Data Governance in the ESG Context

Why data determines sustainability outcomes
Sustainability topics are diverse – their foundation is the same
Whether greenhouse gas emissions, supply chain risks, water consumption, diversity metrics, or compliance with due diligence obligations: sustainability topics are broad in content and touch nearly every area of a company. What connects these topics is that they can only be managed, communicated, and evidenced as well as the data they are based on. Sustainability, for all its content diversity, is therefore first and foremost a data problem.
This also applies to ESG software: it can only automate what data structure already exists. Without clean governance, every software rollout remains an expensive symptom patch rather than a real solution.
The most common pain points in practice
- Data is hard to obtain: ESG-relevant information originates in many places – production, procurement, HR, external service providers. Simply capturing and consolidating this data in the first place is often the biggest hurdle.
- Data is scattered across systems and departments: purchasing data sits in the ERP, travel data with accounting, waste data with facility management – without a shared structure or unified repository.
- Sending files by email leads to duplicate versions: ESG data is often exchanged as Excel attachments via email instead of being maintained centrally in a shared repository. The result: parallel versions, unclear currency, no traceability.
- No one feels responsible: it isn't internally defined who is responsible for the quality and currency of individual metrics. When in doubt, no one is responsible. As a result, errors often go undetected for months and are only noticed when an auditor or customer asks.
- Calculation methods vary: metrics are calculated differently depending on department or year, without changes being documented. The consequence: time-series comparisons become unreliable.
- No auditability: the path from raw data to published metrics is undocumented and cannot be reproduced.
Lack of governance means risk, extra effort, and cost
- Reputational risk: contradictory figures across different reports lead to confusion among customers and financing partners.
- Liability risk: incorrect or unsubstantiated statements in audit-relevant reports can result in sanctions.
- Operational risk: data loss, manual errors, and dependency on individual people can cause delays in day-to-day operations.
- Strategic risk: without knowing your own data basis, you cannot make well-founded sustainability decisions.
- Cost and effort risk: lack of governance means concrete extra effort. Without clear data structures, reporting data has to be gathered and checked again from scratch every time.
- Higher audit costs: external auditors are expensive. Demonstrably good data governance significantly shortens audit processes, because evidence is readily available instead of having to be laboriously requested.
What is data governance
Data governance refers to the entirety of rules, responsibilities, processes, and structures with which a company steers the use, quality, and security of its data. It defines who may collect, maintain, use, and publish which data under which conditions, and who is responsible for it.
Data management then covers the operational implementation (maintenance, storage, integration) of data governance.
Key concepts of data governance
Data ownership and data stewardship
One of the most effective principles of data governance is the clear assignment of responsibility. Two roles are distinguished here:
- Data owner: a person or organizational unit who holds functional responsibility for a dataset or data category. They decide on the definition, permissible use, and quality requirements.
- Data steward: operationally responsible for maintenance, quality control, and documentation – for example, the person who collects and validates energy consumption data on a monthly basis.
Without these roles, accountability gaps emerge: no one feels responsible when data is missing, inconsistent, or when calculation methods change unnoticed.
Data quality
Data quality encompasses several dimensions, particularly relevant in the ESG context:
- Completeness: are all relevant sources, locations, periods, and categories captured?
- Correctness: do the recorded values match the underlying real-world basis?
- Consistency: are terms, units, and calculation methods used consistently across the entire company?
- Timeliness: is the most current data used, or are the datasets outdated?
- Traceability: is it documented how a value came about?
Data granularity
Granularity describes the level of detail at which data is captured. The decision here is not a technical one but a functional one: it depends on reporting requirements, internal management needs, and the effort required for data collection.
Single Source of Truth (SSOT): a central data foundation
For every relevant metric, there is one authoritative reference source, and all other representations are derived from it. The SSOT is not necessarily a single system, but rather a principle. In ESG reporting, this is particularly critical because the same data is used for different purposes. Unsynchronized sources lead to contradictions with reputational and liability risks.
This is exactly where Tanso software comes in: it brings together data from different source systems – such as ERP, PLM, or existing ESG tools – into a central, auditable data foundation and consolidates it, so that internal management and external reporting are served from one central, traceable source.
Data lineage: where do the numbers come from?
Data lineage describes the complete origin and processing path of a data value. In ESG reporting, this is particularly critical: if an auditor asks for evidence behind a CO₂ figure, the path from the original value to the published metric must be fully reconstructable. Without this traceability, the audit is effectively blocked.
Tanso maps this traceability through an integrated audit trail: every metric can be traced from raw data entry to the published figure, including processing steps and approvals.
Policies and standards
Data governance operates on the basis of internally binding policies that define which data sources are authorized, how often data is validated, how methodology changes are documented, and who approves publications. These policies create the foundation for keeping data consistent and auditable across departments, systems, and time.
Daten catalog
A data catalog is a systematic inventory of all relevant datasets, their definitions, origin, responsibilities, and quality characteristics. It answers the basic question: what data do we have, where is it located, and what does it mean? Without such an overview, sustainable reporting is structurally not scalable.
The path to good data governance: first steps
No big bang – a pragmatic starting point
Data governance is not a project you complete, but a continuous maturity process. Starting with core ESG data – greenhouse gas emissions, energy consumption, key social metrics – is more effective than a theoretically comprehensive system that isn't actually lived out in practice.
Five steps to get started
- Take stock: what ESG data do you need? Where is it located? Who maintains it today? A systematic assessment per reporting point is useful: source, responsible person, and current maintenance process are captured in a simple table. This creates transparency before further steps are taken.
- Clarify responsibilities: name data owners and stewards for your core metrics. It's important that these roles aren't assigned as an afterthought, but explicitly communicated and documented in job or process descriptions, so that responsibility is actually lived out in day-to-day business.
- Document methodology: put calculation rules, data sources, and boundaries in writing. A living methodology document, versioned with every adjustment, prevents knowledge from being tied to individual people and creates the basis for traceable time-series comparisons.
- Set up a central data foundation: consolidate data from various sources into an SSOT and ensure data is maintained there rather than exchanged via email attachments. This may sound obvious, but in many companies it still isn't reality. This is also where ESG software can help: a central data foundation is the prerequisite for a reporting tool to meaningfully automate anything at all, rather than simply creating yet another isolated data source.
- Introduce processes and controls: establish regular validation routines and change management for methodology revisions. Quarterly plausibility checks and a defined approval process for methodology changes ensure that data quality isn't established once but secured on an ongoing basis.
These five steps cannot be implemented alone or overnight. Impact Strategies supports companies in this with a methodical consulting approach: from the initial assessment through defining responsibilities to establishing a central data foundation as the starting point for software implementation. This turns individual measures into a solid foundation on which sustainability reporting functions permanently and without recurring effort.
Building on this, Tanso comes in as a holistic CO₂ and ESG data management software: the platform integrates seamlessly into existing systems, automatically brings together information from various source systems, and makes it – from data capture through processing to the documentation of every calculation step – auditable and traceable, based on a TÜV Rheinland-certified methodology.











































































.avif)







.avif)
.jpg)
















