Skip to content

Understanding ESG audits: Checklist and best practices

· 8 minute read

· 8 minute read

Amidst a complex audit environment, today’s accountants have many opportunities to take advantage of technology and specialize in up-and-coming focus areas. One of these specialties is ESG audits.  

What is ESG?

Environment, Social and Governance (ESG) is a framework for evaluating risks and opportunities related to a company’s operational impact on the environmental, social issues, and governance factors.  

  • Environmental risks include pollution of the air, water, or soil, as well as climate impact, carbon footprint, and energy use.  
  • Social risks include impacts to all stakeholders and global citizens, including the well-being, reputation, or privacy of customers, employees, or suppliers, as well as issues related to diversity, equity, and inclusion (DEI).  
  • Governance risks include financial reporting, fraud prevention, executive pay transparency, and overall business dealings of the company. 

From measuring sustainability to quantifying the ethical impact of supply chains, accountants and auditors have an expanding role to play in determining the integrity of a company’s disclosure of ESG topics. 

What is an ESG audit?

An ESG audit is an assessment of the risks related to ESG and can verify the accuracy of the ESG-related data that a company discloses to its employees, stakeholders, and regulatory bodies.  

Like any audit, ESG audits can be internal or external. Increasingly, businesses are engaging third-party assurance auditors to report on those ESG disclosures.  

An ESG audit will likely align with other dimensions of a company’s compliance requirements. Verifying the effectiveness of ESG-related controls and activities can help companies identify gaps, assess risks, and develop a recommended plan of action. 

Who performs an ESG audit?

While ESG audits are not consistently practiced within and across jurisdictions, various audit standards are being used on engagements. As ESG reporting matures, the audit profession will be tapped to meet the demand.  

Experienced CPAs and auditors are the best fit to perform ESG audit services as they have vast experience in determining whether a client is in compliance with multiple standards and frameworks. 

With a deep understanding of business processes and evaluating procedures for collecting, analyzing, and reporting information, auditors can identify ESG gaps, assess risk, and develop recommended mitigation options.  

The experience necessary to audit financial statements, audit regulatory information, and manage internal controls attestation translates well for auditors who can seamlessly apply this knowledge to ESG data sets.  

ESG audit checklist

Investors and stakeholders are increasingly seeking transparency in ESG initiatives. Audit and assurance engagements are intended to meet this demand. Third-party assurance from an independent accounting firm results in an objective report designed to provide assurance about whether ESG disclosures comply with the chosen ESG framework/criteria.  

Here are five key steps to identifying ESG risks and establishing ESG controls.  

  1. Assess the ESG landscape

The first step is to understand the ESG landscape of the industry and sector in which the business operates. Benchmark what competitors are doing and take advantage of accounting and tax research tools powered by AI and machine learning to stay abreast of ESG related changes to government policy and legislation.  

Understanding the perspectives of both internal and external stakeholders is key to effectively assessing and managing ESG risks—and balancing them with other high-priority audit requirements. How do employees, customers and investors perceive the company’s business activities? Auditors can act as trusted advisors with an obligation to highlight on-going, new, and emerging risks. In this way, auditors (both internal and external) can have an effective pathway to influence positive outcomes in a company’s ESG operations.  

It is equally important to understand the current state of the business’s ESG strategy, maturity and risk factors. How is ESG aligned with and integrated into the company strategy? Which teams own specific ESG activities? What is the current state of ESG reporting to internal and external stakeholders and regulatory bodies?  

When the level of maturity around ESG is in the beginning stages, one of the key challenges is getting senior management on board, especially in understanding ESG risks and how audit can help lessen those risks. 

2. Choose an ESG reporting format

Whether you’re conducting an internal audit or working with a third-party auditor to assess your ESG risks, you will need to choose one or more ESG frameworks. The ESG audit standards and framework you choose should fit the specific industry and align with wider company goals.  

Two well-known ESG frameworks are the Sustainability Accounting Standards Board (SASB) and the Task Force on Climate-Related Financial Disclosures (TCFD). SASB offers sector-specific guidance on a variety of ESG risks, while TCFD is more specifically geared towards climate issues. 

ESG reporting frameworks provide principles-based guidance that identify ESG topics and inform how to structure and prepare information. These standards offer specific requirements to help companies determine metrics to disclose for each topic. Typically, the criteria must be supplemented with additional details to confirm that they are clear enough for an assurance engagement in accordance with AICPA standards. 

3. Prepare for ESG engagements

Like audits of financial statements and internal controls over financial reporting, third-party assurance enhances the reliability of ESG information and builds confidence among stakeholders. To accomplish this, auditors conduct attestation engagements to provide assurance that ESG information is presented in accordance with certain criteria.  

A company’s internal audit function can help to implement consistent application of standards and establish an internal independent process by leveraging ESG program governance as part of a company’s overall governance program. As it stands now, most companies self-define ESG program requirements and the lack of transparency on what information is disclosed publicly increases the importance of an independent audit function.  

Because companies are at different stages of their sustainability journeys, the range of ESG assurance engagements is vast. While most companies that seek out third-party support begin with limited assurance, the trend is moving toward reasonable assurance (which is similar to traditional financial audits). 

Companies who engage with third-party auditors often begin with an assurance readiness assessment to better understand what is needed to prepare for an external audit.  

4. Integrate ESG into an annual audit plan

There is no doubt that ESG reporting is here to stay. As such, integrating ESG in the annual audit plan can help businesses ensure reliable, transparent ESG information that meets the needs of investors, customers, and employees.  

For many businesses, ESG reporting may be somewhat familiar as the SEC already requires that publicly traded companies submit annual reports on human capital resources (HCR). These regulations will likely only get stronger and more complex, especially regarding climate-related disclosures in financial reporting.  

Consider integrating an annual ESG audit alongside your traditional audit plan. By reporting ESG risks and strategies to stakeholders and regulatory entities on a regular basis, you can ensure your ESG data is accurate, complete and transparent year after year. 

5. Implement audit software and guidance

As the accounting profession evolves and expands, practitioners are increasingly looking to software to drive efficiencies in all tax areas, and audit is no exception. In a complex tax landscape driven with constantly changing accounting and auditing standards, more and more accountants are looking to automate audit processes with an end-to-end solution. 

With technologies like cognitive computing, artificial intelligence (AI) and data analytics gaining popularity, many accountants are investing in high-tech solutions to enhance their audit offerings. Add  cloud-based audit technology and integrated research and learning solutions to that, and accountants can collaborate seamlessly without sacrificing security—all while completing audits faster and with absolute confidence. 

With cloud-based technology, audit accountants can securely access their audit online, from anywhere, and seamlessly collaborate with stakeholders in real time. By relying on a trusted software provider with leading audit methodology and backed by experienced editors and authors, audit accountants can ensure materials are accurate to pass peer review. 

By coupling the latest technology with advanced research and learning solutions, audit accountants can ensure quality and efficiency for audit, accounting and tax engagements. 

A powerful partner for ESG audit research and learning

In a constantly changing audit landscape, achieving efficiency, accuracy and consistency is necessary. Implementing a fully integrated online audit solution backed by an advanced research and learning is the key to ensuring success. 

Thomson Reuters has a long history of providing audit and research solutions with insight from experienced editors and authors who can ensure compliance with professional standards and peer review. From an ESG perspective, you can help your clients take advantage of opportunities for growth as ethical, inclusive, and sustainable workplaces.  

Curated for tax planning and compliance work as well as audit and accounting services, Thomson Reuters can help you find answers to all your clients’ ESG accounting and audit needs with the industry’s most sophisticated AI-powered algorithm.  

Learn more

More answers