ESG reporting is a new and increasingly regulated field for many companies. With the introduction of the Corporate Sustainability Reporting Directive (CSRD) and the European Sustainability Reporting Standards (ESRS), the reporting obligation has expanded and auditors are taking on a decisive role in ensuring compliance with the requirements. Practical experience has now been gathered, particularly through the first-time implementation in many companies, which shows what auditors attach particular importance to and how companies can optimally prepare for the audit.

The review of ESG reports is divided into two basic forms: Limited assurance and reasonable assurance.

While the limited assurance audit primarily assesses the plausibility of the information provided, reasonable assurance involves a much deeper analysis, including a review of the effectiveness of internal control systems and IT processes. This development underlines the growing importance of ESG reporting and the need to align internal processes with it at an early stage.

What do auditors attach particular importance to?

A key focus of auditors when auditing ESG reports is on audit-proof and transparent documentation. This documentation must comprehensively and comprehensibly map all steps of the reporting process - from the materiality analysis and data collection to the final report preparation. The documentation is not only proof of the correct implementation of the requirements, but also a safeguard for the company itself. If comprehensive documentation is missing, this can lead to reservations in the audit opinion and impair the credibility of the reporting.

In addition to the documentation, the quality of the internal control systems and the IT systems used are also closely scrutinized. These systems must not only meet the requirements of the GoBD (principles for the proper management and storage of books, records and documents in electronic form), but also fulfill the criteria of the ESRS. This involves checking whether the IT systems are reliable, efficient and sufficiently secure to properly support data collection and consolidation.

‍

Another important aspect is early communication between companies and auditors. Regular coordination throughout the reporting process helps to avoid misunderstandings and ensure that all requirements are implemented correctly. Particularly in the case of uncertainties or unclear requirements, it is advisable to seek dialogue at an early stage in order to minimize additional work for both sides later on.

‍

‍

‍‍‍‍Typicalquestions in the testing process

Auditors review ESG reports in several key areas, asking specific questions to ensure compliance with the ESRS. Common questions include:

• ‍Materiality analysis: Have all relevant topics been identified and have the exclusions been clearly documented? How were stakeholders involved and are the methods used traceable?
• Data collection and consolidation: How was data quality ensured and which IT systems were used? Are the internal controls sufficient to minimize errors?‍
• Report content: Does the report accurately reflect the results of the materiality analysis? Have the qualitative requirements for relevance, comparability and truthfulness been met?

The answers to these questions are essential to ensure the quality and credibility of ESG reporting.

How can companies best prepare themselves?‍

To ensure a smooth ESG review, it is essential to define clear processes for reporting. These processes should be structured in such a way that they cover all relevant steps - from the materiality analysis to the final reporting - and document them in a comprehensible manner. A clear process structure is not only helpful for the auditors, but also makes it easier to deal with the requirements of ESG reporting internally.

Given the complexity of ESG requirements, it can make sense to involve external support. Specialized consultants not only bring expertise in dealing with the legal requirements, but also help to identify potential gaps and make processes more efficient. They offer valuable insights into best practices and support in setting up audit-proof reporting.

In addition, companies should ensure that their employees receive regular training. The requirements for ESG reports are constantly evolving, and continuous training is the only way to keep the team up to date. Such training not only strengthens understanding of the legal requirements, but also promotes better collaboration between the different departments involved in the reporting process. Overall, a combination of structured processes, targeted external support and continuous training forms the basis for successful ESG reporting.‍

Preparation is crucial‍

The requirements for ESG reporting are complex and the audit by auditors brings additional challenges. However, companies that establish clear processes at an early stage, ensure comprehensive documentation and involve internal and external expertise are well prepared. A structured approach not only strengthens the credibility of reporting, but also helps to anchor sustainability strategically within the company.

With our experience, we are happy to support you in preparing for the ESG audit - from process documentation to training your team. Contact us to find out more and successfully master the requirements of ESG reporting together.