Article
Companies are realizing the benefits of third-party ESG data assurance
Aug. 11, 2023 · Authored by Kelly Bourbon, Joe Donnelly
Environmental, social and corporate governance (ESG) has emerged over the last decade as one of the most popular initiatives for organizations throughout the U.S. Yet, the rapid rise of ESG’s importance in the minds of business leaders, investors and consumers has helped sprout a new critical component: verifying the accuracy of ESG data.
The concept may sound like a simple one. Naturally, as organizations generate more data related to their ESG initiatives, their business leaders and stakeholders ultimately will require an increased level of assurance that this information is being reported accurately and consistently.
Of course, internal team members cannot be tasked with providing this verification. It simply is too difficult to achieve independence when handling audits in-house. And make no mistake about it – an examination of a company’s ESG data is an audit. And as ESG continues to grow in popularity and importance, this type of assurance procedure has become more necessary than ever.
Types of third-party ESG assurance
There are three different types of assurance that an organization could seek. At the moment, virtually all the ESG assurance engagements performed at Baker Tilly fall under the first two categories.
Reasonable assurance: This is the highest level of assurance that can be attained and is usually gained through an examination or financial statement audit. This does not mean absolute assurance, but rather performing procedures to lower the audit risk (i.e., the risk that an inappropriate opinion is issued) to an acceptably low level.
Limited assurance: A lower level of assurance that results from the performance of a review engagement is limited assurance. A review requires much less rigor than an examination and an auditor’s opinion is expressed in more of a negative format (i.e., saying that nothing came to the auditor’s attention that would indicate that management's assertion is materially misstated).
No assurance: This level is more commonly known as an agreed-upon procedures (AUP) engagement. In these engagements, management tells the auditor exactly which procedures to perform and there is almost no room for auditor judgment. The final deliverable is a report that restates the procedures as dictated by management, followed by the results of an auditor’s performance of those procedures.
