CSRD Double Materiality Assessment Template: Structure, Inputs, Audit Trail

The Corporate Sustainability Reporting Directive (CSRD) and its European Sustainability Reporting Standards (ESRS) make the double materiality assessment the gateway to every reporting decision. ESRS 1 paragraph 24 requires reporting undertakings to assess both impact materiality (effects of the undertaking on people and environment) and financial materiality (sustainability-related risks and opportunities that affect or could affect the undertaking's financial position, performance, cash flows, access to finance, or cost of capital over short, medium, and long term). The outcome drives the set of topical ESRS that must be disclosed, the data points to collect, and the boundary of the sustainability statement that the external assurance provider will examine.

This article walks through what an audit-ready double materiality assessment template must contain, where the typical pitfalls lie, and how the documentation needs to be structured so that the limited or reasonable assurance engagement does not turn into a year-long remediation project. The frame builds on EFRAG's Implementation Guidance IG 1, ESRS 1, ESRS 2 and observed audit practice in the first wave of 2024 reports. CIVAC operates as a compliance platform and Officer-as-a-Service provider. License the workspace for your internal officers, or have our officers appointed. Both modes carry the assessment from stakeholder mapping through ESRS topic selection to the auditable evidence trail.

ESRS 1 chapter 3 sets out the qualitative characteristics and process requirements for the double materiality assessment. Paragraph 24 defines impact materiality as material when an undertaking has connection to actual or potential significant impacts on people or environment over short, medium, or long term, including impacts caused by the undertaking, contributed to by the undertaking, or directly linked to its operations, products, or services through its business relationships. Financial materiality is material when a sustainability matter triggers or may reasonably be expected to trigger material financial effects on the undertaking.

The assessment must be conducted at least at the level of each sustainability topic listed in ESRS 1 Application Requirement 16, then drilled down to sub-topics and sub-sub-topics where relevant. The undertaking must also assess matters not on the list if they are material in the specific context. The assessment must cover the own operations and the upstream and downstream value chain, with stated time horizons of short (one year), medium (two to five years), and long term (beyond five years).

The methodology must be documented, applied consistently, and reviewed at least every reporting period. Changes between periods must be explained. Auditors will request the methodology document, the scoring matrix, the stakeholder list, the evidence sources, and the rationale for any topic that is excluded. Without this trail, the assurance engagement will issue findings on completeness of the materiality assessment, which is a foundational risk.

The CIVAC workspace maps these requirements into a structured template referenced against ESRS 1 paragraphs and the 93 controls of the ESG officer's working list, so that the methodology and the evidence base are stored together rather than scattered across spreadsheets and shared drives, with full version history.

An audit-ready template needs five layered blocks. Block 1, the methodology page, captures the scoring scale (typically four or five steps for severity, scope, irremediability for impacts, and magnitude, likelihood for financial), the time horizons, the value chain boundary, and the documented exceptions. Block 2, the stakeholder register, lists internal and external stakeholders, their relevance, the engagement method used, the date of the engagement, and the evidence anchored to it.

Block 3, the topic universe, lists every ESRS topic (ESRS E1 to E5, S1 to S4, G1) and the sub-topics from ESRS 1 AR 16. For each item the template records the impact materiality score, the financial materiality score, the resulting material/not material decision, the rationale text, the boundary (own operations, upstream, downstream), and the time horizon. Block 4, the entity-specific topics, allows for matters beyond the ESRS list with the same scoring discipline.

Block 5, the evidence index, links every score to its primary source. Sources include due diligence findings, internal risk registers, customer surveys, NGO reports, regulator letters, peer benchmarks, and prior-year incident data. Each source has a stable identifier, a date, and a retention reference, so that the assurance provider can trace any score back to a verifiable input.

Without these five blocks the template will not survive a limited assurance walkthrough. Auditors will sample three to five topics, request the trail, and document a deficiency if links are weak. The civac workspace generates this layered structure from a template selected at project start, so that the team builds evidence as it scores, not after the assessment is closed and ready for assurance review.

Impact materiality scoring follows ESRS 1 paragraph 43. For actual negative impacts the assessment combines severity (a function of scale, scope, irremediable character) and likelihood. For potential negative impacts the same severity dimension applies, multiplied by the likelihood of occurrence over the chosen time horizon. For positive impacts the assessment focuses on scale and scope of the contribution, given the lower priority that EFRAG IG 1 places on likelihood for positive effects.

Scale captures the gravity of the impact, scope captures the spread (number of people, geographical reach, ecosystems affected), irremediability captures whether the impact can be reversed and at what cost. For human rights impacts these three components are weighted as primary, with severity often overriding likelihood. For environmental impacts irremediability is often the deciding factor, since long-term ecological harm scores high regardless of statistical frequency.

A common pitfall is using a single 1-to-5 score per topic without sub-decomposition. Auditors will challenge the score because there is no traceable construction. The template should record severity, scope, irremediability, and likelihood as separate fields, with a derived total. Any override, for example because severity alone justifies materiality at low likelihood, should be documented in the rationale text.

The civac workspace stores the decomposed scores per topic and per value-chain segment, so that the auditor can see how each ESRS topic became material. Bestellurkunde, unterschrieben, abgelegt, belegbar applies to the chief sustainability officer or external ESG officer who signed off on the assessment, with date and version retained for the audit trail.

Financial materiality under ESRS 1 paragraph 49 captures sustainability-related risks and opportunities that affect or could affect the undertaking's financial position, performance, cash flows, access to finance, or cost of capital. The horizon is short, medium, and long term. The scoring combines magnitude of the financial effect with likelihood of occurrence, mirroring conventional enterprise risk management methodology and allowing for direct integration with the existing risk register.

Magnitude must be expressed in monetary terms where possible, or in a structured qualitative scale tied to revenue, EBITDA, balance sheet, or cost of capital impact thresholds. EFRAG IG 1 suggests that organisations link these thresholds to materiality concepts already used in financial reporting under IAS 1, while recognising that sustainability matters may have effects that financial materiality thresholds underweight, particularly in the long term where discounted value of climate risks is significant.

The financial materiality assessment should not be conducted in isolation from the enterprise risk management function. Stale risk registers, separate sustainability and ERM workstreams, and inconsistent time horizons are common sources of audit findings. Joint workshops with risk management, treasury, controlling, and the sustainability team are standard in mature CSRD implementations, with a shared scoring matrix and aligned scenario assumptions.

The civac workspace maintains the financial materiality assessment as a structured table linked to the corporate risk register, so that scenarios applied for climate physical and transition risk, supply chain disruption, regulatory cost, and reputational impact are consistent. Audit-fest, dokumentiert, ESRS-fest, with quantified ranges and documented assumptions per scenario.

ESRS 1 paragraph 27 requires stakeholder engagement as a primary input to the assessment. Stakeholders include affected workers, workers in the value chain, affected communities, consumers and end users, suppliers, customers, business partners, investors, NGOs, regulators, and others with legitimate interest. The engagement method (surveys, interviews, advisory panels, complaints data, social media analysis, NGO reports) must be appropriate to the stakeholder group and to the topic under assessment.

The template needs to document the date of engagement, the method, the number of participants where applicable, the topics covered, and the conclusions drawn. Aggregated outputs are acceptable for groups where individual statements cannot be retained for privacy reasons, but the assessor must be able to demonstrate that the engagement covered the relevant topics and that the scoring reflects the input. A pattern that audit findings reveal is heavy reliance on internal interviews with senior management while neglecting affected stakeholders downstream.

External sources complement the engagement. Industry sustainability reports, peer benchmarks, regulator publications, scientific reports (IPCC, IPBES, EEA), and the UN Guiding Principles on Business and Human Rights are common references. Each source is logged with publication date, accessed date, and link, since the assurance provider must replicate the trail without depending on personal browser histories.

In the workspace the stakeholder register and the evidence index are linked. When a new stakeholder workshop is added, the resulting evidence note links to the topics where it influences scoring. Andere führen Compliance wie einen Aktenschrank, hier wird sie wie Software geführt, with audit-grade traceability from each ESRS topic back to the stakeholder voices that shaped the materiality decision.

Value chain coverage is one of the most challenging components in practice. ESRS 1 requires that the assessment covers own operations, upstream value chain, and downstream value chain. For impact materiality this means assessing impacts caused, contributed to, or linked to the undertaking through its business relationships, including impacts beyond the first tier of suppliers and beyond the immediate customer.

Practical templates use a value chain map that segments suppliers into tiers (tier 1, tier 2, tier 3+), distinguishes between direct and indirect customers, and identifies critical nodes where impact concentration is highest. Each segment receives a separate score per topic where the impact pattern differs. For example, water consumption may be material primarily in tier 2 textile suppliers while being immaterial in own operations, and the assessment must capture that distinction explicitly with documented rationale.

Time horizons must be defined and applied consistently. ESRS 1 sets short term at one year, medium term at two to five years, long term beyond five years. The assessment must score each material topic across all three horizons, since a matter that is immaterial today may become material in the medium or long term, particularly climate transition risks and chronic physical climate risks where impacts manifest over decadal periods.

The workspace allows scoring per topic, per value chain segment, and per time horizon as a single cube. Visualisations help the management board see where the concentration of materiality lies, supporting prioritisation of the sustainability data points to be collected for ESRS disclosure. The link to the supply chain officer ensures that upstream segments are not silently excluded.

ESRS 1 paragraph 30 makes clear that the administrative, management, and supervisory bodies of the undertaking are responsible for overseeing the materiality assessment. ESRS 2 GOV 1 and GOV 2 require disclosure of the role of these bodies in sustainability matters, including how the materiality assessment results are reviewed, challenged, and approved. The audit trail must reflect that oversight, not only at the level of the sustainability team.

Practical governance includes a defined sequence: methodology approval by the management board, draft materiality results reviewed by a sustainability steering committee, final results approved by the management board, audit committee briefing on the outcomes, and supervisory body review where applicable. Each step is documented with date, attendees, decisions, and dissenting views where relevant, in a manner consistent with German Aktiengesetz § 90 reporting practice for listed undertakings.

The audit trail covers methodology, scoring, evidence, decisions, and approvals. Auditors will trace at least three topics from end to end during their walkthrough. They will request the methodology document with version history, the scoring sheet with input data, the stakeholder log, the evidence index, the meeting minutes documenting approval, and the signed sustainability statement excerpt referencing the assessment.

The civac workspace generates an audit pack on demand with all linked documents and approvals, dated and version controlled. Der Prüfer ruft an, der Nachweis liegt bereit. License the workspace for your internal sustainability officer or have a CIVAC officer appointed, with bestellurkunde, signed reporting line to the management board, and structured handover documentation for assurance providers.

The first wave of CSRD reports surfaced consistent pitfalls. Pitfall one is the methodology page that describes the framework in generic terms without operational scoring rules. Auditors cannot replicate scoring decisions without specific anchors. The remedy is to write the methodology so that two independent analysts would produce comparable scores on the same input data, with worked examples and explicit thresholds.

Pitfall two is the stakeholder engagement that relied predominantly on internal sources. EFRAG IG 1 and assurance practice expect engagement with affected stakeholders where impacts are most pronounced. If affected workers in the value chain or affected communities did not contribute, the assessment is exposed to a completeness finding. Engagement does not always require direct surveys, NGO reports and credible third-party sources can substitute, provided the rationale is documented.

Pitfall three is the absence of explicit rationale for non-material topics. Auditors will challenge any ESRS topic marked as not material without a documented reasoning chain. The template must record why a topic was assessed as not material across all time horizons and value chain segments, with the underlying evidence linked. Default copy-paste justifications are a red flag that triggers expanded sample sizes during assurance procedures.

Pitfall four is treating the assessment as a one-time exercise. ESRS 1 paragraph 36 requires the materiality assessment to be updated each reporting period or whenever significant changes occur. The template needs a change log that captures triggers (new regulation, value chain shift, incident, stakeholder concern) and the resulting score updates. Without a living document the second reporting cycle becomes a full rerun rather than an update with documented changes since the prior period.

The double materiality assessment is the gateway to CSRD reporting. A weak template produces a weak sustainability statement, an audit-ready template produces a defensible disclosure foundation. The template is not a one-time deliverable, it is a living asset that drives the data collection, the policies disclosed, the actions and targets reported, and the metrics consolidated under each topical ESRS.

CIVAC is a compliance platform and Officer-as-a-Service provider. License the workspace for your internal sustainability and ESG officers, or have our officers appointed to lead the assessment alongside your team. In either model the workspace holds the methodology, the stakeholder register, the topic scoring, the evidence index, the governance log, and the assurance handover pack in one structured environment, with EU data residency and role-based access control aligned to ESRS 2 GOV requirements.

The platform is connected to other compliance domains. Where impact materiality identifies environmental topics, the workspace links the ESG officer to the environmental officer for operational implementation. Where the value chain analysis surfaces supplier risks, the LkSG officer's records support evidence. Where governance topics are at stake, the compliance officer's controls feed into ESRS G1 disclosures, avoiding parallel data silos.

Aus dem Lesen einen Auftrag machen. Write to info@civac.de or use the contact form on civac.de. We discuss your reporting scope, the assurance timeline, and the existing materiality work. You then receive a delivery model with monthly cost and clear milestones. No volume discounts, no long-term lock-in, no Aktenschrank logic. Der Prüfer ruft an, der Nachweis liegt bereit.