theatres, designer boutiques, galleries and national landmarks. The architects included conference facilities, a wellness centre and sundry bars and restaurants. After climate change arrived to stay, hotel management discovered they had inherited a water and energy-greedy monster. Their solution was to measure what was going through their systems, and then progressively cap the building?s greedy appetite.

The Melbourne Westin Hotel could not have achieved results without these metrics. They began by determining key indicators and measuring them. This provided them with criteria to set achievable, cost effective targets in the following key areas of their business:

  1. Water Management ? Demand-based linen and towel recycling, installation of back-washable water filters, water-saving shower heads, dual-flush toilets.
  2. Waste Management ? Conversion to green products, recycling kitchen oil, moving towards a paperless office, recycling everything possible.
  3. Energy Management ? Energy-efficient light bulbs, standby settings for lights, computers, televisions and air conditioners
  4. Stakeholder Communication ? Staff green-team training, guest education, ongoing employee briefings
  5. Strategic Positioning ? Visible, top-down commitment, optimised carbon offsets from clean, renewable energy sources, clearly stated position in the market

Westin?s Melbourne landmark has made good progress towards becoming the green hotel for others to follow. It has adjusted its environmental policies, increased water and energy awareness and implemented tight waste management.

Consumers are already shopping to make their carbon footsteps lighter. Food stores are on the bandwagon although apparel is lagging. Perhaps it’s time you found out just how your company is shaping up. It’s no longer a matter of ?if carbon taxes?. It’s a matter of ?when it does?.

ecoVaro is a software system-in-the-cloud that lets you enter your water and energy consumption and process it online so you can monitor and manage your usage. In no time at all you could be saving money like Westin Melbourne did. Does that sound like something worth investigating?

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

How to Reduce Costs when Complying with SOX 404

Section 404 contains the most onerous and most costly requirements you’ll ever encounter in the Sarbanes-Oxley Act (SOX). In this article, we?ll take a closer look at the salient points of this contentious piece of legislation as it relates to IT. We?ll also explain why companies are encountering difficulties in complying with it.

Then as soon as we’ve tackled the main issues of this section and identify the pitfalls of compliance, we can then proceed with a discussion of what successful CIOs have done to eliminate those difficulties and consequently bring down their organisation’s IT compliance costs. From this post, you can glean insights that can help you plan a cost-effective way of achieving IT compliance with SOX.

SOX 404 in a nutshell

Section 404 of the Sarbanes-Oxley Act, entitled Management Assessment of Internal Controls, requires public companies covered by the Act to submit an annual report featuring an assessment of their company?s internal controls.

This ?internal control report? should state management’s responsibility in establishing/maintaining an adequate structure and a set of procedures for internal control over your company?s financial reporting processes. It should also contain an assessment of the effectiveness of those controls as of the end of your most recent fiscal year.

Because SOX also requires the public accounting firm that conducts your audit reports to attest to and report on your assessments, you can’t just make baseless claims regarding the effectiveness of your internal controls. As a matter of fact, you are mandated by both SEC and PCAOB to follow widely accepted control frameworks like COSO and COBIT. This framework will serve as a uniform guide for the internal controls you set up, the assessments you arrive at, and the attestation your external auditor reports on.

Why compliance of Section 404 is costly

Regardless which of the widely acceptable control frameworks you end up using, you will always be asked to document and test your controls. These activities can consume a considerable amount of man-hours and bring about additional expenses. Even the mere act of studying the control framework and figuring out how to align your current practices with it can be very tricky and can consume precious time; time that can be used for more productive endeavours.

Of course, there are exceptions. An organisation with highly centralised operations can experience relative ease and low costs while implementing SOX 404. But if your organisation follows a largely decentralised operation model, e.g. if you still make extensive use of spreadsheets in all your offices, then you’ll surely encounter many obstacles.

According to one survey conducted by FEI (Financial Executives International), an organisation that carried out a series of SOX-compliance-related surveys since the first year of SOX adoption, respondents with centralised operations enjoyed lower costs of compliance compared to those with decentralised operations. For example, in 2007, those with decentralised operations spent 30.1 % more for compliance than those with centralised operations.

The main reason for this disparity lies in the disorganised and complicated nature of spreadsheet systems.

Read why spreadsheets post a burden when complying with SOX and other regulations.

Unfortunately, a large number of companies still rely heavily on spreadsheets. Even those with expensive BI (Business Intelligence) systems still use spreadsheets as an ad-hoc tool for data processing and reporting.

Because compliance with Section 404 involves a significant amount of fixed costs, smaller companies tend to feel the impact more. This has been highlighted in the ?Final Report of the Advisory Committee on Smaller Public Companies? published on April 23, 2006. In that report, which can be downloaded from the official website of the US Securities and Exchange Commission, it was shown that:

  • Companies with over $5 Billion revenues spent only about 0.06% of revenues on Section 404 implementation
  • Companies with revenues between $1B – $4.9B spent about 0.16%
  • Companies with revenues between $500M – $999M spent about 0.27%
  • Companies with revenues between $100M – $499M spent about 0.53%
  • Companies with revenues less than $100M spent a whopping 2.55% on Section 404

Therefore, not only can you discern a relationship between the size of a company and the amount that the company ends up spending for SOX 404 relative to its revenues, but you can also clearly see that the unfavourable impact of Section 404 spending is considerably more pronounced in the smallest companies. Hence, the smaller the company is, the more crucial it is for that company to find ways that can bring down the costs of Section 404 implementation.

How to alleviate costs of section 404

If you recall the FEI survey mentioned earlier, it was shown that organisations with decentralised operations usually ended up spending more for SOX 404 implementation than those that had a more centralized model. Then in the ?Final Report of the Advisory Committee on Smaller Public Companies?, it was also shown that public companies with the smallest revenues suffered a similar fate.

Can we draw a line connecting those two? Does it simply mean that large spending on SOX affects two sets of companies, i.e., those that have decentralised operations and those that are small? Or can there be an even deeper implication? Might it not be possible that these two sets are actually one and the same?

From our experience, small companies are less inclined to spend on server based solutions compared to the big ones. As a result, it is within this group of small companies where you can find a proliferation of spreadsheet systems. In other words, small companies are more likely to follow a decentralised model. Spreadsheets were not designed to implement strict control features, so if you want to apply a control framework on a spreadsheet-based system, it won’t be easy.

For example, how are you going to conduct testing on every single spreadsheet cell that plays a role in financial reporting when the spreadsheets involved in the financial reporting process are distributed across different workstations in different offices in an organisation with a countrywide operation?

It’s really not a trivial problem.

Based on the FEI survey however, the big companies have already found a solution – employing a server-based system.

Typical server based systems, which of course espouse a centralised model, already come with built-in controls. If you need to modify or add more controls, then you can do so with relative ease because practically everything you need to do can be carried out in just one place.

For instance, if you need to implement high availability or perform backups, you can easily apply redundancy in a cost-effective way – e.g. through virtualisation – if you already have a server-based system. Aside from cost-savings in SOX 404 implementation, server-based systems also offer a host of other benefits. Click that link to learn more.

Not sure how to get started on a cost-effective IT compliance initiative for SOX? You might want to read our post How To Get Started With Your IT Compliance Efforts for SOX.?

The Rights of Individuals Under The General Data Protection Regulation

The General Data Protection Regulation or GDPR is a European Union law reinforcing the rights of citizens concerning the confidentiality of their information, and confirming that they own it. We thought it would be interesting to examine the GDPR effective 25 May 2018 from an Irish citizen?s perspective. This article is a summary of information on the Data Protection Commissioner?s website, but as viewed through a businessperson?s lens.

How the Office Defines Data Protection

The Office believes that organisations receiving personal details have a duty to keep them private and safe. This applies inter alia to information that individuals supply to government, financial institutions, insurance companies, medical providers, telecoms services, and lenders. It also applies to information provided when they open accounts.

This information may be on paper, on computers, or in video, voice, or photographic records. The true owners of this information, the individuals have a right:

  • To make sure that it is factually correct
  • To the assurance that it is shared responsibly
  • That all with access only use it for stated purposes

Any organisation requesting personal information must state who they are, what the information is for, why they need to have it, and to whom else they may provide it.

Consumer Rights to Access Their Personal Information

Private persons have a right under the GDPR to a copy of all their information held or processed by a business. The regulation refers to such businesses as ?data controllers? as opposed to owners, which is interesting. They have to provide both paper and digital data, and ‘related information?.

Data controller fees for this are discretionary within limits. The request may be denied under certain circumstances. The data controller may release information about children to parents and guardians, only if it considers a minor too young to understand its significance. Other third parties such as attorneys must prove they have consent.

Consumer Rights to Port Their Data to Different Services

Since the personal information belongs to the individual, they have a right not only to access it, but also to copy or move it from one digital environment to another. The GDPR requires this be ?in a safe way, without hindrance to usability?. An application could be a banking client that wants to upload their transaction history to a third party price comparison website.

However, the right to data portability only applies to data originally provided by the consumer. Moreover, an automated method must be available for porting. Data controllers must release the information in an open format, and may not charge for the porting service.

Consumer Rights to Complain About Personal Data Abuse

Individuals have a right under the General Data Protection Regulation to have their information rectified if they discover errors. This right extends to an assurance that third parties know about the changes – and who these third party entities are. Data controllers must respond within one month. If they decline the request, they must inform the complainant of their right to further remedial action.

If a data controller refuses to release personal information to the owner, or to correct errors, then the Data Protection Office has legal power to enforce the consumer?s rights. The complainant must make full disclosure of the history of their complaint, and the steps they have taken themselves to attempt to set things right.

Further Advice on Getting Things Ready for 25 May 2018

The General Data Protection Regulation has the full force of law from 25 May 2018 onward, and supersedes all applicable Irish laws, regulations, and policies from that date. We recommend incorporating rights of data owners who are also your customers into your immediate plans. We doubt that forgetting to do so will cut much sway with the Data Commissioner. Remember, you have one month to respond to consumer requests, and only one more month to close things out subject to the matter being complex.

Article 8 of the EU Energy Efficiency Directive ? Orientation

Following in-depth discussion of the UK?s ESOS response, we decided to backtrack to the source, especially since every EU member is facing similar challenges. The core purpose of the directive is to place a pair of obligations on member states. These are

  1. To promote the availability of energy audits among final customers in all sectors, and;
  2. To ensure that enterprises that are not SMEs carry out energy audits at least every four years.

Given the ability for business to look twice at every piece of legislation it considers unproductive, the Brussels legislators took care to define what constitutes an enterprise larger than an SME.

Definition of a Large Undertaking

A large undertaking meets one or both of the following conditions:

  1. It employs 250 or more people
  2. Its annual turnover is more than ?50 million and its balance sheet total exceeds ?43 million

Rules for Energy Audits

If accredited / qualified in-house specialists are unavailable then independent experts should supervise audits. The talent shortage seems common to many EU businesses. In hindsight, the Union could have ramped up slower, especially since the first compliance date of 5 December 2015 does not leave much swing room.

ecoVaro doubts there was a viable alternative, given the urgent imperative to beat back the scourge of carbon that is threatening the viability of our planet. The legislators must have been of a similar mind when laying down the guidelines. Witness for example the requirement that penalties be ?effective, proportionate and dissuasive?.

In order to be compliant, an energy audit must

  1. Be based on twelve months of verifiable data that is
    • over a continuous period beginning no more than 24 months before the beginning of the energy audit, and;
    • identifies energy saving opportunities including paths to their achievement
  2. Analyse the participant’s energy consumption and energy efficiency
  3. Have not been used as the basis for an energy audit in a previous compliance period

Measurement of current status and progress tracing are at the core of energy saving and good governance generally. EcoVaro has a powerhouse of software tools available on the cloud to help project teams save time and money.

Ready to work with Denizon?

Contact Us Today