ESG for Internal Audit: Maturity Assessment

Powered by technology, useful to humans

Internal Audit (IA) is increasingly including ESG in their audit plans. PwC is able to use its Connected Risk Engine (CRE) technology to help IA assess and benchmark the maturity of the ESG control environment and processes in their organisation. The output can be used to update your ESG strategy, target areas of higher priority, and gauge the success of investment in ESG. 

This can give you a blueprint to help navigate complexity, manage risk, and plan for the next stage of ESG maturity.

Clear coverage and criteria

The assessment covers six areas that are important in an effective ESG framework:​

  • Purpose & Strategy​​
  • Regulation, Obligations & Materiality​​
  • Governance​​
  • Culture & Awareness​​
  • Data Management​​
  • Monitoring, Assurance and Reporting​

We have developed criteria for each area based on relevant standards and our experience in the market. We use a five-point maturity scale to allow IA to clearly visualise the current level of maturity, and identify recommendations on how to enhance it. This also allows the organisation to determine its target maturity and assess progress against it over time.

Visibility across the organisation

CRE can be tailored to compare maturity in different parts of the organisation or to understand the views of different stakeholder groups. This can help to align objectives and priorities, obtain better consistency, and streamline processes.

Benefits of the IA ESG maturity assessment

  • Identifies opportunities for improvement by benchmarking against good practice
  • Highlights areas of higher risk or priority to focus effort and investment
  • Contributes to assurance and monitoring activities, which supports strong governance​
  • Provides insights to prepare or update your ESG strategy​ and plan
  • Can help determine the success of ESG initiatives over time (where follow-up assessments are performed)

Other CRE frameworks

PwC’s CRE tool has over 20 other assessments, modules, and this is increasing. These include topics like IA effectiveness, cyber security, and compliance management. To find out more, see our main PwC CRE page here.

Internal Audit can help organisations navigate the new risk multiverse

How can Internal Audit’s superpowers help organisations ‘see through walls’ to avoid hazards, remove complexity, and find new opportunities? Find out in PwC’s Global Internal Audit Study.

Read the report 

Follow us

Contact us

Shaun Willcocks

Shaun Willcocks

Global Risk Markets Leader, Global Internal Audit Leader, Partner, PwC Japan

Tel: +81 (0)90 6478 6991

Sophie Langshaw

Sophie Langshaw

Australia Internal Audit Leader, Partner, PwC Australia

Tel: +61 41 052 0548

Julien Linger

Julien Linger

Global Sustainability Risk, Resilience and Adaptation Leader, PwC Netherlands

Tel: +31 (0)63 094 45 19

Adam Cunningham

Adam Cunningham

ESG Reporting and Assurance, Partner, PwC Australia