An emissions report that satisfies an external auditor looks very different from one that satisfies an internal sustainability team. The internal team wants trends, charts, and a good story. The auditor wants a documented chain from source data to final disclosure figure — one they can follow backwards without hitting a dead end.
Building for the auditor from the start is always faster than retrofitting documentation after the fact. This is how to do it.
Define your reporting boundary before you collect any data
Every piece of data you collect needs to belong somewhere inside a defined organizational boundary. If your boundary isn't set, you'll collect data you don't need and miss data you do. This wastes time and creates gaps that show up in assurance reviews.
Your boundary has two dimensions: organizational (which legal entities, subsidiaries, and facilities are in scope) and operational (which emission sources within those entities are included). Document both in writing. If you acquire a company mid-year, document how you've handled the inclusion — partial year, full year, or excluded with explanation.
The GHG Protocol gives you the choice between equity share and operational control approaches. Operational control is more common for listed companies because it aligns with management accountability. Whichever you choose, state it explicitly and apply it consistently.
Build a data source map
For every emission category in your boundary, document: what data source you're using, who owns that data, how it's collected, and what emission factor you're applying. This is your inventory methodology document — the single most important piece of your audit trail.
It doesn't need to be long. A structured table with columns for emission category, data source, data owner, collection method, emission factor source, and emission factor version covers most of it. The point is that it exists, it's current, and it matches what you actually did.
Emission factor sources matter. IPCC AR5 global warming potential values are the standard for most categories. Country-specific grid emission factors come from national statistical agencies or the IEA. Supplier-specific emission factors come from your suppliers. Document version numbers and publication years — these change, and auditors want to know you used the right vintage.
Data collection: build for completeness
The most common gap in emissions inventories isn't calculation error — it's missing data. A facility that wasn't included because nobody knew it was in scope. A refrigerant top-up that wasn't logged because the maintenance team didn't know it was reportable. A subsidiary acquired eight months ago that's still running its own systems and wasn't integrated.
Build a completeness check into your data collection process. Cross-reference your emissions source map against your legal entity register, your fixed asset register, and your utility account list. If something appears on one of those lists but isn't in your emissions inventory, you need to know why.
For Scope 3, completeness is harder. You're not required to report all 15 categories — only those that are material. Documenting which categories you assessed, why you included or excluded each one, and what threshold you used for materiality is as important as the actual data.
The calculation layer
Raw activity data multiplied by emission factors gives you CO2-equivalent figures. This sounds simple but creates several audit points: which global warming potential values did you use for non-CO2 gases? How did you handle data gaps — estimation, extrapolation, or prior year? How did you treat uncertainty?
Every calculation needs to be reconstructable. If your final Scope 1 figure is 12,847 tonnes CO2e, an auditor should be able to follow the trail from that number back through the calculation to the activity data records. If any step in that chain is in someone's head rather than documented, you have a gap.
Calculation software — whether purpose-built or a well-structured spreadsheet — needs version control. If you recalculate a prior year number because you updated an emission factor, document that as a restatement with the reason and the magnitude of the change.
Targets and comparatives
If you've set an emissions reduction target, your disclosure needs to show progress against it. That requires a consistent baseline — the same methodology, the same boundary, the same emission factors (or restated comparatives if they changed). Target language matters: "reduce absolute Scope 1 and 2 emissions by 42% by 2030 from a 2022 baseline" is verifiable. "Reduce our carbon footprint" is not.
Any time your methodology changes materially — new facilities added, boundary restated, emission factor vintage updated — restate your prior year figures and explain the change. Auditors and investors expect this. What they don't accept is silent methodology changes that make year-on-year comparison impossible.
The disclosure document
The actual report is the last step, not the first. If your data infrastructure is sound, pulling the disclosure is straightforward. If it isn't, producing the report becomes a six-week consulting engagement every year.
CSRD requires ESRS E1 disclosure covering transition plans, energy mix, gross Scope 1, 2, and 3 emissions, intensity metrics, and climate targets. GRI 305 has a similar structure. CDP asks for all of this plus physical risk assessment. The specific format varies but the underlying data requirement is the same.
Build the infrastructure once, use it for all of them.