ESG reporting has become an expectation from investors, regulators, and a wide range of other stakeholders. But it is still in its infancy, evolving at a pace most of us can’t keep up with. Internal audit can play a key role in supporting this evolution, providing assurance that governance, internal controls, and disclosures are appropriate to meet the needs of both the business and stakeholders.
This is the second and final article in a series that focused on ESG reporting. In the first article, I addressed how internal audit can play an important role in maturing data governance and quality, knowing that good data is clearly essential for robust reporting. In this article, I will look at how internal audit can take a broader approach to supporting and providing assurance over ESG reporting. While the focus is on external reporting, many of the principles can easily be applied to internal reporting used by Boards and management, and which support overall decision-making.
The ESG reporting landscape is rapidly changing. I will not discuss this in detail here, as the internet is awash with such information. This U.S. focused article by PwC is useful globally, and there are many others covering particular regions or countries. I would particularly highlight key developments with the emergence of the ISSB standards and European Sustainability Reporting Standards (ESRS, often known as CSRD which is the EU Directive that established the requirement) and the ongoing and welcome efforts to align them.