SEBI BRSR Core assurance expansion for top 250 listed entities

On 12 July 2023 the Securities and Exchange Board of India (SEBI) issued a circular mandating phased assurance of the Business Responsibility and Sustainability Report (BRSR) Core. After the top 150 listed entities comply in FY2024, the requirement extends to the top 250 for FY2025 (ending March 2025). Boards must oversee assurance readiness, data controls, and governance processes to support reasonable assurance engagements. This expansion significantly increases the proportion of Indian capital markets subject to independently assured sustainability disclosures.

SEBI BRSR Framework Overview

India's Business Responsibility and Sustainability Report framework represents one of the world's most full mandatory sustainability disclosure regimes. SEBI introduced BRSR requirements in 2021, replacing the voluntary Business Responsibility Report with mandatory disclosures for the top 1,000 listed entities by market capitalization. The framework addresses environmental, social, and governance matters across nine principles aligned with the National Guidelines on Responsible Business Conduct.

BRSR Core represents a subset of key performance indicators selected for improved credibility through assurance. These indicators address quantitative metrics where data reliability is particularly important for investor decision-making. The Core indicators cover greenhouse gas emissions, energy consumption, water usage, waste management, workforce diversity, and other measurable sustainability dimensions.

The phased assurance approach reflects SEBI's recognition that building assurance capabilities requires time. Starting with the largest listed entities allows development of assurance practices and provider capacity before broader rollout. The top 250 entities entering the assurance requirement in FY2025 can learn from their larger peers' setup experiences.

Reasonable Assurance Requirements

Reasonable assurance represents the highest level of assurance available for sustainability disclosures, analogous to the standard for financial statement audits. Assurance providers must obtain sufficient appropriate evidence to reduce engagement risk to an acceptably low level. This requires more extensive procedures than limited assurance engagements, which provide a lower level of confidence.

Assurance providers evaluate the reliability of underlying data, the effectiveness of relevant controls, and the accuracy of reported metrics. Testing typically includes analytical procedures, inquiry, inspection of documentation, and recalculation. Sample-based testing examines representative transactions and balances. Control testing assesses whether relevant controls operated effectively during the reporting period.

The assurance opinion expresses whether BRSR Core disclosures are presented fairly in all material respects. Qualified opinions show specific limitations or misstatements. Adverse opinions show pervasive misstatement. Disclaimer of opinion shows inability to obtain sufficient evidence. Unqualified opinions provide the highest level of confidence for users.

Board Oversight Responsibilities

Boards bear ultimate accountability for sustainability disclosures and their assurance. Board members should understand BRSR Core requirements and the basis for reported metrics. Oversight extends to data governance frameworks, internal controls, and assurance engagement management. Boards should receive regular updates on assurance readiness and findings.

Audit committees typically provide detailed oversight of assurance matters. Committee responsibilities may include approving assurance provider selection, reviewing engagement scope and approach, considering assurance findings, and monitoring remediation of identified issues. Committee agendas should allocate adequate time for sustainability assurance matters alongside financial statement audit oversight.

Director liability considerations heighten attention to disclosure accuracy. False or misleading sustainability disclosures could create legal exposure. Board and committee minutes should document oversight activities and informed decision-making. Independent director involvement shows governance rigor.

Data Governance and Controls

Reliable sustainability data requires strong governance frameworks. Data ownership should be clearly assigned with accountability for accuracy and completeness. Data definitions and calculation methodologies should be documented and consistently applied. Change management procedures should address methodology updates while maintaining comparability.

Internal controls over sustainability reporting mirror financial reporting control frameworks. Control activities should address data capture, calculation, review, and approval processes. Segregation of duties prevents single individuals from having unchecked authority over reported data. IT general controls ensure system reliability and access appropriateness.

Control testing validates that controls operate effectively. Internal audit functions should include sustainability controls in their scope. Management testing provides first-line assurance of control effectiveness. Control deficiency remediation should be tracked and verified before assurance provider testing.

Assurance Provider Selection

Assurance provider selection should consider competence, independence, and capacity. Providers must have sustainability assurance expertise, including understanding of relevant standards, measurement methodologies, and industry contexts. Technical capabilities should match the complexity of the entity's sustainability profile and data systems.

Independence requirements parallel financial audit standards. Providers must be free from relationships that could compromise objectivity. Fee arrangements, business relationships, and personal connections require evaluation. Rotation policies may apply to assurance engagements similarly to audit engagement rotation.

Engagement agreements should specify scope, responsibilities, timelines, and deliverables. Clear understanding of data provision requirements and access to personnel helps efficient engagement execution. Communication protocols should address finding reporting, management response, and escalation procedures.

BRSR Core Indicators

The BRSR Core includes specific indicators selected for mandatory assurance. Greenhouse gas emissions (Scope 1 and Scope 2) represent a primary focus given climate disclosure importance. Energy consumption, renewable energy percentage, and energy intensity metrics complement emissions data. Water withdrawal, consumption, and intensity address water stewardship.

Social indicators cover workforce composition, training hours, and health and safety metrics. Employee turnover, diversity statistics, and wage ratios provide insight into human capital management. Community engagement and social impact metrics address stakeholder relationships beyond employees.

Governance indicators address board composition, ethics, and anti-corruption. Leadership diversity, independent director proportion, and committee structures reflect governance quality. Whistleblower mechanisms and ethics training show commitment to integrity.

Implementation Preparation

Entities entering the assurance requirement in FY2025 should conduct readiness assessments. Gap analysis identifies differences between current practices and assurance-ready capabilities. Remediation planning focus ons improvements based on materiality and complexity. Timeline development ensures completion before the reporting deadline.

Data system improvements may be necessary to support assurance requirements. Automated data capture reduces manual errors. Audit trails enable verification of data provenance. Integration across systems ensures consistency. Documentation of calculations supports assurance testing.

Process documentation should describe how each BRSR Core indicator is calculated. Source data, adjustments, assumptions, and review procedures require documentation. Documented processes enable consistent execution and help assurance provider understanding.

Engagement Coordination

Early engagement with assurance providers enables smooth engagement execution. Pre-engagement discussions clarify expectations, identify potential issues, and establish communication channels. Scoping discussions ensure alignment on indicator coverage and testing approach. Timeline coordination integrates assurance activities with internal reporting cycles.

Data requests and evidence provision require coordination across multiple functions. Sustainability, operations, human resources, and finance teams may all contribute to BRSR Core data. Centralized coordination ensures complete and timely evidence provision. Evidence organization helps efficient assurance provider review.

Finding response and remediation processes should be established before engagement startment. Management response to identified issues shows commitment to accuracy. Remediation tracking ensures issues are addressed. Communication of findings to audit committee and board fulfils governance obligations.

See also

Selected articles on related subjects.

Governance · Credibility 92/100 · July 26, 2023

SEC cybersecurity disclosure

The SEC’s July 2023 cybersecurity disclosure rules add Form 8-K Item 1.05 and Regulation S-K Item 106, demanding boards document oversight, management expertise, and DSAR-supporting incident controls before accelerated…

Governance · Credibility 96/100 · July 27, 2023

APRA CPS 190 recovery and exit planning

APRA's CPS 190 recovery and exit planning requirements are now effective for Australian ADIs. Banks need documented recovery plans and exit strategies that are actually executable. The regulator wants to see these are…

Governance · Credibility 96/100 · July 27, 2023

APRA CPS 230 operational risk management

APRA's CPS 230 operational risk standard went effective July 1, 2025 for Australian ADIs, insurers, and super funds. It is a big upgrade from CPS 231 and 232, with stricter requirements for operational resilience…

Governance · Credibility 92/100 · May 24, 2023

Frc Audit Committee Minimum Standard

The UK Financial Reporting Council published the Audit Committees and the External Audit: Minimum Standard on May 24, 2023, codifying expectations for FTSE 350 audit committee governance ahead of statutory adoption.

Governance · Credibility 96/100 · May 17, 2023

PRA SS1/23 model risk management deadline

UK banks and insurers subject to PRA SS1/23 must evidence board-approved model risk frameworks by 17 May 2024, covering inventory, lifecycle controls, and independent validation.

Continue in the Governance pillar

Return to the hub for curated research and deep-dive guides.

Visit pillar hub

Latest guides

• Board Oversight Governance Blueprint

  Unify Basel Committee, PRA, SEC, and ISSB oversight mandates into an auditable board governance operating model with data lineage, assurance cadences, and regulatory source packs.

• Third-Party Governance Control Blueprint

  Deliver OCC, Federal Reserve, PRA, EBA, DORA, MAS, and OSFI third-party governance requirements through board reporting, lifecycle controls, and resilience evidence.

• Public-Sector Governance Alignment Playbook

  Align OMB Circular A-123, GAO Green Book, OMB M-24-10 AI guidance, EU public sector directives, and UK Orange Book with digital accountability, risk management, and service…

Coverage intelligence

Published

July 12, 2023

Coverage pillar

Governance

Source credibility

96/100 — high confidence

Topics

SEBI BRSR Core · Sustainability assurance · Board oversight · India listed entities

Sources cited

3 sources (sebi.gov.in, iso.org)

Reading time

6 min

Cited sources

1. Circular on baseline disclosures on ESG matters by listed entities
2. SEBI Board meeting press release — July 2023
3. ISO 37000:2021 — Governance of Organizations — International Organization for Standardization