85

From materiality to machine readability: the ESRS reporting workflow. Structure the report as an end-to-end ESRS implementation map: evidence-based materiality assessment, datapoint scoping, metric definitions, reporting boundaries, internal controls, assurance readiness, and XBRL tagging. Use tables to show what each function owns and where comparability, verification, and value chain data risks enter the process.

ESRS implementation map from DMA to XBRL tagging

The attached EFRAG and IFRS materials point to an end-to-end ESRS workflow that starts with an evidence-based double materiality assessment, then moves into datapoint scoping, metric definition, reporting-boundary decisions, internal control design, assurance preparation, and only then early digital-tagging work.[1][2][3]

The practical message is that ESRS is not just a disclosure exercise. It is an operating model change in which the reporting entity must document judgments, connect materiality to scope, standardize controls, and build traceability from narrative reporting into digital tagging.[4][5][6]

Workflow map and functional ownership

Workflow stepPrimary ownership patternWhat the sources indicateMain risk point
1. Double materiality assessmentSustainability and/or Finance, with Risk, business units, stakeholders, and external experts supporting the process[7][8]EFRAG observed that many undertakings are moving toward an objective, evidence-based assessment using internal and third-party data, plus internal experts and stakeholder input[9]Comparability and verification risk if methodology, thresholds, or evidence quality differ across entities[10][11]
2. Datapoint scopingSustainability reporting, Finance reporting, and technical ESRS specialists[12][13]The DMA outcome is used to narrow the topic list and datapoint gap analysis, and EFRAG notes that some undertakings still do not fully connect DMA outcomes to the gap analysis[14][15]Risk of over-including datapoints, which weakens relevance and comparability[16][17]
3. Metric definitionTopic metric owners with Finance and control support[18]The materials say undertakings use different thresholds for financial and impact materiality, and that the reporting entity owns metric selection and evidence trail decisions[19][20]Comparability and verification risk from inconsistent definitions, assumptions, and estimation uncertainty[21][22]
4. Reporting boundaries and value chain coverageSustainability, Procurement or Supply Chain, business units, and Finance or consolidation teams[23][24]EFRAG says value-chain mapping is still one of the least mature areas, and the reporting boundary must cover upstream and downstream relationships as relevant[25][26][27]Value chain data risk, especially beyond Tier 1, and boundary comparability risk between operational-control and other views[28][29][30]
5. Internal controlsFinance controls, Internal Control or Internal Audit, Sustainability, IT, and management oversight bodies[31]EFRAG says CSRD reporting is driving standardised ESG processes and COSO-like internal control techniques, especially around data quality[32][33]Verification risk if judgments are undocumented or control evidence is weak[34][35]
6. Assurance readinessPrepared through the same reporting and control owners rather than a separate standalone regime[36][37]The sources frame assurance readiness as the result of better governance, controls, and evidence discipline, not as a separate checklist[38][39]Assurance risk if boundaries, metrics, or inputs are not auditable[40][41]
7. XBRL taggingReporting, Sustainability, Finance, and IT or data teams[42][43]EFRAG says some undertakings are only using IG 3 as a preliminary basis for the upcoming digital tagging or reporting taxonomy[44][45]Late taxonomy mapping and weak traceability from narrative disclosures to tagged facts[46][47]

Across the workflow, EFRAG observed both a single-function lead model and a co-leadership model: about 65% of undertakings assign ownership to one function, typically the CSO or CFO, while about 35% use joint leadership.[48]

The IFRS interoperability guidance reinforces that the reporting entity itself owns the materiality judgment, scoping, metric selection, boundary decisions, and evidence trail, and that ESRS and ISSB climate disclosures should align closely where financial materiality overlaps.[49][50]

Where comparability, verification, and value chain risks arise

  • Comparability risk arises first at the double materiality stage, because undertakings differ in methodology, stakeholder engagement, and threshold setting for financial versus impact materiality.[51]
  • It reappears at metric definition, where differences in estimates, assumptions, time horizons, and prior-period treatment can change reported results and require explanation or restatement when practicable.[52]
  • Verification risk is highest when the assessment is not grounded in objective evidence or when control evidence is weak, because data can be misinterpreted and the key datasets can be obscured by too much or poorly structured information.[53][54]
  • Value chain data risk is concentrated in boundary setting and mapping granularity, especially for upstream and downstream relationships beyond Tier 1, where data are still less mature and more estimation is often required.[55][56][57]
  • The IFRS guidance adds that ESRS may require broader or different emissions views than IFRS S2, so missing boundary data can create both comparability and measurement issues under dual reporting.[58][59]

A useful way to think about the workflow is: DMA sets the scope, scope sets the datapoints, datapoints drive metric design, boundary choices shape value-chain estimates, controls make the package verifiable, and digital tagging comes last once the reporting architecture is stable.[60][61]

Bottom line

The sources support a clear implementation map: ESRS reporting should be built as a controlled, auditable chain from evidence-based materiality to scoped disclosures, defined metrics, documented boundaries, internal controls, assurance preparation, and then tagging.[62][63][64] The main fault lines are comparability at methodology and boundary decisions, verification at the evidence and control layer, and value chain data quality where upstream and downstream information is still immature.[65][66][67]