I wrote this “Auditees’ Bill of Rights” to help auditees navigate the audit process. Audits are initiated because it’s important to get something right. If policies, procedures, or controls do not support organizational objectives, that could be a problem. Better to check now than find out the hard way later. An audit is not a weapon for intimidation. It is a professional service that can help you improve. Audits can be stressful and intimidating. Few have the full-time job of “getting audited.” The audit is important. So are you. Use your voice when needed, and get the most out of your audit. 
(Click here to access the full document)

Douglas Hileman, co-author of COSO's Achieving Effective Internal Control Over Sustainability Reporting, breaks down the audit function from first principles. Drawing on decades of experience as auditor, auditee, and monitor, Doug demystifies the terminology, clarifies the difference between internal and external audits, limited and reasonable assurance, and the many audit-adjacent activities that are frequently mislabeled. Attendees will leave with a clearer understanding of their own role in any audit process and a practical framework for using audits to their advantage. Register Here

Douglas Hileman was featured in Ethico’s Master Class on COSO Internal Control Integrated Framework. He co-presented with Jonny Frank and Annie Budra, both of StoneTurn. Douglas highlighted broad applicability of COSO, including Internal Controls over Sustainability Reporting (ICSR).
Ethico features the recorded session here. 

Douglas Hileman (Douglas Hileman Consulting LLC) will be featured at the Ethicsverse weekly meet-up on September 11, 2025.   He will join Jonny Frank and Annie Budra, both of StoneTurn, for this informative session.  COSO is widely adopted for internal controls over financial reporting.  COSO frameworks are “topic agnostic”, and can help any aspect of any organization run better.  Douglas is an author of the special COSO publication “Achieving Effective Internal Controls over Sustainability Reporting (ICSR).”  
As Nick Gallo says, “there’s no better place to be at 12 noon (Eastern) on a Thursday.”  Find out for yourself. Register at COSO Demystified: Master COSO's Internal Control Framework.

Narrative disclosures are just stories, right?  Not so fast.  Climate disclosures include narrative on governance, organization, structure, processes, and risk.  Users expect substantive content – not cotton candy.  These 10 tips can help you up your game. 
Click here for full report

A welcome addition to the COSO family for well-run organizations.  

DHC suggests further enhancements on compliance, reporting, Sustainability governance, and the business case.  Doug's comments here.  

Douglas introduced Sustainability (and current challenges) to Ethico's impressive community of Compliance, HR, Risk, Hotline, Legal and business leaders.  Viewers found the slides to be a timely resource.  Replay also available.  

Sustainability professionals should learn to talk the language of the Board and the C-Suite.  Finance, Accounting, Internal Audit, and Controllers play an increasingly prominent role in reporting and disclosures to capital markets.  They also have a role in engaging external resources.  

I’ve read several publications in the EU’s Sustainability Reporting Standards, and key concepts required to achieve these disclosures.  Some points have been useful, others – not so much.  Or wrong.  I offer some perspectives to help companies prepare for more extensive Sustainability reporting and disclosure requirements, particularly as imposed by the EU and/or capital markets.   “Materiality” has always been difficult to explain, adding “double” makes it more than twice as hard.  Let’s dive in.

DHC is pleased to provide comments in CARB's invitation. The attached file addresses each item. The most critical comments:

Specify GHG Protocol for all parameters where applicable; ISSB S-2 where GHG Protocol does not address the topic.

Use CDP as the disclosure portal, and NOT a separate submittal to CARB. Provide guidance annually on what fields of the CDP questionnaire fulfill the Calif. disclosure requirements.

Do not specify what type of firm should perform assurance. Allow technical firms to conduct assurance. The assurance providers should indicate what standards they used in their report.

Change the reporting deadline to reflect the reality of obtaining data, resource limitations at regulated and otherwise affected entities (e.g., business partners), and convention established by other laws (Dodd-Frank Conflict Minerals) and disclosure portals (CDP).

Respectfully submitted, Douglas Hileman, FSA, CRMA, CPEA

Click to view 

Douglas Hileman guest speaker at Loyola Marymount University graduate Finance class.  Introduction to Sustainability reporting standards and frameworks.  Great launch pad for the newbie, or reminder for the pro.
Download File Here

Doug presents at the 2025 West District conference of the Institute of Internal Auditors (www.theiia.org).  Some think the pendulum has swung back on Sustainability/ ESG.  If there’s no SEC Climate Disclosure Rule, does everything “climate” go away? Do privacy concerns evaporate?  Must customers be blocked from information they need for their decisions? Doug challenges Internal Auditors to apply core competencies:  objectivity; risk; opportunity to tailor efforts and add value to their organizations.   
Download File Here

The cross-functional climate team at a mid-size company determined that commercially-available solutions were not suitable for their objectives.  Mr. Hileman presented a half-day workshop on processes, controls, and the design of calculation tools and techniques.  The session included mapping to the GHG Protocol, using estimates, leveraging COSO’s Internal Controls over Sustainability Reporting (ICSR), and designing controls to be “assurance-ready.” 

Douglas provided training for cross-functional team members from companies that were developing their program – and calculating their greenhouse gas (GHG) emissions inventory for the first time.  Mr. Hileman walked through the GHG Protocol Corporate Standard and the GHG Scope 2 Guidance in a “book club” approach.  He highlighted key sections, and encouraged discussions and questions.  He also shared how some companies have developed tools and techniques to demonstrate alignment with the standards and guidance.  The session enabled participants to design more effective, efficient controls, and to gain comfort on readiness for external assurance.

Sustainability reporting uses IT, yet the IT function often has limited role – until the last minute.  COSO’s ICSR framework points the way for all functions to recognize where IT should have prominent involvement.   More on Doug’s lively, informative session at ISACA Minnesota Chapter in July 2024
Click here to download

Doug Hileman is a primary author of “Achieving Effective Internal Controls over Sustainability Reporting (ICSR)” – supplemental guidance released by COSO.  Douglas was the only non-CPA and the only ESG specialist among the six authors.  This document will help bridge the divide between those who know internal controls (CFO, Accounting, Internal Audit) and those who don’t (Environmental, HR, Operations, Procurement, Real Estate, Safety … and everyone else).  The download is available free here. 

I'm pleased to be leading this info-packed session provides background and trends on climate-related risks for Internal Audit, their sponsors and stakeholders.  Real-time attendees got CPE, but you can still (Watch Now)

The Federal Trade Commission’s Green Guides are intended to safeguard consumers from false or misleading claims in the products they buy.  The FTC revises the Guides every 10 years, soliciting public comments.  DHC advocates for more protection of consumers and ethical businesses alike.  Read more. 

Accountants are entering the fray for trustworthy ESG reporting and disclosures, says Financial Times. Much is driven by GHG emissions inventories, and the anticipated SEC rule for climate disclosures.  Will they stop there?  Should they?  What can other functions learn from accountants – and vice versa? , Read More.

Consumers are buying eco-friendly products and services.  Investors demand accurate sustainability reporting; what protection do consumers have?  With consumer spending at 70% of the economy, even a sliver of this market in ESG-aligned products is massive.  Consumer protection is left to FTC Green Guides – flimsy and rarely enforced.  Comment period now open.  For perspectives, read more.