CSR audit: how does an audit work?

What is a CSR audit?

A CSR audit (Corporate Social Responsibility) assesses an organization's performance across the three sustainability pillars: environment, social and governance (ESG).

It is a steering tool to measure the compliance of the responsible management system, demonstrate transparent practices and prove the credibility of the strategy to investors, clients or regulators.

Main objectives

• Assess ESG performance: identify strengths and improvement areas from precise indicators (GHG emissions, training, ethics).
• Guide strategy: feed audit results into strategic planning and resource allocation.
• Strengthen competitiveness: meet supply chain requirements and conditions for sustainable finance.
• Ensure continuous improvement: embed the approach in a PDCA cycle (Plan-Do-Check-Act) to make progress measurable and traceable.

Key steps of a CSR audit

1. Define the scope and secure leadership commitment

The scope (sites, activities, subsidiaries) and audit objectives should be set from the start. Top management involvement ensures consistent decisions and the resources needed for the assessment.

2. Analyze material issues and map stakeholders

This step identifies priority topics through a double materiality and CSR assessment: the company's impacts on society and the environment, plus the risks and opportunities these issues create for its business model. Stakeholder mapping links strategy to real ecosystem expectations.

3. Assess the situation and collect data

The auditor (internal or external) reviews policies, procedures and documented evidence: environmental policies, codes of conduct, HR dashboards, supplier audits. Quantitative data (GHG emissions, water or energy use) and qualitative data (action plans, training records, governance documents) help assess compliance and robustness.

4. Identify gaps and formalize findings

A gap analysis compares the current situation with best practices or the chosen framework's requirements (ISO, CSRD, EcoVadis, VSME). Non-conformities and improvement opportunities are prioritized by criticality. This results in an audit report detailing compliant points, gaps and recommendations.

5. Build the corrective action plan

The action plan sets priorities, owners, resources and deadlines. It is the operational document that turns findings into concrete actions: emissions reduction, internal training, stronger supplier vigilance.

6. Monitor and improve continuously

A CSR audit does not end with the report. Regular monitoring is recommended: checking progress, reassessing indicators annually, and updating policies to adapt to new regulatory obligations (CSRD, ESRS).

Key indicators tracked in a CSR audit

Environmental

• GHG emissions (scopes 1, 2 and 3)
• Energy consumption and share from renewable sources
• Water use, effluent and waste management

Social and governance

• Coverage rate of mandatory or technical training
• Share of strategic suppliers assessed on CSR performance
• Percentage of code-of-conduct signatures
• Existence of governance mechanisms dedicated to sustainability

Internal vs external audit: what is the difference?

• Internal audit: run by the company's teams, it checks the system's consistency before an external assessment; flexible and educational, it builds ownership.
• External audit: carried out by an independent body (certifier or ESG rater), it validates compliance and provides credible proof to third parties.

CSR audit: key takeaways