Audit & Assurance for CSRD Disclosures - The Crucial Role of External Audits in Ensuring Accuracy and Credibility in Sustainability Reporting
Resources / Blog

Audit & Assurance for CSRD Disclosures - The Crucial Role of External Audits in Ensuring Accuracy and Credibility in Sustainability Reporting

04 Aug 2024 · 11 min read · Updated 07 Aug 2024
Contents

The Corporate Sustainability Reporting Directive (CSRD) signifies a landmark shift in the sustainability reporting process for European companies. The CSRD is a comprehensive set of policy measures designed to address the climate crisis by reshaping the European Union (EU) into a more resource-efficient, competitive, and sustainable economy. Under this directive, companies must provide extensive information on various environmental, social, and governance (ESG) factors; while ensuring transparency and accountability in their operations. This new directive necessitates that organisations should provide more detailed and comprehensive disclosures and implement mandatory audit assurance measures [1], [2].

Understanding the CSRD

The Corporate Sustainability Reporting Directive (CSRD)  is a regulatory framework effective from 5th January 2023 which is based on the Non-Financial Reporting Directive (NFRD), and requires mandatory disclosures on environmental, social, and governance (ESG) matters from all obliging EU companies. This directive accentuates the need for comprehensive sustainability disclosures and introduces mandatory external assurance to ensure data accuracy and credibility. The key element of CSRD is its emphasis on providing audit and assurance, which highlights the importance of sustainability reporting to a level equal to that of financial audits. The CSRD applies to a broad range of entities, including large companies and listed SMEs. It emphasises the double materiality approach, which requires companies to disclose how climate issues impact them as well as how they affect the environment and society at large. This directive supports the EU’s Green Deal, aiming for climate neutrality by 2050, which drives corporate responsibility with an ecocentric approach [3], [4].

The Role of External Audits in CSRD Disclosures

External audits play a pivotal role in ensuring compliance with the Corporate Sustainability Reporting Directive (CSRD). These audits provide an independent evaluation of a company's sustainability disclosures, enhancing the credibility and accuracy of the reported data. The CSRD mandates that companies undergo external assurance to validate their environmental, social, and governance (ESG) information, which helps to build stakeholder trust and meet regulatory requirements [5].

External audits also provide valuable insights for companies, identifying areas for improvement in data collection, reporting processes, and overall sustainability performance. External audits of an organisation are done by independent auditors who have experience and expertise in doing audits in ESG matters. External auditors access the information declared by the company to ascertain that it is accurate, concrete, and compliant with reporting standards.  As companies adapt to the CSRD, external audits become a critical mechanism for promoting transparent and reliable sustainability information for their stakeholders [6].

What is CSRD Assurance?

The Corporate Sustainability Reporting Directive (CSRD) demands mandatory assurance from companies publishing their reports starting in fiscal year 2024. The CSRD requires a third party to audit and ensure the sustainability information and data, which should be part of the sustainability statement in the management report. This assurance requirement adds credibility to the information reported by companies. Before doing external assurance, a company should have a robust internal auditing system that can satisfactorily vet the sustainability information. The assurance process can be categorised into two types: limited assurance and reasonable assurance. All companies that comply with CSRD are bound to produce limited external assurance for all sustainability-related information. [7].

Limited Assurance

In a limited assurance engagement, the auditor conducts a lesser number of tests compared to a reasonable assurance engagement. The conclusion in a limited assurance is typically presented in a negative form, indicating that the auditor has not identified any material misinformation in the subject matter. Limited assurance pertains to a less extensive level of assurance procedures, in which the auditor approves sustainability information with a moderate level of certainty. Due to the lower level of assurance provided, the amount of work required for a limited assurance engagement is generally less than that for a reasonable assurance engagement [7].

Limited assurance from independent third-party assurance providers is compulsory for all companies, which was previously voluntary under the Non-financial Reporting Directive (NFRD). The scope of the limited assurance encompasses several key aspects. First, it evaluates a company's adherence to the European Sustainability Reporting Standards (ESRS). Second, it evaluates the underlying materiality assessment process employed by the company. Furthermore, it examines the company's compliance with EU Taxonomy Regulation. Finally, limited assurance covers the digital tagging of sustainability information, which enables stakeholders to easily locate and analyse specific sustainability data points within a company's reported information [8].

Reasonable Assurance

The CSRD currently mandates limited assurance for most companies. However, the European Commission (EC) is actively exploring the possibility of transitioning to a more intensive "reasonable assurance" approach within a three-year timeframe following implementation. While the specifics regarding the scope of information subject to reasonable assurance remain under development by the EC, the potential benefits of this transition are undeniable.  Reasonable assurance offers stakeholders an even higher degree of assurance regarding the accuracy and reliability of reported ESG data [7].

Reasonable assurance entails a precise and in-depth evaluation of a company's internal controls related to sustainability reporting. Moreover, reasonable assurance extends beyond control evaluation. It explores deeper through the use of substantive testing. The amount of work involved in a reasonable assurance engagement is significantly higher than in a limited assurance engagement. The conclusion of a reasonable assurance engagement typically involves expressing a positive opinion on the measurement of the subject matter against pre-defined criteria. Moving to reasonable assurance from limited assurance in sustainability matters demands more time and effort for the organisations [9].

3 Key Aspects of CSRD Assurance Requirements

Following are the three key aspects of CSRD audit and assurance requirements.

1. Forward-Looking Information

The CSRD introduces a forward-looking dimension to sustainability reporting, requiring companies to disclose information about their business model, strategy, and, most importantly, sustainability targets. For example, climate-related targets and expected outcomes of key operations are essentially based on forecasting, judgement, and expectations about the future, which requires scientific estimation or methodologies available at a given time. Furthermore, transparency regarding the underlying assumptions and uncertainties associated with forward-looking information is also crucial.  Companies should disclose the methodologies used to develop their targets and highlight the inherent limitations and potential for deviations based on unforeseen circumstances. This fosters a more thoughtful understanding of a company's sustainability goals by stakeholders and helps manage their expectations [2].

2. Assurance Standard

To ensure uniformity and uphold the highest standards of reliability and credibility in sustainability reporting, CSRD stipulates all assurance service providers must adhere to equivalent requirements as stipulated in Directive (2006/43/EU) that applies universally to all assurance providers, irrespective of whether the assurance is conducted by a statutory auditor or an auditor affiliated with an accountancy firm. Moreover, the International Standard on Assurance Engagements (ISAE) 3000 (Revised), issued by The International Auditing and Assurance Standards Board (IAASB) in 2013, is an essential framework for addressing the assurance requirements of CSRD. This established standard applies to assurance engagements beyond audits of historical financial information, including sustainability reporting, making it a vital tool for complying with CSRD’s demands [10].

3. Independence

Maintaining trust in sustainability reporting requires strict independence criteria. Companies must maintain independence across vital areas to improve the dependability and credibility of their disclosures. This includes assigning an adequate number of independent directors to the Board and Audit Committees to ensure fair supervision and impartial decision-making. To minimise familiarity risks, the Audit Committee should oversee the audit process, including the selection of independent sustainability assurance providers. Furthermore, organisations must disclose associations or affiliations that may jeopardise their independence, including any relationship with auditors, board members, and assurance providers [8].

Key Challenges in CSRD Audit And Assurance

Besides CSRD and IAASB comprehensive guidelines on audit and assurance standards, there are some additional challenges that currently exist in the following areas:

Estimations

Sustainability practitioners face significant challenges with estimates in sustainability assurance engagements. Unlike financial statement audits, which rely on historical data for estimates, sustainability engagements often depend on hypothetical situations. In sustainability reporting, however, estimates frequently involve forecasting future conditions, and it is therefore more challenging for assurers to develop estimates. Practitioners acknowledge that the concepts outlined in ISA 540 (Auditing Accounting Estimates and Related Disclosures) may not fully translate to sustainability assurance engagements. Sustainability practitioners recognise the value of developing a similar framework for sustainability estimates, further suggesting this as a potential focus area for the IAASB [10].

Greenwashing

Greenwashing, as defined by the International Organization of Securities Commissions (IOSCO), ‘refers to practices that involve misleading intended users of the information, or intentionally giving them a false impression about how well an organisation or an investment is aligned with its sustainability goals’. This growing concern aligns with the ongoing revisions to the International Standard on Auditing (ISA) 240 on fraud, highlighting the heightened awareness of this issue within the assurance profession. The CSRD, with its mandatory assurance requirement, presents a powerful weapon in the fight against greenwashing. By establishing robust assurance standards, the IAASB can significantly enhance the credibility and reliability of sustainability disclosures [11], [10].

Cost Considerations

Implementing mandatory assurance under the CSRD will cause additional costs for companies, particularly for those that have not previously engaged in voluntary assurance for their sustainability reports. These costs encompass a range of activities, including the hiring of external auditors, data collection, internal process adjustments, and ongoing compliance monitoring. Companies must strategically evaluate these costs against the benefits in terms of improved stakeholder relationships and enhanced market value potential [1].

Conclusion

In achieving the goals set forth by the Corporate Sustainability Reporting Directive (CSRD), the role of audit and assurance is of utmost importance. External audits not only verify the accuracy and reliability of sustainability disclosures but also develop confidence in stakeholders by ensuring transparency and adherence to regulatory standards. As companies navigate the complexities of sustainability reporting, reliable assurance practices become a necessary part of reporting. Integrating audit and assurance in sustainability reporting not only enhances corporate accountability but also facilitates informed decision-making. By embracing rigorous audit and assurance processes mandated under the CSRD guidelines, businesses not only comply with regulatory requirements but also contribute to the broader objectives of climate resilience and sustainability. Moreover, continued emphasis on effective audit and assurance practices will be essential to fostering trust, achieving sustainability goals, and driving meaningful change across the European Union.

How SmartResilience Can Help?

Smart Resilience is a company dedicated to empowering businesses to navigate the challenges of climate change. With a focus on sustainability and long-term success, we offer tailored solutions to assess and mitigate climate-related risks. Our comprehensive suite of services empowers businesses to combat climate challenges while aligning perfectly with the requirements of the Corporate Sustainability Reporting Directive (CSRD). 

Our comprehensive services include:

Physical Risk Assessments: SmartResilience conducts in-depth physical risk assessments, to identify vulnerabilities to extreme weather events and other climate-related hazards. These assessments directly address the CSRD's mandate for climate risk disclosure and potential impacts.

Scenario Analysis: SmartResilience scenario analysis tools evaluate the impact of diverse climate scenarios on your business operations. By strategically considering various possibilities, you can plan for the future, enhance financial resilience, and align seamlessly with the CSRD's mandate for future-proof planning.

Risk Management Strategies: SmartResilience goes beyond identification by developing comprehensive and tailored risk management strategies. Our solutions safeguard businesses against climate change impacts, emphasising the CSRD’s call for proactive adaptation measures.

Ongoing Compliance Support: SmartResilience provides continuous support to ensure your sustainability reporting remains compliant with evolving CSRD requirements. Our services include regular updates to reflect the latest regulations, staff training to maintain expertise, and vigilant monitoring for accurate and up-to-date disclosures.

Partnering for a Sustainable Future: The future may be uncertain, but by building resilience together, we can address climate change with confidence and clarity. Contact us today to embark on a journey towards a sustainable future.

References

[1] Apiday, “How to Successfully Prepare for A CSRD audit?,” Apiday. Accessed: Jul. 16, 2024. [Online]. Available: https://www.apiday.com/blog-posts/how-to-successfully-prepare-for-a-csrd-audit

[2] A. Europe, “Sustainability Assurance Under The CSRD.” Accountancy Europe, May 2022. Accessed: Jul. 16, 2024. [Online]. Available: https://www.accountancyeurope.eu/wp-content/uploads/2022/12/220401-Sustainability-assurance-under-the-CSRD-1-1.pdf

[3] EU, “Corporate Sustainability Reporting - European Commission,” European Commission. Accessed: Jul. 16, 2024. [Online]. Available: https://finance.ec.europa.eu/capital-markets-union-and-financial-markets/company-reporting-and-auditing/company-reporting/corporate-sustainability-reporting_en

[4] G. Thornton, “CSRD Reporting: What You Need To Know,” Grant Thornton. Accessed: Jul. 16, 2024. [Online]. Available: https://www.grantthornton.com/insights/articles/esg/2023/csrd-reporting-what-you-need-to-know

[5] K. Anderson, “How to Comply With the CSRD Reporting Requirements,” AuditBoard. Accessed: Jul. 17, 2024. [Online]. Available: https://www.auditboard.com/blog/how-to-comply-with-the-csrd-reporting-requirements

[6] D-Carbonize, “CSRD: What You Need To Know About Auditing,” D-Carbonize. Accessed: Jul. 17, 2024. [Online]. Available: https://d-carbonize.eu/csrd/audit/

[7] E. Manager, “CSRD Assurance: An Overview of the EU Legislation,” EcoBio Manager. Accessed: Jul. 17, 2024. [Online]. Available: https://ecobiomanager.com/csrd-assurance-an-overview-of-the-eu-legislation/

[8] ICAEW, “CSRD: Sustainability Assurance,” The Institute of Chartered Accountants in England and Wales (ICAEW). Accessed: Jul. 17, 2024. [Online]. Available: https://www.icaew.com/groups-and-networks/local-groups-and-societies/europe/european-sustainability-reporting-and-assurance/csrd-sustainability-assurance

[9] KPMG, “Why Assurance In ESG Reporting Is Rapidly Gaining Importance - The Need For Robust Internal Controls In Sustainability Reporting.,” KPMG. Accessed: Jul. 17, 2024. [Online]. Available: https://kpmg.com/be/en/home/insights/2024/04/sus-why-assurance-in-esg-reporting-is-rapidly-gaining-importance.html

[10] A. Diolas and M. Rogdaki, “Sustainability Assurance – Rising To The Challenge,” ACCA (the Association of Chartered Certified Accountants), United Kingdom, Feb. 2023. Accessed: Jul. 17, 2024. [Online]. Available: https://www.accaglobal.com/content/dam/ACCA_Global/professional-insights/sustainability-insurance/PI-SUSTAINABILITY-ASSURANCE%20v5.pdf

[11] IOSCO, “Annual Report 2020  - International Organization Of Securities Commissions,” International Organization Of Securities Commissions (IOSCO, 2020. Accessed: Jul. 17, 2024. [Online]. Available: https://www.iosco.org/annual_reports/2020/pdf/annualReport2020.pdf

Related Articles

View all resources
SmartResilience's guide to physical risk reporting 31 Mar 2026

SmartResilience's guide to physical risk reporting

Read more →
Addressing Data Gaps in Climate Risk Assessment - The Importance of Reliable, Granular, and Forward-Looking Climate Data for Adaptation Strategies 30 Mar 2026

Addressing Data Gaps in Climate Risk Assessment - The Importance of Reliable, Granular, and Forward-Looking Climate Data for Adaptation Strategies

Read more →
Evaluating The Cost-Benefit Analysis of Climate Adaptation Measures From An Insurance Perspective _ Aerial view of the Ljubljana old town, Slovenia. Ljubljana castle, historic buildings and Ljubljanica river in Slovenian capital at sunny day. Beautiful mountain range at background 16 Mar 2026

Evaluating The Cost-Benefit Analysis of Climate Adaptation Measures From An Insurance Perspective - Explore the Role of Climate Insurance In Risk Assessment & Resilience Building

Read more →
smartresilience logo
X LinkedIn
Copyright© 2026 SmartResilience Ltd