Kompass in der Natur, der sinnbildlich dafür steht, dass sich Unternehmen Klimaziele setzen, die zur Dekarbonsierung führen.

27.05.2026

SBTi Climate Targets: How to Get Validated – and What You Need to Know About the Update

Science-based climate targets are among the most credible signals a company can send to the outside world. Investors, customers, and procurement teams specifically check whether targets have been externally validated. Here’s what’s behind the Science Based Targets initiative (SBTi), how validation of SBTi climate targets works, and what’s changing with SBTi V2.

Climate Targets Under SBTi

Science-based climate targets are now among the most credible signals a company can send to the outside world. Investors, customers, and procurement teams specifically look at whether climate targets have been externally validated. The Science Based Targets initiative – SBTi for short – has established itself as the international reference standard. But what’s behind it, when is the effort worthwhile, how does validation work, and what does SBTi V2 mean for companies planning right now?

Climate Targets: Why the Framework Matters

Many companies set climate targets. Not all of them hold up. Internally developed targets without external review often come across as arbitrary and are increasingly viewed with skepticism by stakeholders. Anyone aiming to communicate credibly needs more than a self-set CO₂ benchmark.

We’ve summarized how to set up climate targets and what really counts in a separate article.

What are SBTi Climate Targets?

The Science Based Targets initiative (SBTi) is an international standard that supports companies in setting science-based climate targets. Specifically: companies define emissions reduction targets compatible with the 1.5°C goal set out in the Paris Climate Agreement. SBTi then independently reviews and validates these targets, ensuring they are externally credible and comparable.

In short: SBTi makes sure that climate targets aren’t set arbitrarily but are genuinely sufficient to curb climate change. The initiative is also currently working on a new version of its Net-Zero Standard – SBTi V2 – which is expected to be finalized later this year. We’ll explain what that means for companies further down.

Are SBTi Climate Targets Worth It for Your Company?

SBTi-validated climate targets offer real benefits – but getting there takes effort. Rather than listing pros and cons in the abstract, let’s get specific: when is the step worthwhile, and when is it not yet?

SBTi climate targets are worthwhile if …

you need external credibility with investors, customers, or in tender processes. SBTi serves as independent proof that climate targets have been set using sound methodology.
you already have a solid data foundation. Scope 1 and 2 should be cleanly recorded, with an initial approximation for Scope 3 in place. Without this, the process quickly becomes frustrating.
sustainability is strategically anchored and not treated solely as a reporting topic.
you are part of the supply chain serving large companies – many now actively require SBTi targets.
you deliberately want to put pressure on yourselves: SBTi forces real reductions, not symbolic measures or offsetting.

SBTi climate targets are not yet worthwhile if …

you completely lack a data foundation: no recorded emissions, no defined responsibilities, no established process. In that case, it’s worth building internal structure first – SBTi assumes the basics are in place.
you need quick external impact. SBTi takes time and isn’t a fast communication lever.
the resources for the process simply aren’t there. Beyond fees, there’s internal effort and often external support involved. If you’d like assistance here, feel free to reach out.
you need maximum flexibility. The methodology is strict and leaves little room for individualized approaches.

Step by Step to SBTi Validation

You’ve made the decision? Then the formal part begins – and it’s more detailed than many initially expect.

Step 1: Submit Climate Targets (Submission)

All relevant documentation must be complete and properly prepared: the Target Submission Form, emissions data (CCF, PCF), methodological derivations, and company information. Internal alignment and reviews are part of this stage, before the formal submission to SBTi takes place.

Step 2: Have Climate Targets Validated by SBTi

The initiative reviews whether the targets are genuinely 1.5°C-compatible. So-called Clarification Requests often come up – follow-up questions where data, assumptions, or boundaries need to be refined. This phase is about responding with technical accuracy, supplying additional data and target pathways where needed, and coordinating alignment between internal departments and SBTi.

Step 3: Implement Climate Targets

Target validated – now it’s about actually walking the reduction pathway.

SBTi validation is achievable. But it’s detail work. With good preparation, it runs significantly faster and more smoothly.

Climate Targets under SBTi V2: What Companies Need to Know Now

SBTi continuously develops its Net-Zero Standard. The current version, on which targets are submitted and validated today, is to be replaced by SBTi V2 – a fundamentally revised standard that brings, among other things, stricter requirements for Scope 3, transition planning, and the handling of residual emissions.

Following two consultation drafts in 2025, the final standard is expected later this year. A transition phase is likely for companies: new targets can presumably still be submitted under the current version until the end of 2027 before V2 applies to new targets starting in 2028. Already validated targets will generally remain in place until the end of their respective target period.

In other words: no one needs to switch over immediately. But anyone planning now should know where things are heading.

What you can already do today:

Rethink Scope 3

Don’t just calculate it, but properly classify it: which categories truly drive emissions? Where is reliable data missing? Where are assumptions still being used today that are more rough than solid?

Move from target setting to steering

Going forward, how progress is measured will count for more. Are there clear KPIs along the reduction pathways? Are measures reviewed regularly, or were they planned once and then left aside?

Set up the transition plan early

Not as a reporting document, but as a steering instrument. Anyone who cleanly defines measures, timelines, and responsibilities now will be much better positioned later.

Actively involve the supply chain

For Scope 3, it’s no longer enough to request data from suppliers just once. The point is to identify which suppliers and product groups truly carry weight – and to work with them in a targeted way on better data quality and concrete reduction measures.

Clarify how to handle residual emissions

Carbon removals are becoming more important, but not as a substitute for reduction. Even today, a realistic assessment should be made of which emissions might remain in the long term.

Think about evidence early

V2 is clearly moving toward robust evidence. Data should be traceable, consistent, and connectable – progress must be demonstrable, not just roughly plausible.

Anyone who tackles these points now won’t have to start from scratch with SBTi V2 but can build on what’s already in place at the company.

We’re Happy to Support You on the Path to Validated SBTi Climate Targets

SBTi targets require a robust data foundation: cleanly recorded emissions, clear reduction pathways, traceable progress measurement. If you’d like to approach this path in a structured way, we’ll guide you through it.

Schedule a conversation and learn more about our climate consulting services

* This information is summarized editorial content and should not be construed as legal advice. VERSO accepts no liability.

This might be also interesting for you:

18.11.2025

PCF Automation in 6 Steps

Read article

Bild von Windrädern in der Natur. Sie tragen u.a. dazu bei, die Emissionen von Unternehmen zu reduzieren und ihre Klimaziele zu erreichen.

08.04.2026

Setting climate targets for companies

Read article

Subscribe to our newsletter!

Current ESG topics and legislative changes
Individual advice from the VERSO experts
News about VERSO
Sustainability Events and more

CSRD-Nachhaltigkeitsbericht nach den Simplified ESRS

17.04.2026

Simplified ESRS: What Is Changing and What Companies Should Do Now

The new Simplified ESRS are set to replace ESRS Set 1. This will make them the new standards for mandatory CSRD reporting. In this blog article, you will find everything important about the simplified standards for sustainability reports.

The Simplified ESRS

The ESRS (European Sustainability Reporting Standards) are set to become simpler, but not less important. With the planned Simplified ESRS, also referred to as Amended ESRS or ESRS Set 2, the focus is shifting: away from maximum detail and toward sustainability reporting that presents material topics more clearly, more consistently, and in a more practical way. For companies, this raises not only the question of what will be removed in the future. More importantly, it is about what will actually matter in reporting going forward.

The planned changes are linked to the EU’s Omnibus initiative. The aim is to streamline sustainability reporting requirements under the CSRD (Corporate Sustainability Reporting Directive) without abandoning the core logic of the ESRS. For companies, this means fewer mandatory disclosures, but still a clear focus on material information, transparent disclosures, and a robust presentation of their sustainability topics.

At a glance: What the Simplified ESRS mean for you now

Already deep into ESRS? → Map existing data points to the Simplified ESRS instead of starting from scratch.

Just getting started? → Clarify early whether VSME, Simplified ESRS, or another reporting framework is a better fit, then set up data collection directly along that logic.

No longer in scope? → Assess which form of voluntary reporting makes strategic sense.

Still have time until 2028? → Use the additional time to align materiality, data architecture, and responsibilities cleanly with the Simplified ESRS.

Where do the Simplified ESRS currently stand and what can be expected next?

The Simplified ESRS have not yet been formally adopted. So far, EFRAG’s technical recommendation to the European Commission is available. The final version of future ESRS Set 2 still needs to be adopted by the Commission as a delegated act.

Since the EU plans to adopt EFRAG’s draft as it stands, the direction is already clear: fewer data points, fewer redundancies, greater focus on material information, and more principles-based reporting.

For companies, the draft status is therefore not a reason to wait. Those who understand the logic behind the Simplified ESRS now can already begin aligning reporting processes more effectively toward relevance, coherence, and practical data use.

What is new in the Simplified ESRS and what stays the same?

The planned Simplified ESRS are intended to make sustainability reporting leaner and easier to understand. At the core, the aim is to place greater focus on decision-useful information while reducing the burden on companies where previous requirements were particularly extensive, redundant, or difficult to apply in practice.

Was ist neu und was bleibt bei den Simplified ESRS, den Berichtsstandards der CSRD.

What is new?

Focus on material information

Going forward, only material data points are expected to be disclosed. The goal is a sustainability report that is clearer and less driven by formally checking off every single requirement wherever possible.

Significantly fewer data points

According to EFRAG, mandatory data points are expected to be reduced by around 61 percent. At the same time, voluntary disclosures will be removed. So this is not just about less volume, but also about stronger focus on what is truly relevant for users and decision-making.

Shorter and more understandable standards

The standards are expected to be streamlined. Redundant content will be cut back, and overlaps between ESRS 2 and the topical standards will be reduced. This is intended to improve readability and make application easier in practice.

More principles-based narrative reporting

Key governance topics such as SBM-3, IRO-1, as well as Policies, Actions and Targets will be brought together more strongly. At the same time, presentation is expected to become more flexible. As a result, the report should function less like a checklist and more like a coherent overall picture.

Less burden around value chain data

Going forward, there will no longer be an explicit preference for primary data. Estimates and secondary data are also expected to be allowed where robust primary data is unavailable or can only be obtained with disproportionate effort.

Simplified materiality assessment and clearer disclosure logic

Disclosure logic is also becoming more focused. Companies should be better able to distinguish between material and non-material information. This also affects the question of which mandatory disclosures are actually required and where narrative context matters more than completeness for its own sake.

What stays the same?

Despite the simplification, the core logic of the ESRS remains in place. ESRS Set 1 is not being reinvented, but rather condensed, focused, and further developed in the form of the Simplified ESRS. The double materiality assessment (DMA) also remains a central starting point for reporting. The following three points will continue to be central in the new Set 2:

Double materiality remains mandatory.

Companies must therefore continue to systematically assess which sustainability topics are material, both from an impact perspective and a financial perspective. What is new is mainly that application is intended to become more practical: EFRAG refers to clearer guidance, less documentation effort, and stronger focus on truly decision-useful information.

The 12 topical standards remain structurally in place.

The Simplified ESRS continue to build on the same architecture: ESRS 1 and ESRS 2, along with the familiar environmental, social, and governance standards, remain in place. For companies, this means existing structures, responsibilities, and mapping logic can generally continue to be used, while the depth and volume of required disclosures will be reduced in many places.

The objective remains a transparent presentation of material sustainability topics.

Even with simplified requirements, companies are not expected to simply check off data points, but to explain clearly which material topics they have identified and how they manage them. EFRAG emphasizes stronger focus on relevance, Fair Presentation, and reporting that is less purely compliance-driven. Companies therefore still need to provide an internally coherent story around their material topics.

Fair Presentation: Why the report should be less checklist and more overall picture

A central point in ESRS Set 2 is that it does not just shorten individual requirements, but also shifts the logic behind reporting. This is especially visible in the principle of Fair Presentation.

What does Fair Presentation mean?

A report should not merely appear formally complete. It should provide a coherent, balanced, and understandable overall picture of a company’s material sustainability topics.

In other words, it is no longer enough to simply work through individual Disclosure Requirements. What matters is whether the report as a whole makes it understandable

which topics are material
why they are material
how the company is addressing them

What changes in practice as a result?

With the Simplified ESRS, three things move more strongly into focus:

Relevance instead of maximum detail
Coherence instead of isolated individual disclosures
Clarity instead of overloaded reports

Fair Presentation therefore describes quite precisely what good reporting will increasingly be measured against in the future: not just the quantity of information, but its explanatory value.

Undue Cost or Effort: More pragmatism in data collection

The Undue Cost or Effort principle is intended to reduce the burden on companies wherever data can only be collected with disproportionate effort.

Where is the practical relief?

This is especially relevant for data that is hard to obtain, for example in the value chain or where information cannot be gathered reliably in the short term.

Going forward, there is expected to be more flexibility for:

estimates
secondary data
a more pragmatic approach to data gaps

This is a noticeable relief, especially for companies that are still building reliable ESG data structures.

What does this not mean?

Undue Cost or Effort is not a free pass to simply leave out information.

Companies therefore cannot rely on this principle in a blanket way by saying that data collection is difficult or expensive. What remains decisive is that assumptions, methods, and approaches are transparent and understandable.

What matters here:

Decisions should be justifiable
Estimates should be plausible
Data gaps should be contextualized, not hidden
the report should still provide a robust overall picture despite simplification

This principle therefore stands for a more realistic approach to data collection. The focus is not on perfection at any cost, but on an approach that remains practical while still being transparent.

Fewer data points, but not automatically lower expectations

Reducing data points is a clear form of relief. According to EFRAG, mandatory data points that must be disclosed when material are expected to decrease by around 61 percent. At the same time, voluntary disclosures will be removed.

What has been reduced in concrete terms?

The simplification mainly affects the volume of disclosures that companies previously had to collect, document, and prepare consistently in addition to core requirements. At the same time, the standards as a whole are expected to become shorter, clearer, and more principles-based. This comes with fewer overlaps, more flexibility in narrative disclosures, and a simplified materiality assessment.

But a reduction of around 61 percent does not mean that sustainability reporting will automatically become 61 percent easier. And it does not mean that companies will only need to prepare a heavily shortened report.

Even with fewer mandatory disclosures, the central task remains the same: companies must transparently explain in the ESG report which topics are material, which information is relevant in that context, and how this results in a coherent report.

What does this mean for companies?

The effort therefore shifts in part:

away from pure data collection
toward prioritization, contextualization, and clear presentation

The real simplification, then, is not that everything becomes easy. It is that the focus becomes clearer.

VSME or Simplified ESRS: Decision support for mid-sized companies

With the Simplified ESRS, the question becomes more relevant which framework makes sense for companies that are currently not subject to reporting requirements or want to report voluntarily. VSME is not automatically the better choice simply because it is leaner. What matters is what the reporting is intended to achieve: a pragmatic starting point or voluntary reporting with stronger alignment to ESRS logic.

Answer the following questions for yourself. The more often you answer “yes” to a statement, the more likely the respective standard is a good fit.

VSME is more suitable if …

You want to start voluntary reporting with the lowest possible effort.
You need a pragmatic framework without immediately having to work deeply into ESRS systematics.
Your reporting is primarily intended to provide an initial overview and is not yet meant to reflect all strategic management questions.
You are still at an early stage when it comes to data, processes, and responsibilities.
You first want to establish a solid foundation before expanding reporting and management further.

The Simplified ESRS are more suitable if …

You want voluntary reporting that is already closer to future ESRS logic.
You want to use sustainability not only for documentation, but also more actively for management and strategic purposes.
You are already working with a double materiality assessment or plan to do so.
Your sustainability information also needs to be robust and compatible with expectations from banks, business partners, or more complex customer requirements.
You want to build reporting today that is more robust and future-proof in the long term.

As a rule of thumb

If you mainly want to get started simply and with minimal use of resources, VSME is usually the more suitable entry point.
If you want to report voluntarily in a more structured way, with greater compatibility and closer alignment to the ESRS, there are stronger arguments in favor of the Simplified ESRS.

How companies should move forward now

Which next steps make sense depends above all on where your company currently stands. For most companies, this is not about rebuilding everything from scratch now. It is about adjusting the current course in a targeted way to align with the logic of the Simplified ESRS.

If you are already reporting under ESRS or have prepared extensively for it

Then you should not discard the work you have already done. A sensible approach is to

continue using existing preparatory work
map previously collected ESRS data points to the Simplified ESRS
assess which disclosures will be removed in the future, merged, or only remain relevant if material
review content for opportunities to shorten, improve relevance, and strengthen coherence
question where completeness has so far taken priority over materiality

The next step here is therefore not a restart, but a mapping from the previous ESRS approach to the logic of the Simplified ESRS.

If you are just starting with reporting

Then now is a good time to clarify whether VSME, Simplified ESRS, or another reporting framework is a better fit, and then set up data collection directly along that logic.

What matters now:

build processes around materiality from the outset
avoid creating unnecessarily broad data collection
keep the reporting structure clear and flexible
assess early whether the Simplified ESRS or a VSME-oriented starting point makes more sense

Anyone starting now should therefore no longer follow the principle of “just collect everything first,” but instead orient themselves early around a more focused framework.

If you have fallen out of CSRD scope

Then you should not automatically stop your preparatory work. Instead, now is the right time to reassess your sustainability reporting:

Which ESG information will continue to be expected by customers, banks, or business partners?
Is a leaner voluntary approach such as VSME sufficient for that?
Or is it worth staying voluntarily closer to ESRS logic?

For these companies, the focus is therefore shifting away from pure compliance and toward the question of which form of voluntary reporting makes strategic sense.

If you still have time until 2028

Then waiting is not the best solution. It is more useful to use the additional time deliberately to

set up the double materiality assessment properly
align data architecture early with the logic of the Simplified ESRS
define internal responsibilities and processes clearly
systematically build only the data that is actually relevant for the future sustainability report
design the reporting structure to be more focused and easier to understand from the start

Anyone who lays the right foundations early can report far more efficiently later and avoid unnecessary effort caused by overly broad ESG data collection or a setup that no longer fits.

Need support?

If you need support preparing your next sustainability report – or your first one – we are here to help with software and advisory services, depending on your needs.

Schedule a meeting

* This information is summarized editorial content and should not be construed as legal advice. VERSO accepts no liability.

This might be also interesting for you:

27.11.2024

Mastering CSRD challenges: The double materiality analysis in seven steps

Read article

Holzwürfel, die ein Diagramm mit steigendem Pfeil abbilden: Richtig gemacht, können Nachhaltigkeitesberichte zur Steigerung des Unternehmenserfolgs beitragen Rising bar chart made of wooden blocks symbolizing measurable progress and continuous improvement in a sustainability report.

19.11.2024

Sustainability Report: What Is It and What Do You Need to Know?

Read article

Subscribe to our newsletter!

Current ESG topics and legislative changes
Individual advice from the VERSO experts
News about VERSO
Sustainability Events and more

08.04.2026

Setting climate targets for companies: how to develop well-founded reduction goals

In this article, you will learn how companies can set well-founded climate targets, why the base year of the carbon footprint is crucial, and how to develop a reliable emissions reduction pathway.

The carbon footprint is complete. For many companies, the next step seems obvious: setting climate targets.

In practice, however, this step is often more challenging than expected. Because between a completed carbon footprint and robust climate targets lies a key question: what is actually realistic, effective, and strategically meaningful for our company?

Many companies define CO₂ reduction targets before they fully understand their potential. This leads to targets that are either too cautious or unrealistic. Neither is helpful.

In this article, you will learn how companies can set well-founded climate targets, why the base year of the carbon footprint is crucial, and how to develop a reliable emissions reduction pathway.

Common mistakes when setting climate targets

When setting climate targets, many people initially think in terms of a target year and a percentage. This is exactly where the first mistake often begins. A target such as “40 percent fewer emissions by 2030” may sound concrete, but it is only robust if it is clear what it refers to and how it will be achieved.

In practice, three typical mistakes occur when defining targets:

1. Reducing climate targets to a single number1. Klimaziele auf eine Zahl reduzieren

Strong climate targets for companies consist of more than a target year and a reduction value. They also answer key questions:

What is the company’s starting point?
Which emissions are included?
How ambitious yet realistic is the target?
How can progress be measured later?

Only then does a target become a manageable foundation for climate management.

2. Defining reduction targets before understanding the potential

A carbon footprint is the foundation for any target setting. Without reliable emissions data, no well-founded climate targets can be developed.

However, the footprint alone is not sufficient. It shows where emissions occur, but not automatically where real reduction potential exists.

The biggest lever is not in the same place for every company. Depending on the business model, it may lie in energy supply, vehicle fleets, production processes, logistics, or the supply chain.

This is why it is important to clarify before defining targets which emission sources are most relevant, what potential arises from them, and what is realistically feasible from an operational perspective.

3. Focusing only on the target year instead of the reduction pathway

Many companies focus heavily on the target year. However, a target for 2030 or 2040 alone says little about how emissions will decrease along the way.

This is why a robust emissions reduction pathway is essential.

A reduction pathway describes how emissions should evolve over several years. It helps define interim targets, measure progress, and avoid pushing achievement to a distant endpoint.

A meaningful reduction pathway helps to

make development over time transparent
assess interim results more effectively
identify deviations earlier
manage climate targets more strategically

This turns a climate target from a future promise into a manageable development pathway.

What makes strong climate targets

Robust climate targets consist of more than a number and a target year. They are formulated in a way that provides guidance, is understandable internally, and can be managed reliably over time.

This requires more than ambition. Strong climate targets are primarily defined by clarity and measurability. Key elements include:

a clear base year
a defined target year
a specific reduction value
a clearly defined scope
a transparent data foundation
a realistic reduction pathway

Especially for CO₂ reduction targets, it is important not only to define the target itself, but also to make the underlying logic understandable. Only then can targets be communicated internally, embedded strategically, and monitored reliably.

The base year of the carbon footprint: what companies should consider

To set climate targets, companies need a clear reference point. This is where the base year of the carbon footprint becomes critical.

The base year is the year against which future reductions are measured. If a company aims to reduce emissions by 50 percent by 2030, it must be clear which year serves as the reference.

A suitable base year should:

be based on reliable data
be methodologically sound
be representative of the company
not be heavily distorted by one-off effects

This is more important than it may seem at first glance. An unsuitable base year can make target achievement appear artificially easier or unnecessarily difficult. For robust climate targets, this foundation is essential.

CO₂ reduction targets for companies: ambitious but realistic

In practice, companies often face a tension: climate targets should be ambitious but must remain grounded in reality.

A target that is too cautious fails to leverage existing potential. A target that is too ambitious quickly loses credibility if it is not viable internally. Strong target setting lies somewhere in between.

Key questions include:

What level of reduction is plausible based on emissions data?
Where are the biggest levers?
Which conditions limit implementation?
What developments are realistic in the short, medium, and long term?

For sustainability managers, striking this balance is critical. Climate targets should not only sound good, but also provide real guidance within the company.

Science-based climate targets for robustness and credibility

In principle, companies are free to choose how they define their climate targets. However, more and more companies are aligning with science-based standards. Science-based climate targets, such as those defined by the SBTi, are characterized by the following:

alignment with the 1.5°C pathway
clear and measurable structure (base year, target year, reduction percentage, clearly defined scope (1, 2, 3))
use of real emissions data
inclusion of Scope 3 (if relevant)
immediate implementation of measures
limited reliance on offsetting

Not every company needs to adopt science-based targets. However, it is often worthwhile to align with the core principles of such frameworks. For companies seeking particularly robust and credible targets, this can provide valuable guidance. Those interested in exploring this further should take a closer look at SBTi requirements.

Setting climate targets in companies: a five-step process to an effective reduction pathway

A practical process for defining targets typically looks like this:

Understand the carbon footprint

The carbon footprint shows where emissions occur and which areas are most relevant.

2. Assess hotspots and potential

Before defining targets, it is essential to understand where realistic reduction potential exists.

3. Define the base year and target framework

Determine which year serves as the reference and which emissions are included in the target.

4. Evaluate target options

Only at this stage should decisions be made about target ambition and time horizon.

5. Align targets internally

Climate targets should not be developed in isolation, but in alignment with strategy, data, and operational realities.

Conclusion: setting climate targets means making reduction manageable

Companies that want to set climate targets should not start with an isolated percentage. The key starting point is a robust carbon footprint, combined with a realistic understanding of internal potential.

A strong target system requires a well-defined base year, a transparent emissions reduction pathway, and a target definition that is ambitious yet achievable.

This turns CO₂ reduction targets into more than a communication statement. They become the foundation for effective, strategically managed climate action.

If you want to develop well-founded climate targets and take the next steps in a structured way, feel free to reach out. We support you with practical and expert guidance.

Let's talk

* This information is summarized editorial content and should not be construed as legal advice. VERSO accepts no liability.

This might be also interesting for you:

Schmelzender Eisberg im Wasser als Symbol für die Klimastrategie

17.04.2024

Step by step to Net Zero: how to develop a climate strategy for your company

Read article

Corporate Carbon Footprint (CCF) berechnen und reduzieren

26.06.2025

How is the Corporate Carbon Footprint (CCF) calculated?

Read article

Subscribe to our newsletter!

Current ESG topics and legislative changes
Individual advice from the VERSO experts
News about VERSO
Sustainability Events and more

12.03.2026

Cybersecurity in the Supply Chain: Identifying and Systematically Managing Risks

“Cyber insecurity” is one of the biggest risks and affects the entire supply chain. In this article, you will learn why and how to implement cybersecurity across your supply chain.

In its latest Global Risks Report, the World Economic Forum (WEF) ranks “cyber insecurity” among the most significant global risks (ranked 6th in the short term). According to the Hackett Group, it is even the number one risk factor for procurement leaders. At the same time, the new NIS2 directive makes one thing clear: cybersecurity concerns the entire supply chain and does not end at a company’s own factory gates. It is therefore time to take a closer look at cybersecurity in the supply chain and to consistently address cyber risks from a procurement and supply chain perspective.

Key takeaways on cybersecurity in the supply chain

What is cybersecurity in the supply chain?

Cybersecurity in the supply chain refers to all measures that ensure IT security and information security among external service providers, suppliers, and third parties that have access to systems, data, or critical processes. It therefore covers the systematic protection of the entire supply chain against digital threats.

Why is cybersecurity in the supply chain important?

Modern supply chains are highly interconnected: companies collaborate with cloud providers, IT service providers, logistics companies, consultancies, outsourcing partners, and many other actors. Data flows across system boundaries, external partners access internal business applications, and critical processes depend on third parties. In globally connected supply chains in particular, this creates new digital attack surfaces.

This interconnectedness is exactly what makes supply chains vulnerable to cyberattacks. A single weak point—such as a poorly secured service provider with VPN access or a software supplier with inadequate security standards—may be enough to give attackers access to a company’s systems. This so-called third-party cyber risk is now one of the main drivers behind security incidents in companies and therefore a core challenge for cybersecurity in the supply chain.

As Bitkom President Dr. Ralf Wintergerst puts it:

„Attackers look for the weakest link. Even in highly protected companies, that weak point is often a less protected supplier. (…) Improving cybersecurity therefore requires raising awareness among business partners across the supply chain, agreeing on protective measures, and implementing them together. “

The consequences range from operational disruptions and financial losses to severe reputational damage. Cybersecurity in the supply chain therefore means that not only a company itself must be resilient, but the entire supply chain ecosystem in which it operates.

The challenges of cybersecurity in the supply chain

In theory, it is clear: supply chain risks—including those related to IT security—must be systematically identified and managed. In practice, however, the challenge rarely lies in a lack of willingness, but rather in missing structures. This is exactly where the complexity of cyber risk management becomes apparent.

Typical challenges:

Lack of transparency regarding relevant suppliers
Many companies do not have a clear overview of which suppliers are particularly critical from an IT perspective. System access, data flows, or dependencies are often not centrally documented. As a result, it remains unclear where an attack would cause the most damage.
Different maturity levels among suppliers
While some partners can demonstrate established security standards and certifications, others have little to no documented measures or defined security levels. This heterogeneity makes consistent risk and measure assessment difficult and highlights that there is no one-size-fits-all solution. Instead, dedicated supplier engagement discussions are required.
Manual and unstructured data collection
Information about security measures is often collected via email, Excel files, or individual questionnaires. Such manual risk assessments are time-consuming, error-prone, and not scalable—especially when managing large supplier portfolios.
Outdated information
Once collected, data is rarely updated regularly. As a result, changes—such as updates in a supplier’s IT landscape, security incidents, or new certifications—often go unnoticed.
Limited auditability in case of reviews
Even when measures are implemented, they are often not documented consistently. In the event of audits, regulatory reviews, or security incidents, companies lack a central, reliable overview.

These points highlight a key insight: cybersecurity in the supply chain cannot be addressed through isolated, one-off measures. What is needed are structured, repeatable, and traceable risk assessments that create transparency and enable continuous risk management.

Cyber risk management as the foundation for cybersecurity in the supply chain

Effectively addressing cyber risks in the supply chain requires a holistic approach. Cybersecurity in the supply chain is not an isolated IT topic but part of strategic supply chain risk management.

Key considerations include:

Structured supplier risk management
Suppliers should not only be assessed based on price, quality, and delivery capability, but also on their cyber risk profile. This includes standardized risk assessments, clear criteria, and consistent evaluation frameworks.
Binding security requirements for third parties
Security standards—such as requirements for access control, encryption, incident management, or patch management—should be contractually defined. This is the only way to make cybersecurity a fixed component of collaboration.
Clear communication and escalation paths
In critical situations, every minute counts. Companies need defined contacts, reporting channels, and processes to quickly identify, assess, and jointly address incidents involving suppliers.
Regular review and updates
Threat landscapes evolve, as do IT environments, supplier relationships, and risk assessments. Cyber risks therefore need continuous monitoring, and evaluations must be updated regularly—not only once during supplier onboarding.

How can cybersecurity in the supply chain be ensured?

How can companies take concrete steps to systematically manage cybersecurity as a supply chain risk? A step-by-step approach has proven effective:

1. Identify and prioritize relevant suppliers, access points, and dependencies

The first step is to create transparency regarding which external partners are truly critical from a cybersecurity perspective. The decisive factors are not only contractual relationships but also actual system access, data flows, and operational dependencies—meaning the real potential impact on availability, integrity, and confidentiality. This helps segment the truly relevant partners and dependencies in a targeted way:

Centrally document all external system access points (e.g., VPNs, APIs, cloud integrations)
Classify suppliers into criticality levels based on their access and data impact
Identify particularly sensitive or business-critical dependencies (single points of failure)
Consistently reduce unnecessary or over-privileged access (principle of least privilege)

2. Continuously monitor risks and ensure transparency

Cyber risks in the supply chain evolve continuously—due to new threats, changing IT environments, or adjustments in collaboration. Assessments should therefore not only be updated regularly but also be made manageable across the entire supplier portfolio:

Establish regular reassessments for critical suppliers
Conduct event-driven reassessments in case of incidents or significant changes
Introduce aggregated risk dashboards for portfolio management
Continuously monitor central KPIs (e.g., open high-risk findings, remediation rate, assessment coverage, security monitoring)
Ensure compliance with regulatory requirements, including documentation for NIS2 compliance

3. Document measures and ensure auditability

All assessments, decisions, and measures should be documented centrally. This makes it possible to demonstrate

that risks were identified and addressed,
which requirements were defined for suppliers,
how incidents were handled.

Such auditability is not only important for audits and regulatory requirements, but also for internal confidence in the company’s security approach.

Conclusion: Rethinking cybersecurity – from supply chain risk to strategic management

Cybersecurity today goes far beyond firewalls, virus scanners, and internal IT policies. Companies that want to protect their business must consider the entire supply chain—from selecting critical service providers and defining clear requirements and contracts to conducting recurring assessments and maintaining proper documentation.

The good news: Companies that consistently extend their cybersecurity strategy to include the supply chain gain not only resilience but also control. They know where their biggest dependencies lie, can prioritize risks, and are able to respond faster when incidents occur.

In short: cybersecurity starts within your company—but it does not end at your factory gates.

We are happy to support you in collecting the necessary supplier information centrally and efficiently on one platform.

Schedule a meeting

* This information is summarized editorial content and should not be construed as legal advice. VERSO accepts no liability.

This might be also interesting for you:

Bild von einem Cyber-Angriff mit Computer und Code.

04.02.2026

NIS-2 in the supply chain

Read article

23.02.2026

PPWR: Questions and Answers

Read article

Subscribe to our newsletter!

Current ESG topics and legislative changes
Individual advice from the VERSO experts
News about VERSO
Sustainability Events and more

23.02.2026

PPWR: The moste important questions and answers for companies

The PPWR (Packaging and Packaging Waste Regulation) introduces comprehensive requirements for companies across the entire packaging value chain. In this article, we answer the key PPWR questions and outline which obligations will apply starting in 2026.

The PPWR (Packaging and Packaging Waste Regulation) – also known as the new EU Packaging Regulation – introduces comprehensive requirements for companies across the entire packaging value chain. It covers packaging design, recyclability, labeling, extended producer responsibility (EPR), and packaging waste reduction. Here, you will find the key PPWR questions and learn which obligations will apply starting in 2026.

1. What is the PPWR (Packaging and Packaging Waste Regulation)?

The PPWR (Packaging and Packaging Waste Regulation) is a key component of the European Green Deal. As a uniform, directly applicable framework, it replaces the previous Packaging Directive. The regulation aims to strengthen the circular economy across the EU, reduce packaging waste, increase recyclability and material efficiency, and harmonize existing rules throughout the EU.

2. When does the PPWR apply?

The PPWR entered into force on February 11, 2025. It will apply starting August 12, 2026, and will be rolled out in stages through 2040, with key milestones in 2028 and 2030.

3. Who is affected by the PPWR?

The PPWR applies to all packaging and packaged products placed on the EU market. Starting August 12, 2026, goods packaged in non-compliant packaging may no longer be marketed within the EU.
Exceptions and specific provisions apply to packaging for dangerous goods, medical devices, sensitive food contact materials, and innovative packaging, providing flexibility where safety or innovation considerations justify it.

To the question on PPWR roles: The PPWR has an extremely broad scope. As a result, it affects a wide range of companies, including:

Suppliers of packaging or packaging materials
Manufacturers of packaging or packaged products
Distributors, importers, and fulfillment service providers
Brand owners placing packaged goods on the EU market
Non-EU suppliers delivering products or packaging to the EU

The following sectors are particularly impacted:

FMCG / fast-moving consumer goods (food, beverages, personal care)
Retail, e-commerce, and online marketplaces
Packaging manufacturing
Logistics, fulfillment, and transport packaging
Textiles, apparel, and footwear (packaging-related aspects)
Hospitality, food service, and take-away (HORECA)

4. Which roles does the PPWR define?

The PPWR establishes clear obligations for each economic operator along the supply chain and generally distinguishes between producers, importers, distributors, and suppliers.

Manufacturer

A natural or legal person that manufactures packaging or a packaged product, or has packaging or a packaged product designed or manufactured under its own name or trademark. (This includes packaging manufacturers as well as companies such as Amazon.)

Supplier

Any natural or legal person that supplies packaging or packaging materials to a producer.

Importer

Any natural or legal person established in the EU that places packaging from a non-EU country on the EU market.

Distributor: Any natural or legal person in the supply chain—other than the producer or importer—that makes packaging or packaged products available on the market.

5. What does the PPWR role “Producer” mean, and how does it differ from “Manufacturer”?

This is a quite often asked PPWR question: Under the PPWR, “Producer” refers to any producer, importer, or distributor—regardless of where they are established—that places packaging or packaged products on the market in a Member State for the first time. Producers assume additional obligations, including extended producer responsibility (EPR) for collection and recycling. The term should not be confused with “Manufacturer.” The Manufacturer is one of the roles covered under the broader term “Producer.” There is also potential for confusion in German terminology: in the regulatory context, “Hersteller” refers to the entity responsible for first placing packaging on the market, while “Erzeuger” refers to the entity that manufactures packaging or packaged products.

It is important to understand that within a packaging value chain, there is only one Manufacturer, but there may be multiple Producers. Whether a company qualifies as a Producer must be assessed separately for each Member State, depending on who places the packaging or packaged product on the market first.

6. What does “Extended Producer Responsibility” mean in the context of the PPWR?

A key element of the PPWR is the principle of Extended Producer Responsibility (EPR). EPR compliance requires producers to take responsibility not only for manufacturing and distributing their products, but also for managing the end-of-life treatment of the associated packaging.

For example, online retailers based in Germany that sell goods to end customers in Austria must appoint an authorized representative in Austria, register in the national producer register, and pay the applicable fees there.

7. How will EPR fees change under the PPWR?

Starting 18 months after publication of the EU criteria, EPR fees will be modulated based on environmental performance. This means the fees will be structured according to how sustainable the packaging is. For example, lower fees will apply to packaging with higher recyclability.

8. What obligations does the PPWR introduce for companies?

The PPWR introduces extensive sustainability and information requirements for companies across the entire value chain. These obligations cover packaging design and material selection as well as documentation, labeling, traceability, and reporting.

Key obligations—depending on the company’s role—include:

1. Compliance & chemical safety (from 2026)

Compliance with limits for substances of concern (e.g., PFAS, heavy metals), especially for food contact materials
Conducting conformity assessment procedures
Preparing technical documentation
Issuing an EU Declaration of Conformity (DoC)

2. Labeling & transparency (from 2028 onward)

Harmonized labeling on material composition
Information on compostability, take-back schemes, or deposit return systems
Labeling of reusable packaging
Providing information to authorities and market surveillance bodies
Registration and compliance within the framework of extended producer responsibility (EPR)

3. Design and sustainability requirements (phased in through 2040)

Minimizing weight, volume, and empty space (maximum 50% for transport and e-commerce packaging from 2030)
Ban on certain single-use plastic packaging formats
Recyclability requirements (at least 70% from 2030, 80% from 2038)
Design for recycling to enable material recovery
Minimum recycled content in plastic packaging (10–35% from 2030, up to 65% by 2040)
Compliance with binding reuse targets
Industrial-scale recyclability (from 2035)

4. Specific requirements for certain packaging types

Mandatory compostability for specific applications (e.g., tea bags or fruit labels)
Reuse options in take-away settings
Allowing customers to use their own containers

9. What specific requirements apply starting in 2026?

If you are the Manufacturer of the packaging or packaged products:

You must carry out a conformity assessment procedure and prepare the technical documentation and EU Declaration of Conformity.
You may not use substances of concern in packaging materials (e.g., PFAS, heavy metals).
You are subject to general labeling requirements.

If you purchase packaging or packaged products downstream from a Manufacturer or from your suppliers, you are subject to due diligence obligations. These include, among other things, verifying compliance of the packaging and ensuring that labeling requirements have been properly fulfilled.

10. What requirements apply regarding empty space and overpackaging?

Starting January 1, 2030, grouped, transport, and e-commerce packaging may contain no more than 50% empty space. Filling material is considered empty space. Packaging weight and volume must be reduced to what is strictly necessary, and cosmetic practices such as double walls or false bottoms are prohibited, with only limited exceptions.

11. What impact does the PPWR have on the supply chain?

The PPWR increases data requirements for suppliers and packaging manufacturers across the entire packaging supply chain. It requires clear allocation of responsibilities within the packaging value chain and leads to greater coordination efforts between procurement, sustainability, quality management, and suppliers. At the same time, risks increase due to incomplete or outdated supplier data. As a result, transparency and a digital, readily accessible data foundation become increasingly important.

12. How should companies prepare for the PPWR now?

Companies should establish transparency at an early stage regarding affected packaging and suppliers, review existing data and supporting documentation, and define clear processes for data collection and maintenance. It is also crucial to involve suppliers in a timely manner and build digital structures to ensure scalable and audit-proof compliance.

Our approach:

Assess PPWR readiness across the supply chain
Raise supplier awareness and provide training – without additional workload
Collect and analyze packaging data in an automated way
Optional advisory services for strategic and operational implementation

13. How does the PPWR relate to other ESG requirements?

Supply chain decarbonization

The PPWR promotes recyclable and material-efficient packaging, reducing the use of virgin raw materials and energy-intensive production steps. This creates a direct lever for lowering Scope 3 emissions.

REACH / RoHS

The PPWR builds on existing chemicals regulations and further specifies substance requirements for packaging, for example by setting limits for PFAS and heavy metals to systematically reduce environmental and health risks.

ESRS E5 – Circular Economy

The PPWR operationalizes ESRS E5 requirements by defining binding criteria for recyclability, material composition, and recoverability of packaging. This enables robust and comparable ESG metrics.

EUDR – Traceability

Similar to the EUDR, the PPWR requires transparent traceability of materials and suppliers to demonstrate regulatory compliance across the supply chain.

Digital Product Passport (DPP)

The PPWR provides key data points for the Digital Product Passport, particularly regarding material composition, substances, recyclability, and compliance. It thus lays the foundation for digital, standardized transparency at product and packaging level.

14. Why should companies implement the PPWR early?

Companies should implement the PPWR at an early stage to reduce compliance, liability, and market access risks, while avoiding last-minute implementation challenges and supply chain bottlenecks. Acting now enables companies to build robust data structures instead of relying on manual, ad hoc solutions and strengthens their positioning toward customers, retailers, and authorities. At the same time, the PPWR can serve as a lever for more efficient and sustainable packaging strategies. Early action also ensures sufficient time for necessary adjustments in research and development, including planning, testing, and scaling.

15. What penalties apply in case of PPWR violations?

In Germany, missing EU Declarations of Conformity, technical documentation, registrations, licensing obligations, or incorrect information may result in fines of up to €200,000. In addition, sales bans may be imposed. Specific penalties for individual PPWR obligations will be further defined through additional legal acts.

Implement PPWR with ease

We hope, we could answer most of your questions! Be aware: Starting in 2026, PPWR compliance will become an operational reality—manual Excel spreadsheets will no longer be sufficient. With VERSO, you can digitize data collection, supplier communication, and documentation management in one central platform.

Want to understand your specific obligations? Take the PPWR Check. In just three minutes and a few clicks, you will see what applies to your company—and receive a practical checklist to help you get started.

Take the PPWR Check now

* This information is summarized editorial content and should not be construed as legal advice. VERSO accepts no liability.

This might be also interesting for you:

LKW-Fahrer mit Klemmbrett – Symbolbild für die Dekarbonisierung der Lieferkette

02.12.2025

Decarbonizing the Supply Chain: How To Achieve Climate Goals Along the Supply Chain

Read article

04.02.2026

NIS-2 in the supply chain

Read article

Subscribe to our newsletter!

Current ESG topics and legislative changes
Individual advice from the VERSO experts
News about VERSO
Sustainability Events and more

04.02.2026

What does the NIS-2 cyber security directive mean for the supply chain?

NIS-2 tightens the requirements for cyber security – for the first time, the entire supply chain is in focus, from your service providers to cloud providers. Find out which companies are affected and how you can build effective risk management for your supply chain and NIS-2 compliance step by step.

What is the NIS 2 Directive and what does it mean for the supply chain?

With the NIS 2 Directive, the EU is tightening the requirements for companies’ cyber resilience. The focus is not only on a company’s own IT, but also on the entire supply chain: service providers, suppliers and IT or cloud providers are increasingly becoming a gateway for attacks. Companies must therefore be aware of their dependencies, systematically assess risks and implement suitable security measures for partners and service providers. The supply chain is thus becoming a central lever for compliance with the directive and for the company’s digital resilience.

Which institutions and companies are affected by NIS-2?

This no longer only affects traditional operators of critical infrastructure, but also numerous so-called “particularly important” and “important” facilities – including many companies from industry, production, IT, logistics, energy, healthcare and digital services with 50 or more employees or a turnover of EUR 10 million or more. The “particularly important” facilities, shown in the table, have to implement the strictest requirements.

Particularly important facilities	Facilities / Examples
Energy	Electricity, gas, oil, district heating/cooling, water supply, charging infrastructure for electric vehicles
Transportation & Logistics	Air, rail, road and shipping transportation, including shipping companies and port operators
Finance	Banks, trading platforms, market infrastructures, insurance companies
Healthcare	Hospitals, research institutions, pharmaceutical companies, medical technology
Water supply	Drinking water and wastewater management
Digital infrastructure	DNS services, operators of top-level domains
Public administration	Authorities and other state institutions

Although the “important” facilities – depending on their size and sector – do not have quite as far-reaching obligations and are not classified as critical per se, they must nevertheless act in a NIS-compliant manner. These include:

Food production
Postal and courier services
Chemical industry
Manufacturing industry
Digital services
Research facilities
Waste management

When does NIS-2 apply to companies and their supply chains?

All EU member states should have transposed the NIS-2 Directive into national law by October 17, 2024, but many, including Germany, missed the deadline. In Germany, NIS-2 has therefore only been law since December 2025.

Whether in one country sooner or later, the fact is: companies in the EU must now adapt their security measures in the company and in the supply chain to NIS-2. And they need to be careful: NIS-2 affects significantly more companies than its predecessor, NIS-1. In Germany, around 30,000 organizations are covered by NIS-2, while fewer than 2,000 were affected by NIS-2.

The difference between NIS-2 and ISO-27001

In contrast to established information security standards such as ISO/IEC 27001, NIS-2 goes much further: the focus is not only on securing the company’s own IT, but also on holistic risk management that includes the entire corporate environment, including the supply chain.

Aspect	ISO 27001	NIS-2
Regulatory status	International standard (voluntary)	EU directive (mandatory)
Area of application	Industry-independent, for organizations of all sizes	Specific sectors and companies
Objective	Establishment and operation of an information security management system (ISMS)	Increasing the cyber security level of critical and important infrastructures in the EU
Information protection	Protection of all types of information (digital, physical, cloud)	Focus on IT, OT and network security with critical importance
Risk management	Systematic information security risk management	Extended and deeper requirements for cyber and information security risks
Asset Management	Part of the ISMS	Significantly expanded and explicitly required
Supply chain & procurement security	Generally addressed	Explicit and central requirement (suppliers & partners)
Awareness & training	Employee training recommended	Training courses planned, especially mandatory for management and the Executive Board
Management involvement	Responsibility defined, but limited personal liability	Strong involvement of top management including personal liability
Degree of coverage	Covers approx. 70% of NIS 2 requirements	Goes well beyond ISO 27001

What does NIS-2 require of companies and supply chains?

The NIS 2 directive takes cyber security to a new level – organizationally, technically and strategically. Essentially, the requirements can be divided into three central fields of action:

1. establish systematic risk management: Use of technical protective measures such as multi-factor authentication (MFA), documented cryptography guidelines, established incident response and emergency plans, regular training to raise employee awareness

2. clear responsibilities at management level: active co-design and approval of cybersecurity measures, mandatory further training, personal liability in the event of gross breaches of duty

3. binding reporting obligations & business continuity: early warning report within 24 hours in the event of serious incidents, detailed report after 72 hours with root cause analysis and initial countermeasures, final report within one month including long-term preventive measures

NIS-2 requirements for supply chain management

What is particularly relevant with NIS-2 is that the requirements extend into the supply chain. Companies must be able to clearly demonstrate which suppliers and service providers have access to systems, data or critical processes – and how the associated risks are managed. This applies in particular to IT and cloud service providers, software providers, external service providers with system or data access and suppliers with digitally connected processes.

The specific requirements for supply chain management:

Risk management for third parties

Companies must identify risks arising from collaboration with suppliers and service providers – especially where external partners have access to systems, data or critical processes.

Example: An external IT service provider has remote access to productive systems or administers cloud infrastructures. Companies must assess what impact a failure, a security incident or inadequate protective measures at this service provider would have.

Evaluation of security measures at suppliers

It is not enough to rely on contractual assurances. Companies must be able to understand which security measures are actually in place at relevant suppliers and whether they match their own risk profile.

Example: A software provider confirms “appropriate security measures”. NIS-2 compliance is only achieved when it is clear whether, for example, access controls, patch management, incident response processes or certifications are in place – and how up-to-date they are.

Documentation and verifiability

Assessments, decisions and measures must be documented in a structured manner. In the event of an audit or incident, it is not just what has been implemented that counts, but that risks have been systematically assessed, decisions justified and measures recorded in a comprehensible manner.

Example: Why a certain supplier was classified as an “acceptable risk” – or why additional measures are required – must be explained transparently even months later.

Regular checks instead of one-off queries

NIS-2 understands cyber security as an ongoing process. Information from the supply chain must therefore not be collected once, but must be checked and updated regularly.

Example: The risk assessment must be adjusted in the event of contract extensions, new system access, changed services or security-relevant incidents – not just at the next audit.

How companies ensure NIS 2 compliance (also in the supply chain)

NIS-2 can seem complex at first glance, but with a clear roadmap, the requirements can be systematically implemented. This step-by-step guide shows which measures companies should take now – from risk assessment to audit preparation.

Step-by-step guide to NIS-2 compliance: what measures companies should take now — from risk assessment to audit readiness.

1. clarify NIS-2 affectedness

To begin with, you should check whether your company is affected by the scope of the directive. Anyone who is part of the supply chain may also fall under the requirements.

2. carry out a gap analysis

Check risk management and incident response in particular: Are there clear processes for detecting and reporting incidents? Have access rights, encryption and MFA been implemented? How well are your service providers secured and are emergency and recovery plans up to date?

3. develop a risk management strategy

Effective risk management forms the basis of every NIS 2 strategy.
The core components are:

Regular risk assessments for early identification of weak points
Strong access controls (incl. MFA)
Encryption
Consistent patch management
Regular penetration tests
Establish a structured incident response plan and reporting process

Those who proactively implement these measures reduce risks in the long term and strengthen cyber security throughout the company.

4. clarify and strengthen governance and responsibilities

NIS-2 clearly makes cybersecurity a management task. Management is responsible for actively designing, adopting and regularly reviewing security guidelines.

The central elements are:

Mandatory training for managers
Clearly defined responsibilities (e.g. a designated security officer)
a systematic review of the entire security strategy
continuously maintained and complete safety documentation

Strong governance not only ensures fewer security risks, but also reduces personal liability risks for management.

5. secure the supply chain

Third-party providers and service providers are increasingly becoming a central cyber risk factor – and with NIS-2, they also have a clear responsibility.

To secure your supply chain, you should in particular:

Systematically check the security level and protective measures of your service providers
Make NIS 2 and compliance requirements binding in contracts
Establish ongoing monitoring and control mechanisms to identify risks at an early stage

This turns the supply chain into an effective protective shield: your company reduces both the real attack surface and the regulatory risk.

Conclusion: NIS-2 does not start in IT, but in the supply chain

NIS-2 makes it clear that cyber risks cannot be managed in isolation in IT. Transparency in the supply chain, uniform assessments and the ability to monitor and verify risks on an ongoing basis are crucial. This is precisely where many companies fail due to manual processes and a lack of structure.

With the VERSO Supply Chain Hub, the NIS-2 guideline and cyber security in the supply chain can be mapped centrally: from structured risk queries with suppliers and a uniform assessment of third parties to the ongoing updating and central documentation of all evidence. In this way, NIS-2 is not only implemented in the supply chain in compliance with regulations, but also in a practicable and scalable manner.

Talk to us

* This information is summarized editorial content and should not be construed as legal advice. VERSO accepts no liability.

This might be also interesting for you:

02.12.2025

Decarbonizing the Supply Chain: How To Achieve Climate Goals Along the Supply Chain

Read article

18.11.2025

PCF Automation in 6 Steps

Read article

Subscribe to our newsletter!

Current ESG topics and legislative changes
Individual advice from the VERSO experts
News about VERSO
Sustainability Events and more

18.11.2025

PCF Automation in 6 Steps

The calculation of a Product Carbon Footprint (PCF) is becoming increasingly important for many companies. Automation can be a real game changer here. These six steps show how to move effectively from a manual PCF assessment toward full process automation.

The calculation of product emissions — a Product Carbon Footprint (PCF) — is becoming increasingly important for many companies. With a wide product portfolio, this quickly turns into a major challenge.

Automation can be a real game changer here. To unlock automation potential within your organization, it helps to break the entire PCF process into small, understandable steps. These six steps show how to move effectively from a manual PCF process toward full process automation.

1. Clarify the basics: What is reported, to whom, and based on which standard?

Before you move into the practical phase, you should be able to answer a few key questions:

Who receives the PCF data — customers, authorities, or internal stakeholders?
How should the data be presented — as a report, a digital interface, or an audit result?
Which standards guide the reporting — GHG Protocol, ISO 14067, or other norms?

These questions define the methodological framework. They determine how deep the calculation needs to go (e.g., cradle-to-gate or cradle-to-grave) and which system boundaries apply.

2. Understand your role in the value chain

Your position within the value chain defines which data is relevant:

Companies delivering to a single customer often need standardized downstream data.
Companies at the end of the value chain must prepare information for final products and end customers.
Suppliers in between need both: incoming data collection and outgoing data transmission.

This classification helps identify the right interfaces and automate them later on.

3. No automation without data quality

Automation depends entirely on the data foundation. Companies need to ask:

Where do the data points come from — ERP systems, production data, supplier information?
How can they be structured in a product-level and usable format?
How can you ensure that the data is complete, consistent, and up to date?

Only when these questions are resolved is it worth moving toward technical automation. Otherwise, errors multiply instead of decreasing.

4. From databases to supplier data: Evaluate emissions correctly

A central step in calculating a Product Carbon Footprint is linking material data to emissions. There are two approaches:

Emission factors from databases: easy to access, but based on averages.
Factors based on data from your own supply chain: more complex, yet far more precise.

Many companies rely on databases in the short term. There are already many reliable sources with filtering options to find the most accurate factor possible. At VERSO, for example, we give you access to about 50 databases with over 200,000 emission factors.

In the long run, though, there is no alternative to supply chain data for real transparency and comparability. You should therefore request emission data or individual PCFs from your suppliers as soon as possible. You can also do this via the VERSO Supply Chain Hub. You then transfer the data directly into your PCF in the VERSO Climate Hub.

5. Automate step by step — instead of rushing ahead

Automation should definitely be the goal. However, many companies begin automating before the right foundations are in place. Often, materials are simply linked to emission factors — which may save time, but does not deliver reliable results.

A better approach: first build a solid methodological concept, structure processes in modules, and automate step by step. A modular system helps you start with a few well-defined processes. You can then transfer rules and calculation logic to additional products over time.

6. From partial to full automation

Once the methodology and data quality are right, automation can expand step by step:

Automated data transfers between internal systems (ERP) and PCF software
Intelligent and automated allocation of emission factors to materials
Fully automated calculation processes
Automated management and updates of emission factors
…

The goal: end-to-end, reliable PCF calculations — without manual intervention.
This frees teams to focus on what matters: reducing emissions, implementing measures, and improving products.

Conclusion: Automate with intention

PCF automation succeeds when methodology and data quality come first. Clear goals, roles, and standards, structured data sources, and gradual automation lead to robust results with less effort. A modular approach supports automation, transparency, and comparability — all the way to end-to-end PCF calculation without manual input.

We are happy to support you with software and consulting.

* This information is summarized editorial content and should not be construed as legal advice. VERSO accepts no liability.

This might be also interesting for you:

Eine Hand mit Arbeitshandschuhen hält eine gerade produzierte Glasflasche – Symbolbild für den PCF

03.07.2025

Understanding and Calculating PCF

Read article

26.06.2025

How is the Corporate Carbon Footprint (CCF) calculated?

Read article

Subscribe to our newsletter!

Current ESG topics and legislative changes
Individual advice from the VERSO experts
News about VERSO
Sustainability Events and more

Sign up now!

26.06.2025

How is the Corporate Carbon Footprint (CCF) calculated?

What are your company’s CO₂ emissions – and how can they be reliably calculated? This article explains why the Corporate Carbon Footprint matters—and how to approach it step by step.

The Corporate Carbon Footprint (CCF) refers to the total greenhouse gas emissions a company causes, both directly and indirectly—from office heating to global supply chains. It is calculated based on Scopes 1, 2, and 3 as defined by the Greenhouse Gas Protocol. Scope 3 is particularly critical, as it often accounts for more than 70% of total emissions. Calculating the CCF is a prerequisite for setting effective climate targets, implementing reduction measures, and communicating sustainability efforts credibly. For many companies, it is increasingly becoming a requirement—whether driven by legislation, market expectations, or customer demands.

Content:

Why the Corporate Carbon Footprint matters now
What is the Corporate Carbon Footprint?
How is the Corporate Carbon Footprint calculated?
What happens after the carbon footprint has been calculated?
We support you: with software and expertise
Questions and answers about the CCF

Why the Corporate Carbon Footprint matters now

The pressure on companies to understand and reduce their emissions is increasing. Not only due to legal requirements such as the EU Climate Law, CBAM, or the CSRD: More and more companies are being asked to provide climate-related data – whether in tenders, across supply chains, or as part of voluntary sustainability reporting.

Especially for mid-sized businesses, the Corporate Carbon Footprint is becoming a key competitive factor. Those who know their carbon footprint can take targeted action, reduce risks, and position themselves sustainably in the market.

What is the Corporate Carbon Footprint?

The Corporate Carbon Footprint (CCF) refers to the total greenhouse gas emissions a company causes – both directly and indirectly – from office energy use to the entire supply chain.

The CCF illustrates how much CO₂ and other greenhouse gases a company emits through its business operations. It typically follows internationally recognized standards such as the GHG Protocol, which categorizes emissions into three scopes: Scope 1 (direct emissions), Scope 2 (indirect emissions from purchased energy), and Scope 3 (other indirect emissions).

The three scopes for calculating the corporate carbon footprint (CCF) according to the GHG Protocol

What is the difference between the CCF and the PCF?

While the CCF looks at a company’s overall carbon footprint, the Product Carbon Footprint (PCF) focuses on a single product. It analyzes the emissions generated throughout the product’s entire life cycle, from raw material extraction and production to transportation, use, and disposal. Both concepts complement each other and are essential building blocks for credible climate action within companies.

Aspect	Corporate Carbon Footprint (CCF)	Product Carbon Footprint (PCF)
Definition	Total greenhouse gas emissions of a company	Greenhouse gas emissions of a single product throughout its entire life cycle
System boundary	All company activities (operations, vehicle fleet, supply chain, etc.)	The complete product life cycle (raw materials, production, use, disposal)
Objective	Overview of company-wide emissions, management of climate targets and reduction measures	Assessment of a product’s environmental impact, foundation for eco-design and supply chain requirements
Relevance	Foundation for climate strategy, carbon accounting, CSRD reporting, climate targets	Relevant for customer requirements, eco-design, product development, supplier assessments
Data sources	Energy data, business travel, vehicle fleet, procurement, production processes, suppliers, distribution	Material and process data, supplier data, usage scenarios, disposal routes
Scopes	Scopes 1, 2, and 3 according to the GHG Protocol	Scopes not applicable; assessment based on the product life cycle (e.g., cradle-to-gate, cradle-to-grave)
Target audience	Executive management, investors, banks, regulatory authorities, general public	Customers, procurement, product development, suppliers, end users

Why is Scope 3 so important?

Many companies start with Scope 1 and 2 – and that often makes sense. These data points are usually easier to access: energy consumption, vehicle fleets, or heating systems can typically be tracked internally without much effort.

Scope 3, on the other hand, is more complex but also critical. Why? Because it covers everything that happens outside a company’s direct operations. And that’s usually where the majority of emissions occur: for many companies, Scope 3 accounts for over 70% of total CO₂ emissions and in some industries, it can be as high as 95%.

Despite the challenges, it’s essential to include all three scopes to gain an accurate picture. Ignoring Scope 3 often leads to a serious underestimation of a company’s climate impact and means missing out on valuable opportunities.

Why? Because Scope 3 often holds surprisingly straightforward levers for reduction, such as switching suppliers, optimizing logistics, or improving product design. These opportunities only become visible when Scope 3 is systematically included in the assessment.

Our tip: Even if you don’t have precise data yet, rough estimates can still provide valuable insights. And they’re far better than doing nothing at all.

Which companies is Scope 3 especially relevant for?

Scope 3 is relevant for all companies including mid-sized businesses. Why?

Many mid-sized companies have:

complex or global supply chains,
components and materials they don’t produce in-house,
transport and logistics structures over which they have limited direct control.

All these emissions fall under Scope 3. For these companies, this means: even if their own operations are energy-efficient, the majority of emissions may occur in upstream or downstream processes – precisely where gaining insight and influence becomes particularly important.

How is the Corporate Carbon Footprint calculated?

Calculating the Corporate Carbon Footprint (CCF) involves several clearly structured steps. The goal is to create a reliable and plausible CO₂ balance for the company that serves as a foundation for management decisions, reduction measures, and external reporting.

1. Scope screening: Defining system boundaries

Determining the systematic, organizational, and operational boundaries in line with the GHG Protocol.
Deciding which emission categories (Scopes 1, 2, 3) and subcategories will be included.
Defining the consolidation scope: Which sites, entities, and company sizes are covered?

2. Responsibilities and project organization

Defining who is internally responsible for data collection and preparation.
Aligning on the approach, responsibilities, and timeline
Holding a joint kickoff meeting with all relevant departments.

3. Data collection within departments

Gathering relevant activity data from the departments involved.
Closing data gaps through extrapolations and well-founded assumptions.
Reviewing whether reliable emission factors are already available or need to be added.
Collecting specific data, such as employee commuting patterns, and sending targeted supplier requests to capture upstream emissions.

4. Data validation

Reviewing and verifying the collected data, ideally with support from external experts to ensure data quality.

5. Evaluation and interpretation of results

Joint analysis of the results with the company.
Identification of emission hotspots and priority areas.
Discussion on whether additional data needs to be gathered in more detail (e.g., follow-up supplier requests).
Discussion on whether additional data needs to be gathered in more detail (e.g., follow-up supplier requests).

What happens after the carbon footprint has been calculated?

The carbon footprint is a key part of any decarbonization strategy – but it’s only the beginning. Calculation alone is not enough. It’s the foundation for taking the next targeted steps:

Define measurable climate targets and actions
Effectively reduce greenhouse gas (GHG) emissions
Responsibly offset unavoidable emissions
Responsibly offset unavoidable emissions
Communicate progress and potential transparently

We support you: with software and expertise

Whether you’re working on a Corporate or Product Carbon Footprint or developing a decarbonization strategy: We support you wherever you need it.

Our climate software is built for both climate professionals and beginners. It lets you structure your data in the way that works best for you, whether for reporting, internal management, or external requirements related to communication or compliance.

And if you’re looking for additional sparring or targeted guidance, our Climate Experts are here to help. Because one thing is clear: only those who truly understand their emissions can take effective action.

Let’s start the conversation.

Questions and answers about the Corporate Carbon Footprint (CCF)

What’s the difference between the Corporate and Product Carbon Footprint?

The Corporate Carbon Footprint (CCF) shows how much CO₂ a company emits overall, from office heating to the supply chain. The Product Carbon Footprint (PCF) focuses on a single product, from raw materials to disposal. Simply put: CCF = company perspective, PCF = product perspective.

How often should the carbon footprint be calculated?

At least once a year, ideally as part of the sustainability report. This makes it easier to track progress and manage measures effectively. Those with ambitious goals can also reassess quarterly.

Is the Corporate Carbon Footprint mandatory?

Not in general, but for many companies, it effectively becomes mandatory due to reporting obligations such as the CSRD, CBAM, industry-specific requirements, or customer expectations. And without knowing their footprint, companies will struggle to speak credibly about climate targets.

Which companies is the CCF relevant for?

For all companies that want to act responsibly and build a future-proof business. It becomes especially relevant when investors, customers, or regulations demand transparency – and that’s happening more and more often.

How accurate are the results?

In general, the calculation is only as accurate as the data it’s based on. Scope 1 and 2 data are usually solid, while Scope 3 tends to be more complex. What matters is this: even rough estimates provide valuable insights – and they’re far better than doing nothing.

Is it enough to calculate just Scope 1 and 2?

As a starting point: yes. For a complete picture: no. In many companies, the majority of emissions fall under Scope 3, such as those in the supply chain. Ignoring them means missing out on key levers for reduction.

What is the Greenhouse Gas Protocol?

The GHG Protocol is the global standard for corporate carbon accounting. It defines what belongs to Scope 1, 2, and 3, and ensures that carbon footprints are consistent, comparable, and transparent.

* This information is summarized editorial content and should not be construed as legal advice. VERSO accepts no liability.

This might be also interesting for you:

02.12.2025

Decarbonizing the Supply Chain: How To Achieve Climate Goals Along the Supply Chain

Read article

17.04.2024

Step by step to Net Zero: how to develop a climate strategy for your company

Read article

Nachhaltiges Wirtschaften im Mittelstand

23.04.2025

Sustainable Business Practices: The Business Case for SMEs

Stakeholders, ESG obligations, or simply conviction – For many reasons, sustainability is on the agenda of companies. Whether mandatory or voluntary: sustainability must not only be promised, it must be implemented. This article explains why sustainable business practices are important for all companies – from SMEs to large corporations.

Why is Sustainable Business Important for Small and Medium-sized Enterprises (SMEs)?

Sustainability creates transparency in the supply chain

Sustainable business practices are becoming a prerequisite for medium-sized companies to remain supply-capable and competitive in the long term – as large companies today expect full transparency across the entire supply chain.

Many small and medium-sized enterprises (SMEs) supply products or materials to larger companies that are subject to legal requirements such as the Supply Chain Due Diligence Act (LkSG), the Corporate Sustainability Reporting Directive (CSRD), the EU Deforestation Regulation (EUDR), etc. These companies are often also bound by industry-specific guidelines that demand sustainability information from the supply chain.

Large companies must not only disclose their own ESG information but also that of their suppliers. This means that you, as a supplier, are also affected by the regulations and will be asked for extensive sustainability information:

You will need to undergo thorough due diligence processes, such as the EcoVadis sustainability assessment, which identifies potential risks to people and the environment in the supply chain.
Proof must often be provided not only by suppliers but also by sub-suppliers.

Sustainability as a factor for financing

Sustainable business practices not only improve the ESG rating but also provide access to better financing terms – whether for loans, investments, or insurance.

Medium-sized companies seeking capital from investors or loans from banks should be prepared for ESG inquiries. In practice, the ESG rating directly influences credit terms – the better the rating, the more favorable the loan conditions.

Investors are also increasingly incorporating ESG criteria into ratings and M&A decisions. At the latest, during transactions or investment decisions, robust sustainability metrics will be expected from you.

In addition, (re)insurers also require ESG information from their clients. Sustainability risks are increasingly being incorporated into the risk assessment during contract negotiations, which can directly impact insurance premiums and coverage.

Sustainability expectations from customers and business partners

Anyone who wants to have a say, collaborate, or bid today needs a clear sustainability position – because ESG criteria are increasingly determining partnerships and contract awards.

In partnerships, collaborations, and tenders, certifications and ESG information are increasingly being requested to demonstrate a company’s sustainability ambitions. When entering negotiations, you need to be well-prepared:

No Open Doors without ESG Certifications: A prerequisite for serious discussions – alongside, for example, well-known standards for information security – are increasingly ESG-related certifications. Undergo the assessments early – they are often time-consuming and cannot be “quickly submitted.”
Sustainability and ESG Criteria in Tender Processes: If there is a tender, your company might be excluded from consideration due to the lack of a robust sustainability strategy. This is demonstrated, among other things, through recognized ESG certifications. With sustainability and ESG criteria in tender processes, companies want to ensure from the outset that ecological and social standards are adhered to in the supply chain.
Sustainability also plays a significant role in other quality standards, such as Fairtrade, organic certifications, employer rankings, or ISO standards: ESG criteria are also requested here.

Protection against greenwashing accusations

Simply labeling oneself as “green” is a thing of the past. With the Green Claims Directive and the EmpCo Directive, the EU specifically outlines what constitutes greenwashing and what does not.

Soon, companies will be required to scientifically verify the accuracy of their environmental claims. Failure to do so will not only result in reputational damage, but also actual legal and financial consequences.

You certainly do not intentionally engage in greenwashing, but it can easily happen unintentionally in small and medium-sized enterprises: many greenwashing accusations originate from marketing activities that portray the company in too favorable a light. This often happens when a company’s sustainability data is not transparent.

A climate and sustainability strategy ensures transparent sustainability communication: through a data-driven strategy, KPI tracking, and a CO2 balance, you can communicate numbers, facts, and goals in a verifiable manner.

Improved risk management and resilience

A solid sustainability strategy helps you identify ecological and social risks early – not just within your company but throughout the entire value chain. The foundation for this is the Double Materiality Analysis, which adds a holistic ESG perspective to your existing risk management – including the consideration of opportunities.

This allows risks to be assessed in a targeted way, measures for avoidance or reduction to be derived, and their impact in ESG management to be systematically monitored. This makes your company more resilient to climate impacts, geopolitical changes, or resource shortages – while also saving costs and preventing future losses.

Efficient resource use and optimized processes

A well-thought-out sustainability management system helps you use resources more efficiently. It drives process optimizations and innovations – for example, through energy-saving machines or the recycling of production waste. This saves raw materials, reduces costs, and protects the environment.

With effective ESG management, you not only reduce waste and energy consumption but also save time: you focus on the truly important issues – and can drive them forward in a targeted way. A clear advantage for the future viability of your company.

Holistic corporate strategy and future viability

Individual measures are of little use if the strategic connection is missing. A sustainability strategy provides the necessary overall view: All measures are part of a larger plan – rather than isolated individual initiatives.

The foundation for this is the Double Materiality Analysis, which helps you identify the most important topics. This results in a long-term, systematic strategy – ideally integrated into your corporate strategy. In this way, sustainability becomes a top priority and is managed, measured, and communicated in a targeted manner – for example, with a suitable software solution like the VERSO ESG Hub.

How do you embed sustainability in your company?

For sustainable business practices to be more than just a good intention, they must be deeply embedded in the company. This is achieved with the following building blocks, which demonstrate how small and medium-sized enterprises can move into action in a structured and impactful way.

1. status quo and material topics

Before developing a sustainability strategy, a solid status-quo analysis is needed as a foundation – it provides transparency on data, processes, and challenges within the company. Building on this, a materiality analysis highlights which ESG topics are truly material and where the greatest impacts, risks, and opportunities lie.

2. Setting SMART goals and appropriate measures

Goals are the heart of any sustainability strategy and should be scientifically grounded, formulated in a SMART way, and closely linked to the corporate strategy to avoid conflicts of interest. The development of appropriate measures is crucial for implementation – ideally in collaboration with employees and relevant stakeholders who can contribute practical solutions.

3. Creating awareness for sustainability across the company

Sustainability is a company-wide team project – and that’s why it requires a shared awareness and clear alignment. When developing your sustainability strategy, you should define vision, mission, and values to provide direction, motivate employees, and anchor the topic effectively in the overall strategy. Being transparent about ambitions and strategically using internal communication lays the foundation for living sustainability throughout the company.

4. Moving into implementation: Control is key

After the strategy, the real work begins: Implementing ESG measures is a long-term process that requires continuous adjustment and perseverance. To maintain an overview and be able to respond flexibly to new developments, structured ESG management, regular monitoring, and transparent communication – both internally and externally – are essential. Only in this way will progress remain visible, stakeholders stay engaged, and motivation within the company be maintained.

Start with VERSO

Now it’s time to move from planning to action. We support you every step of the way – with the right software solutions and services throughout your entire sustainability journey: from the first report and goal setting to tracking concrete measures. Step by step, you will build the foundation for sustainable business practices in your company.

Get in touch with us.

This might be also interesting for you:

Mann im Anzug mit Fahrrad – Symbolbild für Nachhaltigkeit im Unternehmen

23.04.2024

Why is sustainability important for companies?

Read article

19.11.2024

Sustainability Report: What Is It and What Do You Need to Know?

Read article

Subscribe to our newsletter!

Current ESG topics and legislative changes
Individual advice from the VERSO experts
News about VERSO
Trusted by 250+ customers

Sign up now!

Der Aufbau der ESRS: SO berichten Sie CSRD-konform.

28.11.2024

Structuring an ESRS report: How to ensure CSRD compliance

Tens of thousands of companies are required to publish a CSRD compliant sustainability report for the first time. Many are now faced with over 1,000 data points and wondering: How do we turn this into a structured sustainability report? What is the structure of an ESRS report?

This article will guide you through the process and provide you with a checklist to help identify the key data points for your report.

Creating an ESRS report – What needs to be done?

For most companies, preparing a CSRD-compliant sustainability report is uncharted territory. So far, only a few have completed this process, meaning you are not alone. To understand the structure of an ESRS report, it is helpful to first familiarize yourself with the individual ESRS standards. The next step is to focus on the disclosure requirements and data points that are most relevant to your company. To support you in this process, we have prepared a practical checklist.

What do CSRD and ESRS require?

Being affected by the CSRD means that a company is required to publish a sustainability report as part of its management report. This sustainability report is not meant to be a marketing brochure but a comprehensive document covering environmental, social, and governance (ESG) topics.

A key aspect: Companies do not have the freedom to choose their reporting framework – the ESRS are the mandatory standards they must follow. Additionally, just like the management report, the sustainability report must be audited by external auditors. This makes it even more crucial to understand the framework, be familiar with the structure of the report, and ensure that you report on the correct, material data points.

How should I approach the double Materiality Assessment?

Speaking of key data points: The double materiality assessment is the core of the ESRS report.

Download the full blog post now and gain access to:

Tips for conducting the double materiality assessment,
An overview of the ESRS structure,
In-depth insights into the content of the ESRS standards, and
A checklist for identifying the key material data points.

Before we continue

The content on this website is the result of the work of people who immerse themselves in the world of ESG with much passion and care. We take the time to present complex topics in an understandable way and provide practical tips. To prevent our work from being copied or used as AI training material, we ask you to leave us your e-mail address for particularly extensive and detailed content such as this. You will then receive the article as a PDF directly in your mailbox.

This might also interest you:

Eine Nachhaltigkeitsstrategie ist für Unternehmen wichtig, um ihre ESG-Ziele zu erreichen

11.03.2024

5 reasons why a sustainability strategy is important for companies

Read article

27.11.2024

Mastering CSRD challenges: The double materiality analysis in seven steps

Read article

Subscribe to our newsletter!

Current ESG topics and legislative changes
Individual advice from the VERSO experts
News about VERSO
Trusted by 250+ customers

SBTi Climate Targets: How to Get Validated – and What You Need to Know About the Update

Climate Targets Under SBTi

Climate Targets: Why the Framework Matters

What are SBTi Climate Targets?

Are SBTi Climate Targets Worth It for Your Company?

SBTi climate targets are worthwhile if …

SBTi climate targets are not yet worthwhile if …

Corporate Carbon Footprint Not Yet Calculated?

Step by Step to SBTi Validation

Step 1: Submit Climate Targets (Submission)

Step 2: Have Climate Targets Validated by SBTi

Step 3: Implement Climate Targets

Climate Targets under SBTi V2: What Companies Need to Know Now

Rethink Scope 3

Move from target setting to steering

Set up the transition plan early

Actively involve the supply chain

Clarify how to handle residual emissions

Think about evidence early

The PCF Is Becoming More Important for SBTi V2. Time to Get Started.

We’re Happy to Support You on the Path to Validated SBTi Climate Targets

* This information is summarized editorial content and should not be construed as legal advice. VERSO accepts no liability.

This might be also interesting for you:

PCF Automation in 6 Steps

Setting climate targets for companies

Subscribe to our newsletter!

Simplified ESRS: What Is Changing and What Companies Should Do Now

The Simplified ESRS

At a glance: What the Simplified ESRS mean for you now

Where do the Simplified ESRS currently stand and what can be expected next?

What is new in the Simplified ESRS and what stays the same?

What is new?

Focus on material information

Significantly fewer data points

Shorter and more understandable standards

More principles-based narrative reporting

Less burden around value chain data

Simplified materiality assessment and clearer disclosure logic

What stays the same?

Double materiality remains mandatory.

The 12 topical standards remain structurally in place.

The objective remains a transparent presentation of material sustainability topics.

Fair Presentation: Why the report should be less checklist and more overall picture

What does Fair Presentation mean?

What changes in practice as a result?

Undue Cost or Effort: More pragmatism in data collection

Where is the practical relief?

What does this not mean?

Fewer data points, but not automatically lower expectations

What has been reduced in concrete terms?

What does this mean for companies?

VSME or Simplified ESRS: Decision support for mid-sized companies

VSME is more suitable if …

The Simplified ESRS are more suitable if …

As a rule of thumb

How companies should move forward now

If you are already reporting under ESRS or have prepared extensively for it

If you are just starting with reporting

If you have fallen out of CSRD scope

If you still have time until 2028

Need support?

* This information is summarized editorial content and should not be construed as legal advice. VERSO accepts no liability.

This might be also interesting for you:

Mastering CSRD challenges: The double materiality analysis in seven steps

Sustainability Report: What Is It and What Do You Need to Know?

Subscribe to our newsletter!

Setting climate targets for companies: how to develop well-founded reduction goals

Common mistakes when setting climate targets

1. Reducing climate targets to a single number1. Klimaziele auf eine Zahl reduzieren

2. Defining reduction targets before understanding the potential

3. Focusing only on the target year instead of the reduction pathway

What makes strong climate targets

The base year of the carbon footprint: what companies should consider

CO₂ reduction targets for companies: ambitious but realistic

Science-based climate targets for robustness and credibility

Setting climate targets in companies: a five-step process to an effective reduction pathway

Understand the carbon footprint

2. Assess hotspots and potential

3. Define the base year and target framework

4. Evaluate target options