TFL Vsebine / Revija SIR*IUS

Information systems auditor – a key stakeholder in sustainability reporting

Trajnostno poročanje je postalo ključen element sodobnega korporativnega upravljanja, saj podjetja poleg finančnih informacij razkrivajo tudi vplive svojega poslovanja na okolje, družbo in upravljanje. Z uveljavitvijo evropske direktive CSRD in standardov ESRS so se povečale zahteve po zanesljivem, preverljivem in sledljivem poročanju o trajnostnosti. Ker se večina podatkov, uporabljenih v trajnostnih poročilih, zbira, obdeluje in shranjuje v informacijskih sistemih, je kakovost in integriteta teh podatkov neposredno odvisna od učinkovitosti in varnosti IT-okolja. V tem okviru ima revizor informacijskih sistemov ključno vlogo. Njegovo interdisciplinarno znanje s področja informacijske tehnologije, revizije in upravljanja tveganj omogoča podjetjem, da zagotovijo pravilnost, sledljivost in skladnost trajnostnih podatkov. Revizor informacijskih sistemov sodeluje pri načrtovanju, implementaciji in preverjanju informacijskih rešitev za zbiranje podatkov, ocenjuje notranje kontrole, svetuje pri zagotavljanju transparentnosti podatkovnih tokov ter preverja pravilnost metodologij in izračunov v avtomatiziranih sistemih. Njegova vloga je ključna tako v fazi priprave trajnostnih poročil kot tudi pri njihovi zunanji reviziji, pri kateri je revizorjev veščak. Z vključitvijo revizorja informacijskih sistemov podjetje poveča zaupanje deležnikov v točnost in popolnost razkritij, izboljša upravljanje tveganj in okrepi notranje kontrole. S tem postane revizor informacijskih sistemov nepogrešljiv člen pri vzpostavljanju zanesljivega, preglednega in skladnega sistema trajnostnega poročanja, ki podpira dolgoročno odgovorno in trajnostno poslovanje podjetja.

Sustainability reporting has become a key element of modern corporate governance, as companies disclose not only financial information but also the impacts of their operations on the environment, society, and governance. With the introduction of the European CSRD directive and the ESRS standards, the requirements for reliable, verifiable, and traceable sustainability reporting have increased. Since most of the data used in sustainability reports are collected, processed, and stored in information systems, the quality and integrity of these data are directly dependent on the effectiveness and security of the IT environment. In this context, the information systems auditor plays a key role. Their interdisciplinary expertise in information technology, auditing, and risk management enable companies to ensure the accuracy, traceability, and compliance of sustainability data. The information systems auditor participates in the design, implementation, and review of information solutions for data collection, evaluates internal controls, advises on ensuring transparency of data flows, and verifies the accuracy of methodologies and calculations in automated systems. Their role is crucial both in the preparation phase of sustainability reports and in their external audit, where they act as an expert to the auditor. By involving an information systems auditor, a company increases stakeholders' confidence in the accuracy and completeness of disclosures, improves risk management, and strengthens internal controls. In doing so, the information systems auditor becomes an indispensable link in establishing a reliable, transparent, and compliant sustainability reporting system that supports the company's long-term responsible and sustainable business operations.