CSDDDTemplateEU

CSDDD supplier human rights impact scoring template

A template for identifying and prioritising supplier-related adverse human rights and environmental impacts under CSDDD Articles 8 and 9.

Use it to separate commercial supplier risk from impacts on people and the environment, then record the evidence and stakeholder input behind each score.

Back to main artifactReview sources
Author
Sorena AI
Published
May 9, 2026
Updated
May 9, 2026
Sections
4

Structured answer sets in this page tree.

Primary sources
2

Cited legal and guidance references.

Publication metadata
Sorena AI
Published May 9, 2026
Updated May 9, 2026
Overview

This CSDDD supplier scoring template is built around adverse impacts, not supplier convenience, spend, or contract value. Each record should describe the supplier activity in the chain of activities, the people or environment that may be affected, the severity and likelihood basis for prioritisation, and the evidence that supports the next due diligence measure.

Section 1

Template scope: supplier activity and chain-of-activities boundary

Start each scoring row by fixing the CSDDD boundary. Article 8 covers the company's own operations, subsidiaries, and business partners where their activities are related to the company's chain of activities. The directive defines that chain to include upstream activities such as design, extraction, sourcing, manufacture, transport, storage and supply, and downstream distribution, transport and storage when carried out for or on behalf of the company.

Do not score a supplier as high risk merely because it is strategic, expensive, or hard to replace. Score the actual or potential adverse impact linked to a defined activity, site, product, service, sector, geography, or operating context.

  • Supplier record fields: supplier name, direct or indirect business partner, site or operating location, product or service, and the specific upstream or downstream activity in scope.
  • Boundary fields: whether the impact arises in own operations, a subsidiary, a direct supplier, an indirect supplier, or another business partner in the chain of activities.
  • Impact fields: affected right or environmental interest, affected workers or communities, actual or potential impact, and whether the company may cause, jointly cause, contribute to, or be linked to the impact through the relationship.
  • Risk-factor fields: sector, product or service, geography, business operation, known complaints, audit findings, independent reports, and notification or complaint mechanism inputs.
Sources for this answer
Directive (EU) 2024/1760 on corporate sustainability due diligence
Supports the chain-of-activities boundary, business partner definitions, and Article 8 duty to map operations, subsidiaries, and business partners for adverse impacts.
OECD Guidelines for Multinational Enterprises on Responsible Business Conduct
Supports treating due diligence as risk-based assessment of adverse impacts on people, planet, and society rather than only enterprise-facing risk.
Recommended next step

Turn supplier impact scoring into CSDDD evidence

Use this template to connect supplier impact records with Article 8 identification, Article 9 prioritisation, stakeholder input, and evidence for follow-up measures.

Research workflow
Open Research Copilot

Answer CSDDD supplier due diligence questions with cited source material.

Explore next step
Talk to Sorena
Discuss CSDDD implementation

Review supplier impact scoring, chain-of-activities boundaries, and evidence gaps with Sorena.

Explore next step
Section 2

Article 8 identification fields

Use Article 8 as the intake structure. First map broad areas where adverse impacts are most likely and most severe. Then run deeper assessment only for the supplier activities, locations, products, or services where that mapping shows the strongest impact signal.

The evidence column should combine quantitative and qualitative information where available. Supplier questionnaires alone are not enough when complaints, worker interviews, trade union input, independent reports, or credible in-country sources point to a different impact picture.

  • General mapping fields: sector risk, country or region context, product or raw-material risk, worker group, community group, known vulnerable group, and whether the risk is systemic or site-specific.
  • In-depth assessment fields: specific allegation or impact scenario, source of the information, affected people or environment, available supplier evidence, gaps in evidence, and confidence level.
  • Stakeholder input fields: consulted workers, worker representatives, trade unions, community representatives, civil society sources, human rights or environmental institutions, and any barriers to direct consultation.
  • Supplier evidence fields: policies, code-of-conduct acceptance, payroll or working-time evidence, recruitment fee controls, grievance logs, corrective action status, audit or verification results, and evidence freshness.
Sources for this answer
Directive (EU) 2024/1760 on corporate sustainability due diligence
Supports the two-step Article 8 approach: mapping likely and severe impact areas, then carrying out in-depth assessment where impacts are most likely and severe.
OECD Guidelines for Multinational Enterprises on Responsible Business Conduct
Supports using stakeholder engagement and business relationship information when assessing actual and potential adverse impacts.
Section 3

Article 9 scoring rubric: severity before convenience

Article 9 prioritisation applies when it is not feasible to address every identified impact at the same time and to the full extent. The score should therefore rank impacts by severity and likelihood, then show which impacts will move first into prevention, mitigation, corrective action, remediation, or monitoring.

Use a short numeric scale only if every number has a written reason. A useful row explains who may be harmed, how serious the harm is, how hard it would be to restore the affected people or environment, how likely the impact is, and which evidence would change the score.

  • Severity score: assess scale, scope, and irremediable character, including gravity, number of people affected or potentially affected, environmental extent, irreversibility, and limits on restoration within a reasonable period.
  • Likelihood score: assess supplier activity, geography, sector, product, workforce model, complaints, independent reports, prior incidents, and strength or weakness of supplier controls.
  • Priority result: high priority when severity is high even if evidence is incomplete; lower commercial leverage is not a reason to downgrade the impact.
  • Review trigger: rescore after a credible complaint, worker or community input, audit finding, material supplier change, new sourcing geography, or evidence that mitigation is not working.
Sources for this answer
Directive (EU) 2024/1760 on corporate sustainability due diligence
Supports Article 9 prioritisation by severity and likelihood and the directive's definition of severity using scale, scope, and irremediable character.
OECD Guidelines for Multinational Enterprises on Responsible Business Conduct
Supports prioritising impacts by severity and likelihood when an enterprise cannot address all impacts at once.
Section 4

Output columns for action, evidence, and stakeholder follow-up

The completed template should produce an impact register, not a supplier scorecard. Each high-priority row needs a linked due diligence action: prevention or mitigation for potential impacts, corrective action for actual impacts, remediation where the company caused or jointly caused an actual impact, and stakeholder engagement where the action may affect workers or communities.

Before using disengagement or suspension as an output, record why other measures are insufficient and assess whether the adverse impacts of ending the relationship could be manifestly more severe than the original impact. Keep that reasoning attached to the impact row.

  • Action fields: prevention plan, mitigation measure, corrective action plan, supplier support, contractual assurance, verification measure, remediation route, or responsible disengagement review.
  • Owner fields: procurement owner, human rights or sustainability owner, legal reviewer, supplier contact, stakeholder-engagement owner, and approval route for high-severity impacts.
  • Stakeholder follow-up fields: consultation date, groups consulted, information shared, additional information requested, response given, unresolved concerns, and protection against retaliation or access barriers.
  • Evidence fields: source, date, document owner, evidence type, affected stakeholder signal, supplier response, verification status, next review trigger, and the reason for any unresolved evidence gap.
Sources for this answer
Directive (EU) 2024/1760 on corporate sustainability due diligence
Supports linking prioritised impacts to prevention, mitigation, corrective action, remediation, stakeholder engagement, and careful review before suspension or termination.
OECD Guidelines for Multinational Enterprises on Responsible Business Conduct
Supports including stakeholder input, business relationships beyond first tier, leverage, and remediation logic in supplier impact records.
Primary sources

References and citations

Related guides

Explore more topics

CSDDD adverse impact prioritisation workflow
A CSDDD workflow for identifying actual and potential adverse human rights and environmental impacts, ranking severity and likelihood, and documenting prevention, mitigation, remediation, and stakeholder evidence.
CSDDD Applicability Test: EU and Non-EU Company Scope
Test whether Directive (EU) 2024/1760 may apply to an EU or non-EU company using grounded CSDDD employee, turnover, group, franchise, royalty, exclusion, and phase-in checks.
CSDDD chain of activities and supplier due diligence
Explain CSDDD chain-of-activities scope, upstream and downstream boundaries, subsidiaries, direct and indirect business partners, supplier risk segmentation, and evidence.
CSDDD Chain of Activities Boundaries
Define CSDDD upstream and downstream chain of activities boundaries for subsidiaries, direct and indirect business partners, distribution, transport, storage, and records.
CSDDD chain of activities boundaries: upstream and downstream FAQ
FAQ on how the CSDDD defines chain of activities boundaries for subsidiaries, direct and indirect business partners, upstream activities, downstream logistics, and evidence.
CSDDD civil liability under Article 29: what companies should check
FAQ on CSDDD Article 29 civil liability: liability conditions, protected legal interests, causation, compensation, limitation periods, and evidence disclosure.
CSDDD Climate Transition Plan Requirements
Article 22 CSDDD guidance for climate transition plans: business model alignment, targets, actions, funding, governance, and 12-month progress updates.
CSDDD complaints and notifications FAQ
FAQ on Article 14 CSDDD complaint and notification mechanisms, who may complain, follow-up rights, confidentiality, retaliation, and evidence.
CSDDD compliance duties and evidence guide
A grounded CSDDD compliance guide covering due diligence policy, adverse impact identification, prevention, corrective action, complaints, monitoring, reporting, climate plans, and supervisory evidence.
CSDDD contractual assurances FAQ for Articles 10 and 11
How CSDDD Articles 10 and 11 use contractual assurances with business partners, verification, SME support, action plans, and suspension or termination escalation.
CSDDD deadlines and compliance calendar after Directive (EU) 2025/794
Current CSDDD calendar for transposition, application phases, Article 16 reporting exceptions, Commission guidance dates, and practical compliance evidence.
CSDDD due diligence checklist
A grounded CSDDD checklist for scope, due diligence policy, chain-of-activities risk mapping, impact prioritisation, action plans, complaints, monitoring, communication, climate planning, and evidence.
CSDDD Due Diligence Steps Playbook for Articles 5 and 7-16
A grounded playbook for the CSDDD due diligence sequence: policy integration, impact assessment, prioritisation, prevention, correction, remediation, stakeholder engagement, complaints, monitoring, communication, and evidence.
CSDDD FAQ: scope, dates, duties, liability, and evidence
Practical answers on CSDDD scope, current application dates, chain of activities, due diligence duties, complaints, remediation, civil liability, climate plans, and evidence.
CSDDD franchising and licensing scope FAQ
FAQ on when franchise or licensing networks can fall within Article 2 of the EU CSDDD, including royalties, turnover, EU and non-EU treatment, and evidence.
CSDDD grievance and remediation workflow guide
Build a CSDDD grievance, notification, stakeholder engagement, and remediation workflow around Articles 12, 13, and 14 of Directive (EU) 2024/1760.
CSDDD Liability and Penalties: enforcement, fines, and civil claims
A grounded guide to CSDDD supervisory enforcement, penalty mechanics, civil liability, compensation limits, evidence records, and national transposition caveats.
CSDDD non-EU turnover threshold FAQ
How non-EU companies should assess CSDDD scope using EU-generated turnover, group thresholds, authorised representative records, and competent authority evidence.
CSDDD Non-EU Turnover Thresholds and Scope Waves
Article 2 and Article 37 CSDDD scope guide for non-EU Union turnover, group routes, franchise and licensing routes, and current application dates after Directive (EU) 2025/794.
CSDDD Omnibus timing changes after Directive (EU) 2025/794
FAQ answer on current CSDDD Article 37 dates after Directive (EU) 2025/794 and how to separate adopted timing changes from proposal-stage Omnibus simplification.
CSDDD penalties and fines under Article 27
How CSDDD Article 27 sets penalty rules, turnover-based fine caps, public decision publication, supervisory authority powers, and national transposition caveats.
CSDDD prevention vs mitigation: potential and actual adverse impacts
CSDDD FAQ on when to prevent or mitigate potential adverse impacts, when to end or minimise actual adverse impacts, and what evidence records to keep.
CSDDD remediation FAQ: when companies must remedy adverse impacts
FAQ on CSDDD remediation: when Article 12 requires remedy, how complaints and stakeholder engagement affect the response, and what evidence to keep.
CSDDD Remediation Plan Template: Article 12, 13 and 14 evidence
A CSDDD remediation plan template for actual adverse impacts, complaint inputs, stakeholder engagement, action records, and monitoring evidence.
CSDDD requirements: scope, due diligence, climate plan, and evidence
A grounded map of the Corporate Sustainability Due Diligence Directive requirements across scope, due diligence policy, impact assessment, complaints, remediation, monitoring, communication, and climate transition planning.
CSDDD risk prioritisation FAQ: severity, likelihood, and evidence
How to prioritise CSDDD adverse impacts when teams cannot address everything at once, using severity, likelihood, stakeholder evidence, and a reviewable rationale.
CSDDD Scope Thresholds: EU, Non-EU, Group and Franchise Routes
Article 2 CSDDD scope thresholds for EU companies, non-EU Union turnover, ultimate-parent groups, franchise and licensing routes, consecutive-year tests, and evidence records.
CSDDD scope waves: current Article 37 dates and thresholds
FAQ on the current CSDDD phase-in after Directive (EU) 2025/794: 26 July 2028, 26 July 2029, Article 2 scope thresholds, and evidence to retain.
CSDDD Supplier Contract Clause Review Workflow
Review supplier contract clauses against CSDDD Articles 10 and 11: contractual assurances, verification, SME fairness, support, action plans, and escalation evidence.
CSDDD Supplier Contract Clauses: Articles 10 and 11 Evidence
How to use CSDDD supplier contract clauses without treating clauses as a substitute for due diligence: contractual assurances, verification, SME support, action plans, limits, and evidence.
CSDDD transition plans FAQ: Article 22 climate plan requirements
FAQ on CSDDD Article 22 climate transition plans: targets, decarbonisation levers, investment and funding, governance, CSRD overlap, and evidence records.
CSDDD vs CSRD: Due Diligence and Reporting Compared
Compare CSDDD due diligence duties with CSRD sustainability reporting, including scope, timing, Article 16 reporting, evidence overlap, assurance, and enforcement.
CSDDD vs German LkSG Comparison
Compare the EU CSDDD with Germany's LkSG without mixing directive duties, national-law duties, chain boundaries, complaints, reporting, and enforcement routes.
CSDDD vs OECD Guidelines
Compare the binding EU CSDDD with the OECD Guidelines for responsible business conduct across scope, due diligence duties, business relationships, remediation, and evidence.
How CSDDD overlaps with OECD, UNGP, and ILO standards
FAQ on how OECD responsible business conduct guidance, the UN Guiding Principles, and ILO labour standards inform CSDDD due diligence without being the same legal instrument.