The attached EFRAG and IFRS materials point to an end-to-end ESRS workflow that starts with an evidence-based double materiality assessment, then moves into datapoint scoping, metric definition, reporting-boundary decisions, internal control design, assurance preparation, and only then early digital-tagging work.[1][2][3]
The practical message is that ESRS is not just a disclosure exercise. It is an operating model change in which the reporting entity must document judgments, connect materiality to scope, standardize controls, and build traceability from narrative reporting into digital tagging.[4][5][6]
| Workflow step | Primary ownership pattern | What the sources indicate | Main risk point |
|---|---|---|---|
| 1. Double materiality assessment | Sustainability and/or Finance, with Risk, business units, stakeholders, and external experts supporting the process[7][8] | EFRAG observed that many undertakings are moving toward an objective, evidence-based assessment using internal and third-party data, plus internal experts and stakeholder input[9] | Comparability and verification risk if methodology, thresholds, or evidence quality differ across entities[10][11] |
| 2. Datapoint scoping | Sustainability reporting, Finance reporting, and technical ESRS specialists[12][13] | The DMA outcome is used to narrow the topic list and datapoint gap analysis, and EFRAG notes that some undertakings still do not fully connect DMA outcomes to the gap analysis[14][15] | Risk of over-including datapoints, which weakens relevance and comparability[16][17] |
| 3. Metric definition | Topic metric owners with Finance and control support[18] | The materials say undertakings use different thresholds for financial and impact materiality, and that the reporting entity owns metric selection and evidence trail decisions[19][20] | Comparability and verification risk from inconsistent definitions, assumptions, and estimation uncertainty[21][22] |
| 4. Reporting boundaries and value chain coverage | Sustainability, Procurement or Supply Chain, business units, and Finance or consolidation teams[23][24] | EFRAG says value-chain mapping is still one of the least mature areas, and the reporting boundary must cover upstream and downstream relationships as relevant[25][26][27] | Value chain data risk, especially beyond Tier 1, and boundary comparability risk between operational-control and other views[28][29][30] |
| 5. Internal controls | Finance controls, Internal Control or Internal Audit, Sustainability, IT, and management oversight bodies[31] | EFRAG says CSRD reporting is driving standardised ESG processes and COSO-like internal control techniques, especially around data quality[32][33] | Verification risk if judgments are undocumented or control evidence is weak[34][35] |
| 6. Assurance readiness | Prepared through the same reporting and control owners rather than a separate standalone regime[36][37] | The sources frame assurance readiness as the result of better governance, controls, and evidence discipline, not as a separate checklist[38][39] | Assurance risk if boundaries, metrics, or inputs are not auditable[40][41] |
| 7. XBRL tagging | Reporting, Sustainability, Finance, and IT or data teams[42][43] | EFRAG says some undertakings are only using IG 3 as a preliminary basis for the upcoming digital tagging or reporting taxonomy[44][45] | Late taxonomy mapping and weak traceability from narrative disclosures to tagged facts[46][47] |
Across the workflow, EFRAG observed both a single-function lead model and a co-leadership model: about 65% of undertakings assign ownership to one function, typically the CSO or CFO, while about 35% use joint leadership.[48]
The IFRS interoperability guidance reinforces that the reporting entity itself owns the materiality judgment, scoping, metric selection, boundary decisions, and evidence trail, and that ESRS and ISSB climate disclosures should align closely where financial materiality overlaps.[49][50]
A useful way to think about the workflow is: DMA sets the scope, scope sets the datapoints, datapoints drive metric design, boundary choices shape value-chain estimates, controls make the package verifiable, and digital tagging comes last once the reporting architecture is stable.[60][61]
The sources support a clear implementation map: ESRS reporting should be built as a controlled, auditable chain from evidence-based materiality to scoped disclosures, defined metrics, documented boundaries, internal controls, assurance preparation, and then tagging.[62][63][64] The main fault lines are comparability at methodology and boundary decisions, verification at the evidence and control layer, and value chain data quality where upstream and downstream information is still immature.[65][66][67]
Get more accurate answers with Super Pandi, upload files, personalized discovery feed, save searches and contribute to the PandiPedia.
Let's look at alternatives: