Internal audit’s role in ESG reporting

Conversations and focus on sustainability, typically grouped into environmental, social and governance (ESG) issues, are quickly evolving — from activist investor groups and inquisitive regulators pushing for change to governing bodies and C-suite executives struggling to understand and embrace the concept. At the forefront of this new risk area is pressure for organizations to make public commitments to sustainability and provide routine updates to ESG-related strategies, goals, and metrics that are accurate and relevant. However, ESG reporting is still immature, and there is not a lot of definitive guidance for organizations in this space. For example, there is no single standard for what should be reported.

What is clear is that strong governance over ESG — as with effective governance overall — requires alignment among the principal players as outlined in The Internal Institute of Auditors (IIA) Three Lines Model. As with any risk area, internal audit should be well-positioned to support the governing body and management with objective assurance, insights, and advice on ESG matters.

Embarking on the ESG journey

Efforts to mitigate the accelerating effects of climate change and address perceived historical social inequities are two powerful issues driving change globally. These movements have enhanced awareness of how all organizations impact, influence, and interact with society and the environment.

They also have spurred organizations to better recognize and manage ESG risks (i.e., risks associated with how organizations operate in respect to their impact on the world around them). This broad risk category includes areas that are dynamic and often driven by factors that can be difficult to measure objectively.

Still, there is growing urgency for organizations to understand and manage ESG risks, particularly as investors and regulators focus on organizations producing high-quality reporting on sustainability efforts. What’s more, that pressure is being reflected increasingly in executive performance as more organizations tie incentive compensation metrics to ESG goals.

As ESG reporting becomes increasingly common, it should be treated with the same care as financial reporting. Organizations need to recognize that ESG reporting must be built on a strategically crafted system of internal controls and accurately reflect how an organization’s ESG efforts relate to each other, the organization’s finances, and value creation.

Internal audit can and should play a significant role in an organization’s ESG journey. It can add value in an advisory capacity by helping to identify and establish a functional ESG control environment. It also can offer critical assurance support by providing an independent and objective review of the effectiveness of ESG risk assessments, responses, and controls.

Source: Adapted from https://na.theiia.org/about-ia/PublicDocuments/White-Paper-Internal-Audits-Role-in-ESG-Reporting.pdf

Internal audit’s role in ESG reporting

Conversations and focus on sustainability, typically grouped into environmental, social and governance (ESG) issues, are quickly evolving — from activist investor groups and inquisitive regulators pushing for change to governing bodies and C-suite executives struggling to understand and embrace the concept. At the forefront of this new risk area is pressure for organizations to make public commitments to sustainability and provide routine updates to ESG-related strategies, goals, and metrics that are accurate and relevant. However, ESG reporting is still immature, and there is not a lot of definitive guidance for organizations in this space. For example, there is no single standard for what should be reported.

What is clear is that strong governance over ESG — as with effective governance overall — requires alignment among the principal players as outlined in The Internal Institute of Auditors (IIA) Three Lines Model. As with any risk area, internal audit should be well-positioned to support the governing body and management with objective assurance, insights, and advice on ESG matters.

Embarking on the ESG journey

Efforts to mitigate the accelerating effects of climate change and address perceived historical social inequities are two powerful issues driving change globally. These movements have enhanced awareness of how all organizations impact, influence, and interact with society and the environment.

They also have spurred organizations to better recognize and manage ESG risks (i.e., risks associated with how organizations operate in respect to their impact on the world around them). This broad risk category includes areas that are dynamic and often driven by factors that can be difficult to measure objectively.

Still, there is growing urgency for organizations to understand and manage ESG risks, particularly as investors and regulators focus on organizations producing high-quality reporting on sustainability efforts. What’s more, that pressure is being reflected increasingly in executive performance as more organizations tie incentive compensation metrics to ESG goals.

As ESG reporting becomes increasingly common, it should be treated with the same care as financial reporting. Organizations need to recognize that ESG reporting must be built on a strategically crafted system of internal controls and accurately reflect how an organization’s ESG efforts relate to each other, the organization’s finances, and value creation.

Internal audit can and should play a significant role in an organization’s ESG journey. It can add value in an advisory capacity by helping to identify and establish a functional ESG control environment. It also can offer critical assurance support by providing an independent and objective review of the effectiveness of ESG risk assessments, responses, and controls.

Source: Adapted from https://na.theiia.org/about-ia/PublicDocuments/White-Paper-Internal-Audits-Role-in-ESG-Reporting.pdf

Internal audit’s role in ESG reporting

Conversations and focus on sustainability, typically grouped into environmental, social and governance (ESG) issues, are quickly evolving — from activist investor groups and inquisitive regulators pushing for change to governing bodies and C-suite executives struggling to understand and embrace the concept. At the forefront of this new risk area is pressure for organizations to make public commitments to sustainability and provide routine updates to ESG-related strategies, goals, and metrics that are accurate and relevant. However, ESG reporting is still immature, and there is not a lot of definitive guidance for organizations in this space. For example, there is no single standard for what should be reported.

What is clear is that strong governance over ESG — as with effective governance overall — requires alignment among the principal players as outlined in The Internal Institute of Auditors (IIA) Three Lines Model. As with any risk area, internal audit should be well-positioned to support the governing body and management with objective assurance, insights, and advice on ESG matters.

Embarking on the ESG journey

Efforts to mitigate the accelerating effects of climate change and address perceived historical social inequities are two powerful issues driving change globally. These movements have enhanced awareness of how all organizations impact, influence, and interact with society and the environment.

They also have spurred organizations to better recognize and manage ESG risks (i.e., risks associated with how organizations operate in respect to their impact on the world around them). This broad risk category includes areas that are dynamic and often driven by factors that can be difficult to measure objectively.

Still, there is growing urgency for organizations to understand and manage ESG risks, particularly as investors and regulators focus on organizations producing high-quality reporting on sustainability efforts. What’s more, that pressure is being reflected increasingly in executive performance as more organizations tie incentive compensation metrics to ESG goals.

As ESG reporting becomes increasingly common, it should be treated with the same care as financial reporting. Organizations need to recognize that ESG reporting must be built on a strategically crafted system of internal controls and accurately reflect how an organization’s ESG efforts relate to each other, the organization’s finances, and value creation.

Internal audit can and should play a significant role in an organization’s ESG journey. It can add value in an advisory capacity by helping to identify and establish a functional ESG control environment. It also can offer critical assurance support by providing an independent and objective review of the effectiveness of ESG risk assessments, responses, and controls.

Source: Adapted from https://na.theiia.org/about-ia/PublicDocuments/White-Paper-Internal-Audits-Role-in-ESG-Reporting.pdf