How to get audit-ready for CSRD (in 7 simple steps)

Written by
Camille Charluet
April 26, 2024
min read

If your business is among the over 50,000 impacted by the EU’s Corporate Sustainability Reporting Directive (CSRD), your sustainability reports are required to undergo mandatory assurance. This involves external auditors verifying your greenhouse gas (GHG) assessments to ensure your ESG data is accurate and reliable.

Beyond simply meeting regulatory requirements, completing a CSRD compliance audit offers significant benefits. It can enhance your company’s credibility, reduce liability, strengthen stakeholder trust, and ensure your processes align with industry best practices like the Greenhouse Gas Protocol (GHG Protocol).

‍A recent study revealed that 65% of S&P 500 companies sought assurance or verification for their ESG reporting in 2021—a 13% increase from the previous year. This upward trend shows just how quickly assurance is becoming a standard business practice (and not just a compliance box to tick).

But what exactly are the assurance requirements under the CSRD? How can you prepare your GHG inventory to meet these standards? And what tools are available to simplify the audit process? Read on for everything you need to know to manage your next CSRD compliance audit with confidence.

Quick recap: Some EU CSRD FAQs

Before we dive into the specifics of CSRD audits, let’s quickly recap some key facts about the CSRD.

What is the CSRD?

The CSRD is a regulatory framework established to enhance the consistency and transparency of corporate sustainability reporting throughout Europe. It was created to overcome the limitations of the previous Non-Financial Reporting Directive (NFRD) by introducing more specific sustainability reporting requirements for European businesses.

Who needs to comply?

Unlike the NFRD, which only applied to large public-interest entities, the CSRD broadens the scope to include all large companies and any company listed on EU regulated markets, even listed small-to-medium enterprises (SMEs).

Timeline: When do you need to comply?

The CSRD will be phased in gradually based on company size, revenue, and location:

  • 2024: Large companies previously reporting under NFRD must start adhering to the CSRD, with first reports due in 2025.
  • 2025: Large companies meeting any two of these criteria—250+ employees, €50M+ net turnover, €25M+ total assets—must comply with the CSRD, with reports due in 2026.
  • 2026: Listed SMEs meeting two of the following must comply with the CSRD, with reports due in 2027: small-sized (50-249 employees, €10M-€50M net turnover, €5M-€25M total assets) or micro-sized (10-49 employees, €900K-€10M net turnover, €450K-€5M total assets)
  • 2028: Enterprises from third countries must comply with the CSRD, with reports due in 2029.

Does your CSRD report need to be audited? 

In short: Yes. If your company falls under the scope of the CSRD, your sustainability report must undergo independent third-party verification.

Limited assurance vs. reasonable assurance

Verification comes in two forms: limited assurance and reasonable assurance. 

Limited assurance focuses mainly on compliance review. Reasonable assurance offers a deeper, more thorough examination of your operations, processes, and controls. In industries like manufacturing, for instance, this could involve site inspections to verify your data collection methods.

Current audit rules under the CSRD

Under the CSRD, companies must meet limited assurance standards until October 1, 2028. By then, the EU intends to implement reasonable assurance standards, if feasible. Until October 1, 2026, limited assurance will align with national standards, after which EU-wide standards for limited assurance will be established.

Assurance timeline under the CSRD

Here’s a summary of the key dates to be aware of for assurance under the CSRD.

  • Until October 1, 2026: Limited assurance will be conducted following national standards such as those such as those by the Koninklijke Nederlandse Beroepsorganisatie van Accountants in the Netherlands.
  • After October 1, 2026: The EU will introduce EU-wide limited assurance standards across member states.
  • By October 1, 2028: The EU plans to implement reasonable assurance standards, depending on feasibility.
  • By December 31, 2028: The EU Commission plans to evaluate legal steps to broaden the sustainability assurance market and improve the quality of reporting.

Who can audit the CSRD? 

An assurance statement for CSRD compliance can be issued by several qualified entities:

  1. The statutory auditor or audit firm currently responsible for your company’s financial statements.
  2. An alternative statutory auditor or audit firm.
  3. An independent assurance service provider approved by your member state.

Accountants conducting these audits must be qualified to conduct assurance engagements for sustainability reporting.

In the Netherlands, the Dutch Financial Markets Authority (AFM) oversees sustainability reporting compliance for listed companies under the Financial Reporting Supervision Act. The AFM can also demand public clarification or initiate legal actions if necessary.

How to prepare for a CSRD compliance audit in 7 simple steps

Getting your GHG inventory audit-ready is a lengthy yet rewarding process. Following these seven simple steps will ensure you’re on the right track:

1. Understand the scope

Start by determining the boundaries of the audit. This means figuring out which parts of your business operations and sustainability topics need to be addressed under the CSRD. This will focus your efforts on relevant areas.

2. Review legal requirements

Familiarize yourself with the European Sustainability Reporting Standards (ESRS) which outline the specific reporting requirements your company must follow to comply with the CSRD. 

These standards guide you on how to structure your CSRD report and what to disclose in terms of environmental, social, and governance (ESG) topics.

3. Assess data collection and management practices according to the ESRS standards

Review and adjust your current data collection and management practices to ensure they are in compliance with the ESRS. 

The first set of the ESRS is made up of 12 topics. These include 10 topical standards covering ESG matters, and two cross-cutting standards which are general criteria applicable to all those subject to the CSRD.

4. Conduct a Double Materiality Assessment

Under the CSRD, you are not required to report on all 94 ESRS subtopics—only those deemed "material" to your business. 

Performing a Double Materiality Assessment helps you determine which sustainability topics to include in your reports. Topics are considered material if they influence your company’s financial performance (financial materiality) or affect society and the environment (impact materiality), or both.

The outlier here is ESRS 1: Climate Change. Unlike other ESRS standards, if your company deems ESRS E1 as non-material, it must provide detailed justifications and a future analysis. This makes it difficult to exclude due to the near-universal impact of GHG emissions on business operations.

For more information about conducting a materiality analysis, download our free Double Materiality Assessment guide.


5. Report on the material ESRS data points

After identifying material topics through your assessment, collect, analyze, and report data related to these ESRS topics. Focus on detailed carbon accounting to manage and report key sustainability indicators associated with your business’s GHG emissions.

6. Document and report your findings

Prepare your annual sustainability report following the European Single Electronic Format (ESEF) guidelines. 

Use XHTML format and “tag” sustainability information using the new digital categorization system. This makes it easy for governing bodies, investors, and other stakeholders to reference and analyze your information via the European Single Access Point (ESAP) database.

Ensure all supporting documents like utility bills and fuel receipts are well-organized to facilitate the audit process.

7. Have your sustainability report reviewed by an auditor

Finally, submit your sustainability report for review by a qualified auditor to verify its accuracy and completeness.

Limited assurance typically results in a negative assurance opinion, which means no material misstatements were detected. Reasonable assurance usually results in a positive assurance opinion, confirming your reporting is accurate.

Using the right tools to get started with CSRD auditing

Preparing your GHG inventory for a CSRD compliance audit is a big commitment in terms of time and effort. Thankfully, tools like Coolset's CSRD compliance software can make the complex process a whole lot more manageable.

With Coolset, you can simplify the preparation, reporting, and auditing processes to seamlessly meet CSRD regulations. Our platform offers end-to-end compliant reporting with features like:

  • Audit-ready exports: Ensure compliance with our built-in machine-readable reporting disclosures.
  • Auditor network access: Connect with vetted auditors through our network to fast-track the limited assurance process.

Take the first step toward CSRD compliance by booking a free demo with a Coolset climate expert today.

A step-by-step guide to your business's Double Materiality Assessment

Download your free guide and share it with your team to kickstart preparations.

Stay informed

Get the latest updates on events, guides, market trends and product advancements.

The leading sustainability platform for mid-market companies

Streamline sustainability measurements, improvements and compliance in one place.