Company-Level and Cumulative Impacts This section of the assessment contains tables listing the potential company-level and cumula- tive human rights impacts identified by BSR. In accordance with the UNGPs, we have focused primarily on identifying and assessing actual or potential adverse human rights impacts. Identifying human rights impacts for the SaaS sector proved challenging, since SaaS services and their use cases are infinitely varied. Moreover, in theory, all human rights could be impacted through the use of SaaS services—actual and potential impacts will vary significantly according to the industry vertical (e.g., healthcare, public sector, retail, financial services) in which SaaS services are deployed. Therefore, we focused only on the human rights impacts most salient for most of the sector. Five main impact areas are highly relevant to B2B SaaS services: 1. Customer end-use 2. Privacy and data governance 3. Responsible AI 4. Content-related issues 5. Worker-centered design While we have segmented impacts into different categories, it should be noted that these impact areas and the relevant human rights are highly interdependent and interrelated; the improvement or deprivation of one right significantly affects the others. For each impact area, we have outlined potential company-level and cumulative impacts and listed the relevant international human rights instruments. In the final section of each table, we have assessed the severity of the impacts, as well as the management factors. Since we cannot assess severity and management factors for every SaaS service, we have used the SaaS differentiating characteristics outlined in Section 3 to describe how these characteristics might influence the severity and management of the impacts. To illustrate how human rights impacts may manifest across the SaaS sector, we will use the three hypothetical examples of SaaS providers outlined earlier. Again, they are: SaaS Provider One provides enterprise software solutions, such as customer relationship management (CRM) or human capital management (HCM) services. SaaS Provider Two provides tools for software developers and product teams, such as issue tracking and code management services. SaaS Provider Three provides industrial solutions, including AI-based plant management and modeling services. SaaS services are infinitely varied, and they serve a large number of different use cases. While the above list is certainly not exhaustive, these examples allow us to consider how SaaS providers and their services may be connected to human rights impacts. SaaS providers may use these examples as a starting point when examining the potential impacts of their services. 19 Human Rights Assessment of the Software-as-a-Service Sector