Table 2. Emerged themes based on the... | Emerald Publishing

Table 2.

Emerged themes based on the views of interviewees

Theme	Findings	SEGAP framework
Auditors’ capability	Regulatory delays prevent auditors from using their full capability set	Regulatory ambiguity and contractually agreed scopes constrain the depth of assurance, reinforcing the audit gap. Divergent CSRD transposition enlarges the grey ellipse and weakens cognitive legitimacy (scope misaligned with expectations) and dispositional legitimacy (trust in independence and capacity), thereby indirectly widening the perception gap
	Audit scope remains voluntary and is predominantly confined to contractually agreed limited assurance:
	National drafts confirm limited assurance as the structural baseline during transition, reinforcing capability constraints
Professional judgment	DMA is inherently judgment-intensive	Judgment remains dependent on plausibility checks and absent thresholds. Dominance of financial materiality. weakens procedural legitimacy (opaque methods) and moral legitimacy (accountability intent unrealized). symbolic legitimacy is sustained, while structural constraints contribute to the audit and perception gap
	Under limited assurance and management-defined DMA boundaries, auditors cannot challenge methodological choices, enabling managerial capture
	Reasonable assurance could substantiate accountability, but companies’ DMA processes and internal controls systems are not yet mature
Risk orientation	Sustainability audits extend risk considerations beyond financial exposure to ESG impacts; however greenwashing risks and material omissions are frequently treated as out of scope	Plausibility-based audit approach and exclusion of greenwashing and omissions enlarge the audit gap. Blurred boundaries between financial and impact materiality erode cognitive legitimacy and moral legitimacy (justice, inclusivity, sustainability left untested), reinforcing symbolic assurance
	Auditors apply a plausibility-based rather than risk-oriented audit approach
	Auditors recognize the need to balance epistemic (rigor, accuracy, objectivity) and nonepistemic (justice, inclusivity, sustainability) values
Stakeholder integration	Stakeholder engagement occurs before audits and is mediated by management; auditors receive summarized or internalized inputs	Stakeholder expectations are insufficiently embedded, with validation tied to financial logics and limited procedures. This sustains symbolic inclusion, undermines procedural and exchange legitimacy. This is reinforcing the perception gap, which in turn is reflecting auditors’ structural constraints
	Validation of IRO base remains plausibility-based rather than risk-oriented
Assurance level	Limited assurance is reinforced by national CSRD transposition	A restricted audit scope reinforces the audit gap: Reliance on ISAE 3000 narrows assurance to financial materiality logics, leaving impact dimensions untested. Auditors recognize legitimacy risks, as users may assume greater scrutiny, which is indirectly widening the perception gap. While this sustains pragmatic legitimacy, it widens the perception gap and leaves moral and dispositional legitimacy fragile
	Reasonable assurance is feasible. It functions as maturity indicator and is limited to selected quantitative metrics. Companies internal control systems and data quality are not yet mature
Regulatory ambiguity	Fragmentation persists during the transition to ISSA 5000, with ISAE 3000 (Revised) serving as an interim baseline	Deregulation, and variability in national transposition widen both the audit and the perception gap. Without enforceable criteria for omissions, impact materiality or greenwashing, auditors cannot navigate DMA consistently. These oscillations might destabilize expectations and erode cognitive, procedural and moral legitimacy
	ESRS thresholds for impact materiality, greenwashing and omissions remain vague
	The postponement of reasonable assurance constrains auditors’ ability to apply the risk-oriented audit approach, limiting their responsiveness to plausibility checks

Theme	Findings	SEGAP framework
Auditors’ capability	Regulatory delays prevent auditors from using their full capability set	Regulatory ambiguity and contractually agreed scopes constrain the depth of assurance, reinforcing the audit gap. Divergent CSRD transposition enlarges the grey ellipse and weakens cognitive legitimacy (scope misaligned with expectations) and dispositional legitimacy (trust in independence and capacity), thereby indirectly widening the perception gap
	Audit scope remains voluntary and is predominantly confined to contractually agreed limited assurance:
	National drafts confirm limited assurance as the structural baseline during transition, reinforcing capability constraints
Professional judgment	DMA is inherently judgment-intensive	Judgment remains dependent on plausibility checks and absent thresholds. Dominance of financial materiality. weakens procedural legitimacy (opaque methods) and moral legitimacy (accountability intent unrealized). symbolic legitimacy is sustained, while structural constraints contribute to the audit and perception gap
	Under limited assurance and management-defined DMA boundaries, auditors cannot challenge methodological choices, enabling managerial capture
	Reasonable assurance could substantiate accountability, but companies’ DMA processes and internal controls systems are not yet mature
Risk orientation	Sustainability audits extend risk considerations beyond financial exposure to ESG impacts; however greenwashing risks and material omissions are frequently treated as out of scope	Plausibility-based audit approach and exclusion of greenwashing and omissions enlarge the audit gap. Blurred boundaries between financial and impact materiality erode cognitive legitimacy and moral legitimacy (justice, inclusivity, sustainability left untested), reinforcing symbolic assurance
	Auditors apply a plausibility-based rather than risk-oriented audit approach
	Auditors recognize the need to balance epistemic (rigor, accuracy, objectivity) and nonepistemic (justice, inclusivity, sustainability) values
Stakeholder integration	Stakeholder engagement occurs before audits and is mediated by management; auditors receive summarized or internalized inputs	Stakeholder expectations are insufficiently embedded, with validation tied to financial logics and limited procedures. This sustains symbolic inclusion, undermines procedural and exchange legitimacy. This is reinforcing the perception gap, which in turn is reflecting auditors’ structural constraints
	Validation of IRO base remains plausibility-based rather than risk-oriented
Assurance level	Limited assurance is reinforced by national CSRD transposition	A restricted audit scope reinforces the audit gap: Reliance on ISAE 3000 narrows assurance to financial materiality logics, leaving impact dimensions untested. Auditors recognize legitimacy risks, as users may assume greater scrutiny, which is indirectly widening the perception gap. While this sustains pragmatic legitimacy, it widens the perception gap and leaves moral and dispositional legitimacy fragile
	Reasonable assurance is feasible. It functions as maturity indicator and is limited to selected quantitative metrics. Companies internal control systems and data quality are not yet mature
Regulatory ambiguity	Fragmentation persists during the transition to ISSA 5000, with ISAE 3000 (Revised) serving as an interim baseline	Deregulation, and variability in national transposition widen both the audit and the perception gap. Without enforceable criteria for omissions, impact materiality or greenwashing, auditors cannot navigate DMA consistently. These oscillations might destabilize expectations and erode cognitive, procedural and moral legitimacy
	ESRS thresholds for impact materiality, greenwashing and omissions remain vague
	The postponement of reasonable assurance constrains auditors’ ability to apply the risk-oriented audit approach, limiting their responsiveness to plausibility checks

Source(s): Created by author