Internal Audit's role in ESG

Internal audit is in a unique position to provide an efficient approach to ESG.

Supporting your ESG goals

Environmental, social, and governance (ESG) issues are becoming increasingly relevant for all institutions. Companies understand that businesses embracing ESG are best able to secure talent, strengthen the employee value proposition, attract loyal customers, and raise capital.

As a result, sustainability is generating a new type of risk: ESG risk.

Companies have begun reimagining their governance structures over ESG, creating steering committees composed of executive leadership and making strategic decisions about commitments, actions, and disclosures.

Companies are also adjusting business risk strategies and corresponding risk appetite statements—making sure roles and responsibilities are fully transparent throughout all three lines of defense.

Internal audit, in particular, can play a critical role in providing objective assurance and advice on ESG reporting and sustainability matters more broadly.

Objective insights and advice on ESG matters

According to the Institute of Internal Auditors, internal audit has clear roles in providing assurance and advisory ESG services that may include the following:


  • Internal audit’s undeniable role in ESG reporting
  • Review reporting metrics for relevancy, accuracy, timeliness and consistency
  • Conduct materiality or risk assessments on ESG reporting
  • Incorporate ESG into regular audit plans


  • Identify areas that are less well-defined and build an ESG control environment
  • Recommend reporting metrics
  • Advise and advocate on ESG governance

Internal audit can support management in answering the following questions:

  • Do we have a clear view of all ESG risks and opportunities, including compliance risk related to existing and upcoming SEC and regulatory expectations; and are those regularly reassessed?
  • Are we prepared for these upcoming legislative and regulatory expectations?
  • Do we have a proper ESG culture and risk management that goes hand in hand with our ESG goals and strategies?
  • What are our ESG public commitments today and do we have policies, procedures, controls, and data to support these public commitments?

Learn more about the value that Internal Audit can bring to an organization’s ESG methodology by reading our new article here.

How can KPMG help?

KPMG’s Internal Audit methodology is flexible and can be tailored to each company’s specific needs. Internal audit service offerings can range from examining aspects of the company’s ESG governance policy such as high-level oversight, risk assessment, due diligence procedures, and awareness to assessment of controls in place to support existing ESG commitments. The suite of assessments identified below can be separately performed or executed in phases as part of an overall readiness ESG assessment.

Contact us

Steve Estes

Steve Estes

Partner and IA&ER ESG Lead, Advisory, KPMG US

+1 214-840-2448
Aila Pallera

Aila Pallera

Principal | Internal Audit & Enterprise Risk, KPMG US

+1 213-955-8918
Ivor O’Neill

Ivor O’Neill

Advisory Managing Director, Internal Audit & Enterprise Risk, KPMG US

+1 614-241-4636
Debbie Biddle-Castillo

Debbie Biddle-Castillo

Advisory Managing Director, Internal Audit & Enterprise Risk, KPMG US

+1 213-533-3375