bmad-plus 0.7.5 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +450 -425
- package/LICENSE +21 -21
- package/README.md +555 -447
- package/osint-agent-package/README.md +88 -88
- package/osint-agent-package/SETUP_KEYS.md +108 -108
- package/osint-agent-package/agents/osint-investigator.md +80 -80
- package/osint-agent-package/install.ps1 +87 -87
- package/osint-agent-package/install.sh +76 -76
- package/osint-agent-package/skills/bmad-osint-investigate/SKILL.md +147 -147
- package/osint-agent-package/skills/bmad-osint-investigate/osint/SKILL.md +452 -452
- package/osint-agent-package/skills/bmad-osint-investigate/osint/assets/dossier-template.md +116 -116
- package/osint-agent-package/skills/bmad-osint-investigate/osint/references/content-extraction.md +100 -100
- package/osint-agent-package/skills/bmad-osint-investigate/osint/references/enrichment-databases-fr.md +148 -148
- package/osint-agent-package/skills/bmad-osint-investigate/osint/references/platforms.md +130 -130
- package/osint-agent-package/skills/bmad-osint-investigate/osint/references/psychoprofile.md +69 -69
- package/osint-agent-package/skills/bmad-osint-investigate/osint/references/tools.md +281 -281
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/_http.py +101 -101
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/apify.py +266 -260
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/brightdata.py +101 -101
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/diagnose.py +141 -141
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/exa.py +79 -79
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/jina.py +71 -71
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/mcp-client.py +136 -136
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/parallel.py +85 -85
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/perplexity.py +102 -102
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/tavily.py +72 -72
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/volley.py +208 -208
- package/osint-agent-package/skills/bmad-osint-investigator/SKILL.md +15 -15
- package/package.json +62 -57
- package/readme-international/README.de.md +576 -426
- package/readme-international/README.es.md +578 -518
- package/readme-international/README.fr.md +576 -516
- package/src/bmad-plus/agents/agent-architect-dev/SKILL.md +96 -96
- package/src/bmad-plus/agents/agent-architect-dev/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/agents/agent-maker/SKILL.md +201 -201
- package/src/bmad-plus/agents/agent-maker/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/agents/agent-orchestrator/SKILL.md +137 -137
- package/src/bmad-plus/agents/agent-orchestrator/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/agents/agent-quality/SKILL.md +83 -83
- package/src/bmad-plus/agents/agent-quality/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/agents/agent-shadow/SKILL.md +71 -71
- package/src/bmad-plus/agents/agent-shadow/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/agents/agent-strategist/SKILL.md +80 -80
- package/src/bmad-plus/agents/agent-strategist/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/agents/pack-animated/animated-website-agent.md +325 -325
- package/src/bmad-plus/agents/pack-animated/templates/animated-website-workflow.md +55 -55
- package/src/bmad-plus/agents/pack-backup/backup-agent.md +71 -71
- package/src/bmad-plus/agents/pack-backup/templates/backup-workflow.md +51 -51
- package/src/bmad-plus/agents/pack-seo/SKILL.md +171 -171
- package/src/bmad-plus/agents/pack-seo/checklist.md +140 -140
- package/src/bmad-plus/agents/pack-seo/pagespeed-playbook.md +320 -320
- package/src/bmad-plus/agents/pack-seo/ref/audit-schema.json +187 -187
- package/src/bmad-plus/agents/pack-seo/ref/cwv-thresholds.md +87 -87
- package/src/bmad-plus/agents/pack-seo/ref/eeat-criteria.md +123 -123
- package/src/bmad-plus/agents/pack-seo/ref/geo-signals.md +167 -167
- package/src/bmad-plus/agents/pack-seo/ref/hreflang-rules.md +153 -153
- package/src/bmad-plus/agents/pack-seo/ref/quality-gates.md +133 -133
- package/src/bmad-plus/agents/pack-seo/ref/schema-catalog.md +91 -91
- package/src/bmad-plus/agents/pack-seo/ref/schema-templates.json +356 -356
- package/src/bmad-plus/agents/pack-seo/seo-chief.md +294 -294
- package/src/bmad-plus/agents/pack-seo/seo-judge.md +241 -241
- package/src/bmad-plus/agents/pack-seo/seo-scout.md +171 -171
- package/src/bmad-plus/agents/pack-seo/templates/seo-audit-workflow.md +241 -241
- package/src/bmad-plus/data/role-triggers.yaml +209 -209
- package/src/bmad-plus/module-help.csv +10 -10
- package/src/bmad-plus/module.yaml +283 -280
- package/src/bmad-plus/packs/pack-animated/animated-website-agent.md +325 -0
- package/src/bmad-plus/packs/pack-animated/templates/animated-website-workflow.md +55 -0
- package/src/bmad-plus/packs/pack-backup/backup-agent.md +71 -0
- package/src/bmad-plus/packs/pack-backup/templates/backup-workflow.md +51 -0
- package/src/bmad-plus/packs/pack-dev-studio/README.md +162 -162
- package/src/bmad-plus/packs/pack-dev-studio/categories/analysis/analyst-agent.md +73 -73
- package/src/bmad-plus/packs/pack-dev-studio/categories/analysis/document-project.md +61 -61
- package/src/bmad-plus/packs/pack-dev-studio/categories/analysis/domain-research.md +95 -95
- package/src/bmad-plus/packs/pack-dev-studio/categories/analysis/market-research.md +95 -95
- package/src/bmad-plus/packs/pack-dev-studio/categories/analysis/prfaq.md +134 -134
- package/src/bmad-plus/packs/pack-dev-studio/categories/analysis/product-brief.md +80 -80
- package/src/bmad-plus/packs/pack-dev-studio/categories/analysis/tech-writer-agent.md +73 -73
- package/src/bmad-plus/packs/pack-dev-studio/categories/analysis/technical-research.md +95 -95
- package/src/bmad-plus/packs/pack-dev-studio/categories/architecture/architect-agent.md +73 -73
- package/src/bmad-plus/packs/pack-dev-studio/categories/architecture/create-architecture.md +73 -73
- package/src/bmad-plus/packs/pack-dev-studio/categories/architecture/create-epics-stories.md +92 -92
- package/src/bmad-plus/packs/pack-dev-studio/categories/architecture/generate-project-context.md +80 -80
- package/src/bmad-plus/packs/pack-dev-studio/categories/architecture/implementation-readiness.md +90 -90
- package/src/bmad-plus/packs/pack-dev-studio/categories/architecture/steps/step-01-init.md +153 -153
- package/src/bmad-plus/packs/pack-dev-studio/categories/architecture/steps/step-01b-continue.md +173 -173
- package/src/bmad-plus/packs/pack-dev-studio/categories/architecture/steps/step-02-context.md +224 -224
- package/src/bmad-plus/packs/pack-dev-studio/categories/architecture/steps/step-03-starter.md +329 -329
- package/src/bmad-plus/packs/pack-dev-studio/categories/architecture/steps/step-04-decisions.md +318 -318
- package/src/bmad-plus/packs/pack-dev-studio/categories/architecture/steps/step-05-patterns.md +359 -359
- package/src/bmad-plus/packs/pack-dev-studio/categories/architecture/steps/step-06-structure.md +379 -379
- package/src/bmad-plus/packs/pack-dev-studio/categories/architecture/steps/step-07-validation.md +361 -361
- package/src/bmad-plus/packs/pack-dev-studio/categories/architecture/steps/step-08-complete.md +81 -81
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/checkpoint-preview.md +67 -67
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/code-review-steps/step-01-gather-context.md +85 -85
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/code-review-steps/step-02-review.md +35 -35
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/code-review-steps/step-03-triage.md +49 -49
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/code-review-steps/step-04-present.md +131 -131
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/code-review.md +89 -89
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/correct-course.md +300 -300
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/create-story.md +428 -428
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/dev-agent.md +73 -73
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/dev-story-checklist.md +80 -80
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/dev-story.md +484 -484
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/investigate.md +193 -193
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/qa-e2e-tests.md +175 -175
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/quick-dev.md +110 -110
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/retrospective.md +1511 -1511
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/sprint-planning.md +298 -298
- package/src/bmad-plus/packs/pack-dev-studio/categories/implementation/sprint-status.md +296 -296
- package/src/bmad-plus/packs/pack-dev-studio/categories/planning/create-prd.md +29 -29
- package/src/bmad-plus/packs/pack-dev-studio/categories/planning/create-ux-design.md +74 -74
- package/src/bmad-plus/packs/pack-dev-studio/categories/planning/edit-prd.md +29 -29
- package/src/bmad-plus/packs/pack-dev-studio/categories/planning/pm-agent.md +73 -73
- package/src/bmad-plus/packs/pack-dev-studio/categories/planning/prd.md +89 -89
- package/src/bmad-plus/packs/pack-dev-studio/categories/planning/ux-designer-agent.md +73 -73
- package/src/bmad-plus/packs/pack-dev-studio/categories/planning/validate-prd.md +29 -29
- package/src/bmad-plus/packs/pack-dev-studio/categories/utilities/advanced-elicitation.md +141 -141
- package/src/bmad-plus/packs/pack-dev-studio/categories/utilities/adversarial-review.md +37 -37
- package/src/bmad-plus/packs/pack-dev-studio/categories/utilities/bmad-help.md +75 -75
- package/src/bmad-plus/packs/pack-dev-studio/categories/utilities/brainstorming.md +6 -6
- package/src/bmad-plus/packs/pack-dev-studio/categories/utilities/customize.md +110 -110
- package/src/bmad-plus/packs/pack-dev-studio/categories/utilities/distillator.md +176 -176
- package/src/bmad-plus/packs/pack-dev-studio/categories/utilities/edge-case-hunter.md +67 -67
- package/src/bmad-plus/packs/pack-dev-studio/categories/utilities/editorial-review-prose.md +86 -86
- package/src/bmad-plus/packs/pack-dev-studio/categories/utilities/editorial-review-structure.md +179 -179
- package/src/bmad-plus/packs/pack-dev-studio/categories/utilities/index-docs.md +66 -66
- package/src/bmad-plus/packs/pack-dev-studio/categories/utilities/party-mode.md +127 -127
- package/src/bmad-plus/packs/pack-dev-studio/categories/utilities/shard-doc.md +105 -105
- package/src/bmad-plus/packs/pack-dev-studio/dev-studio-orchestrator.md +120 -120
- package/src/bmad-plus/packs/pack-dev-studio/shared/architecture-decision-template.md +12 -12
- package/src/bmad-plus/packs/pack-dev-studio/shared/bwml-spec.md +328 -328
- package/src/bmad-plus/packs/pack-dev-studio/shared/module-help.csv +32 -32
- package/src/bmad-plus/packs/pack-dev-studio/upstream-sync.yaml +81 -81
- package/src/bmad-plus/packs/pack-memory/README.md +106 -106
- package/src/bmad-plus/packs/pack-memory/memory-orchestrator.md +79 -79
- package/src/bmad-plus/packs/pack-memory/shared/karpathy-guardrails.md +86 -86
- package/src/bmad-plus/packs/pack-memory/shared/memory-protocol.md +143 -143
- package/src/bmad-plus/packs/pack-memory/templates/context.md +39 -39
- package/src/bmad-plus/packs/pack-memory/templates/decisions.md +25 -25
- package/src/bmad-plus/packs/pack-memory/templates/identity.yaml +39 -39
- package/src/bmad-plus/packs/pack-memory/templates/lessons.md +31 -31
- package/src/bmad-plus/packs/pack-memory/templates/patterns.md +24 -24
- package/src/bmad-plus/packs/pack-memory/templates/session-handoff.md +25 -25
- package/src/bmad-plus/packs/pack-memory/zecher-agent.md +157 -157
- package/src/bmad-plus/packs/pack-seo/SKILL.md +171 -0
- package/src/bmad-plus/packs/pack-seo/checklist.md +140 -0
- package/src/bmad-plus/packs/pack-seo/pagespeed-playbook.md +320 -0
- package/src/bmad-plus/packs/pack-seo/ref/audit-schema.json +187 -0
- package/src/bmad-plus/packs/pack-seo/ref/cwv-thresholds.md +87 -0
- package/src/bmad-plus/packs/pack-seo/ref/eeat-criteria.md +123 -0
- package/src/bmad-plus/packs/pack-seo/ref/geo-signals.md +167 -0
- package/src/bmad-plus/packs/pack-seo/ref/hreflang-rules.md +153 -0
- package/src/bmad-plus/packs/pack-seo/ref/quality-gates.md +133 -0
- package/src/bmad-plus/packs/pack-seo/ref/schema-catalog.md +91 -0
- package/src/bmad-plus/packs/pack-seo/ref/schema-templates.json +356 -0
- package/src/bmad-plus/packs/pack-seo/seo-chief.md +294 -0
- package/src/bmad-plus/packs/pack-seo/seo-judge.md +241 -0
- package/src/bmad-plus/packs/pack-seo/seo-scout.md +171 -0
- package/src/bmad-plus/packs/pack-seo/templates/seo-audit-workflow.md +241 -0
- package/src/bmad-plus/packs/pack-shield/README.md +110 -110
- package/src/bmad-plus/packs/pack-shield/categories/accessibility-esg/csrd-agent.md +262 -262
- package/src/bmad-plus/packs/pack-shield/categories/accessibility-esg/section508-agent.md +179 -179
- package/src/bmad-plus/packs/pack-shield/categories/accessibility-esg/wcag-agent.md +201 -201
- package/src/bmad-plus/packs/pack-shield/categories/ai-governance/eu-ai-act-agent.md +97 -97
- package/src/bmad-plus/packs/pack-shield/categories/ai-governance/iso42001-agent.md +251 -251
- package/src/bmad-plus/packs/pack-shield/categories/ai-governance/nist-ai-rmf-agent.md +133 -133
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/cis-controls-agent.md +221 -221
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/ism-agent.md +150 -150
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/iso27001-agent.md +167 -167
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/nis2-agent.md +83 -83
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/nist-800-53-agent.md +250 -250
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/nist-csf-agent.md +218 -218
- package/src/bmad-plus/packs/pack-shield/categories/data-privacy/ccpa-agent.md +94 -94
- package/src/bmad-plus/packs/pack-shield/categories/data-privacy/dpdpa-agent.md +136 -136
- package/src/bmad-plus/packs/pack-shield/categories/data-privacy/gdpr-agent.md +296 -296
- package/src/bmad-plus/packs/pack-shield/categories/data-privacy/iso27701-agent.md +134 -134
- package/src/bmad-plus/packs/pack-shield/categories/data-privacy/lgpd-agent.md +129 -129
- package/src/bmad-plus/packs/pack-shield/categories/defense-export/cmmc-agent.md +127 -127
- package/src/bmad-plus/packs/pack-shield/categories/defense-export/ear-agent.md +272 -272
- package/src/bmad-plus/packs/pack-shield/categories/defense-export/itar-agent.md +202 -202
- package/src/bmad-plus/packs/pack-shield/categories/defense-export/tsa-agent.md +367 -367
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/dora-agent.md +510 -510
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/fedramp-agent.md +247 -247
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/hipaa-agent.md +173 -173
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/pci-dss-agent.md +239 -239
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/soc2-agent.md +266 -266
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/swift-csp-agent.md +164 -164
- package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-classifier.md +131 -131
- package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-fria.md +155 -155
- package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-incidents.md +187 -187
- package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-roles.md +113 -113
- package/src/bmad-plus/packs/pack-shield/categories/workflows/breach-sentinel.md +197 -197
- package/src/bmad-plus/packs/pack-shield/categories/workflows/cookie-policy-gen.md +180 -180
- package/src/bmad-plus/packs/pack-shield/categories/workflows/dpia-sentinel.md +235 -235
- package/src/bmad-plus/packs/pack-shield/categories/workflows/legitimate-interest.md +159 -159
- package/src/bmad-plus/packs/pack-shield/categories/workflows/privacy-advisor.md +133 -133
- package/src/bmad-plus/packs/pack-shield/categories/workflows/privacy-notice-gen.md +160 -160
- package/src/bmad-plus/packs/pack-shield/categories/workflows/privacy-policy-gen.md +135 -135
- package/src/bmad-plus/packs/pack-shield/references/ccpa/ccpa-gdpr-comparison.md +117 -117
- package/src/bmad-plus/packs/pack-shield/references/ccpa/consumer-rights-workflows.md +177 -177
- package/src/bmad-plus/packs/pack-shield/references/cis-controls/framework-mappings.md +162 -162
- package/src/bmad-plus/packs/pack-shield/references/cis-controls/implementation-guidance.md +235 -235
- package/src/bmad-plus/packs/pack-shield/references/cis-controls/safeguards-detail.md +252 -252
- package/src/bmad-plus/packs/pack-shield/references/cmmc/cmmc-assessment.md +170 -170
- package/src/bmad-plus/packs/pack-shield/references/cmmc/cmmc-levels.md +113 -113
- package/src/bmad-plus/packs/pack-shield/references/cmmc/cmmc-practices.md +211 -211
- package/src/bmad-plus/packs/pack-shield/references/csrd/compliance-program.md +281 -281
- package/src/bmad-plus/packs/pack-shield/references/csrd/double-materiality.md +253 -253
- package/src/bmad-plus/packs/pack-shield/references/csrd/esrs-standards.md +401 -401
- package/src/bmad-plus/packs/pack-shield/references/dora/article-reference.md +441 -441
- package/src/bmad-plus/packs/pack-shield/references/dora/incident-classification.md +297 -297
- package/src/bmad-plus/packs/pack-shield/references/dora/rts-its-guide.md +306 -306
- package/src/bmad-plus/packs/pack-shield/references/dora/third-party-risk.md +349 -349
- package/src/bmad-plus/packs/pack-shield/references/dpdpa/gdpr-comparison.md +173 -173
- package/src/bmad-plus/packs/pack-shield/references/dpdpa/rights-and-obligations.md +426 -426
- package/src/bmad-plus/packs/pack-shield/references/dpdpa/rules-2025.md +599 -599
- package/src/bmad-plus/packs/pack-shield/references/dpdpa/sections-reference.md +319 -319
- package/src/bmad-plus/packs/pack-shield/references/ear/ccl-eccn-guide.md +250 -250
- package/src/bmad-plus/packs/pack-shield/references/ear/compliance-program.md +280 -280
- package/src/bmad-plus/packs/pack-shield/references/ear/license-exceptions.md +207 -207
- package/src/bmad-plus/packs/pack-shield/references/eu-ai-act/gpai-governance.md +267 -267
- package/src/bmad-plus/packs/pack-shield/references/eu-ai-act/obligations-high-risk.md +287 -287
- package/src/bmad-plus/packs/pack-shield/references/eu-ai-act/risk-classification.md +182 -182
- package/src/bmad-plus/packs/pack-shield/references/fedramp/appendices-guide.md +209 -209
- package/src/bmad-plus/packs/pack-shield/references/fedramp/control-families.md +281 -281
- package/src/bmad-plus/packs/pack-shield/references/fedramp/poam-guide.md +93 -93
- package/src/bmad-plus/packs/pack-shield/references/fedramp/readiness-checklist.md +134 -134
- package/src/bmad-plus/packs/pack-shield/references/fedramp/sap-sar-guide.md +86 -86
- package/src/bmad-plus/packs/pack-shield/references/fedramp/ssp-guide.md +129 -129
- package/src/bmad-plus/packs/pack-shield/references/gdpr-compliance/documents.md +192 -192
- package/src/bmad-plus/packs/pack-shield/references/gdpr-compliance/dpa-template.md +121 -121
- package/src/bmad-plus/packs/pack-shield/references/gdpr-compliance/privacy-notice.md +87 -87
- package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/breach-notification.md +293 -293
- package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/privacy-rule.md +276 -276
- package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/security-rule.md +299 -299
- package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/templates.md +568 -568
- package/src/bmad-plus/packs/pack-shield/references/ism/control-applicability.md +181 -181
- package/src/bmad-plus/packs/pack-shield/references/ism/guidelines-overview.md +183 -183
- package/src/bmad-plus/packs/pack-shield/references/iso27001/annex-a-2013.md +203 -203
- package/src/bmad-plus/packs/pack-shield/references/iso27001/annex-a-2022.md +132 -132
- package/src/bmad-plus/packs/pack-shield/references/iso27001/control-mapping.md +153 -153
- package/src/bmad-plus/packs/pack-shield/references/iso27701/annex-a-controls.md +195 -195
- package/src/bmad-plus/packs/pack-shield/references/iso27701/regulatory-mapping.md +229 -229
- package/src/bmad-plus/packs/pack-shield/references/iso27701/transition-guide.md +219 -219
- package/src/bmad-plus/packs/pack-shield/references/iso42001/iso42001-ai-risk-assessment.md +258 -258
- package/src/bmad-plus/packs/pack-shield/references/iso42001/iso42001-clauses-requirements.md +279 -279
- package/src/bmad-plus/packs/pack-shield/references/iso42001/iso42001-controls-annex-a.md +155 -155
- package/src/bmad-plus/packs/pack-shield/references/itar/compliance-program.md +174 -174
- package/src/bmad-plus/packs/pack-shield/references/itar/licensing-guide.md +146 -146
- package/src/bmad-plus/packs/pack-shield/references/itar/usml-categories.md +93 -93
- package/src/bmad-plus/packs/pack-shield/references/lgpd/anpd-enforcement.md +147 -147
- package/src/bmad-plus/packs/pack-shield/references/lgpd/compliance-program.md +272 -272
- package/src/bmad-plus/packs/pack-shield/references/lgpd/lgpd-articles.md +271 -271
- package/src/bmad-plus/packs/pack-shield/references/nis2/article-21-measures.md +153 -153
- package/src/bmad-plus/packs/pack-shield/references/nis2/iso27001-nis2-mapping.md +68 -68
- package/src/bmad-plus/packs/pack-shield/references/nist-800-53/assessment-rmf.md +349 -349
- package/src/bmad-plus/packs/pack-shield/references/nist-800-53/baselines-tailoring.md +277 -277
- package/src/bmad-plus/packs/pack-shield/references/nist-800-53/control-families.md +450 -450
- package/src/bmad-plus/packs/pack-shield/references/nist-ai-rmf/rmf-core.md +361 -361
- package/src/bmad-plus/packs/pack-shield/references/nist-ai-rmf/rmf-profiles.md +192 -192
- package/src/bmad-plus/packs/pack-shield/references/nist-csf/csf-10-to-20-mapping.md +143 -143
- package/src/bmad-plus/packs/pack-shield/references/nist-csf/csf-20-functions-categories.md +278 -278
- package/src/bmad-plus/packs/pack-shield/references/nist-csf/csf-implementation-tiers.md +135 -135
- package/src/bmad-plus/packs/pack-shield/references/pci-compliance/pci-dss-requirements.md +366 -366
- package/src/bmad-plus/packs/pack-shield/references/pci-compliance/pci-dss-saq-guide.md +217 -217
- package/src/bmad-plus/packs/pack-shield/references/pci-compliance/pci-dss-v4-changes.md +190 -190
- package/src/bmad-plus/packs/pack-shield/references/section-508/wcag-mapping.md +160 -160
- package/src/bmad-plus/packs/pack-shield/references/soc2/controls.md +241 -241
- package/src/bmad-plus/packs/pack-shield/references/soc2/evidence.md +236 -236
- package/src/bmad-plus/packs/pack-shield/references/soc2/policies.md +254 -254
- package/src/bmad-plus/packs/pack-shield/references/soc2/vendor.md +276 -276
- package/src/bmad-plus/packs/pack-shield/references/swift-csp/swift-assessment.md +202 -202
- package/src/bmad-plus/packs/pack-shield/references/swift-csp/swift-controls.md +545 -545
- package/src/bmad-plus/packs/pack-shield/references/tsa-compliance/tsa-crmp-requirements.md +359 -359
- package/src/bmad-plus/packs/pack-shield/references/tsa-compliance/tsa-directives-overview.md +187 -187
- package/src/bmad-plus/packs/pack-shield/references/tsa-compliance/tsa-incident-reporting.md +187 -187
- package/src/bmad-plus/packs/pack-shield/references/wcag/criteria-detail.md +510 -510
- package/src/bmad-plus/packs/pack-shield/shared/audit-report-template.md +103 -103
- package/src/bmad-plus/packs/pack-shield/shared/cross-framework-mapper.md +103 -103
- package/src/bmad-plus/packs/pack-shield/shared/gap-analysis-template.md +83 -83
- package/src/bmad-plus/packs/pack-shield/shield-orchestrator.md +229 -229
- package/src/bmad-plus/packs/pack-shield/upstream-sync.yaml +68 -68
- package/src/bmad-plus/skills/bmad-plus-autopilot/SKILL.md +99 -99
- package/src/bmad-plus/skills/bmad-plus-parallel/SKILL.md +93 -93
- package/src/bmad-plus/skills/bmad-plus-sync/SKILL.md +69 -69
- package/tools/cli/commands/autoconfig.js +498 -489
- package/tools/cli/commands/doctor.js +222 -222
- package/tools/cli/commands/install.js +739 -739
- package/tools/cli/commands/memory.js +194 -194
- package/tools/cli/commands/scan.js +360 -350
- package/tools/cli/commands/uninstall.js +96 -96
- package/tools/cli/commands/update.js +174 -174
- package/tools/cli/i18n.js +763 -763
|
@@ -1,253 +1,253 @@
|
|
|
1
|
-
# Double Materiality Assessment (DMA) — Methodology and Templates
|
|
2
|
-
|
|
3
|
-
## Overview
|
|
4
|
-
|
|
5
|
-
The Double Materiality Assessment is the mandatory first step in CSRD compliance (ESRS 1, paras. 19–56). Every in-scope company must complete a DMA before deciding which ESRS topical standards to report on. The DMA determines what is reported; it cannot be completed retrospectively.
|
|
6
|
-
|
|
7
|
-
---
|
|
8
|
-
|
|
9
|
-
## Two Perspectives Explained
|
|
10
|
-
|
|
11
|
-
### 1. Impact Materiality (Inside-Out)
|
|
12
|
-
*Does the company have actual or potential impacts on people or the environment?*
|
|
13
|
-
|
|
14
|
-
**Scope:** Own operations + upstream and downstream value chain
|
|
15
|
-
|
|
16
|
-
**Actual impacts:** Currently occurring
|
|
17
|
-
**Potential impacts:** Could occur in the future (assess likelihood)
|
|
18
|
-
|
|
19
|
-
**Positive impacts:** Benefits to people or environment (e.g., jobs created, carbon sequestration)
|
|
20
|
-
**Negative impacts:** Harm to people or environment (e.g., pollution, unsafe working conditions)
|
|
21
|
-
|
|
22
|
-
**Significance assessment formula:**
|
|
23
|
-
- *Negative actual impacts:* Scale × Scope × Irremediability
|
|
24
|
-
- *Negative potential impacts:* Scale × Scope × Irremediability × Likelihood
|
|
25
|
-
- *Positive actual impacts:* Scale × Scope
|
|
26
|
-
- *Positive potential impacts:* Scale × Scope × Likelihood
|
|
27
|
-
|
|
28
|
-
**Definitions:**
|
|
29
|
-
| Criterion | Definition |
|
|
30
|
-
|-----------|-----------|
|
|
31
|
-
| Scale | Severity of the impact on people or environment |
|
|
32
|
-
| Scope | How widespread (number of people affected / geographic area) |
|
|
33
|
-
| Irremediability | Difficulty of restoring pre-impact state |
|
|
34
|
-
| Likelihood | Probability of potential impact occurring |
|
|
35
|
-
|
|
36
|
-
### 2. Financial Materiality (Outside-In)
|
|
37
|
-
*Does the sustainability matter create risks or opportunities affecting the company's finances?*
|
|
38
|
-
|
|
39
|
-
**Financial effects include:** Revenue, costs, assets, liabilities, cash flows, access to finance, cost of capital
|
|
40
|
-
|
|
41
|
-
**Time horizons:** Short-term (<1 year), medium-term (1–5 years), long-term (>5 years)
|
|
42
|
-
|
|
43
|
-
**Assessment criteria:**
|
|
44
|
-
- Magnitude: How large could the financial effect be? (quantify where possible)
|
|
45
|
-
- Likelihood: How probable is the financial effect?
|
|
46
|
-
|
|
47
|
-
**Sources of financial risks and opportunities:**
|
|
48
|
-
- Physical risks (acute: extreme weather; chronic: temperature, sea-level)
|
|
49
|
-
- Transition risks (policy/regulation, technology, market, reputational)
|
|
50
|
-
- Opportunities (energy efficiency, new markets, brand value, talent attraction)
|
|
51
|
-
|
|
52
|
-
### The Materiality Threshold
|
|
53
|
-
A topic is **material** if it meets EITHER the impact materiality threshold OR the financial materiality threshold (or both).
|
|
54
|
-
|
|
55
|
-
There is no prescribed numerical threshold — companies set their own thresholds, which must be justified and disclosed (ESRS 2 IRO-1).
|
|
56
|
-
|
|
57
|
-
---
|
|
58
|
-
|
|
59
|
-
## DMA Process — Step by Step
|
|
60
|
-
|
|
61
|
-
### Step 1: Understand the Context (ESRS 1, para. 45)
|
|
62
|
-
|
|
63
|
-
**Activities:**
|
|
64
|
-
1. Map the business model: products/services, markets, geographies
|
|
65
|
-
2. Map the value chain: key suppliers (tier 1 and beyond), distribution, customers, end-users
|
|
66
|
-
3. Identify the company's key activities, assets, and relationships
|
|
67
|
-
4. Identify sector-specific sustainability risks using industry references (ESRS sector standards when published, SASB, GRI sector standards)
|
|
68
|
-
|
|
69
|
-
**Output:** Business context document / value chain map
|
|
70
|
-
|
|
71
|
-
---
|
|
72
|
-
|
|
73
|
-
### Step 2: Identify Actual and Potential Impacts (ESRS 1, paras. 46–48)
|
|
74
|
-
|
|
75
|
-
**Sources of impact identification:**
|
|
76
|
-
- Internal: operations review, incident data, management interviews
|
|
77
|
-
- External: stakeholder engagement, industry benchmarks, peer analysis, ESG ratings
|
|
78
|
-
|
|
79
|
-
**Stakeholder engagement (ESRS 1, para. 22):**
|
|
80
|
-
ESRS requires meaningful engagement with affected stakeholders and users of sustainability reporting. Stakeholders to engage:
|
|
81
|
-
- Workers (own and value chain)
|
|
82
|
-
- Local communities
|
|
83
|
-
- Customers / consumers
|
|
84
|
-
- NGOs and civil society
|
|
85
|
-
- Investors and financial institutions
|
|
86
|
-
- Regulators
|
|
87
|
-
|
|
88
|
-
**Output:** Long list of potential impacts per ESRS topic area
|
|
89
|
-
|
|
90
|
-
---
|
|
91
|
-
|
|
92
|
-
### Step 3: Assess Significance of Impacts
|
|
93
|
-
|
|
94
|
-
Rate each identified impact on each criterion using a 1–5 scale (or equivalent):
|
|
95
|
-
|
|
96
|
-
**Impact Scoring Matrix:**
|
|
97
|
-
|
|
98
|
-
| Score | Scale | Scope | Irremediability | Likelihood |
|
|
99
|
-
|-------|-------|-------|----------------|-----------|
|
|
100
|
-
| 1 | Minimal | Very local / few individuals | Easily remediable | Very unlikely (<5%) |
|
|
101
|
-
| 2 | Low | Local / small group | Mostly remediable | Unlikely (5–25%) |
|
|
102
|
-
| 3 | Moderate | Regional / significant group | Partially remediable | Possible (25–50%) |
|
|
103
|
-
| 4 | High | National / large group | Mostly irreversible | Likely (50–75%) |
|
|
104
|
-
| 5 | Severe | International / systemic | Irreversible | Very likely (>75%) |
|
|
105
|
-
|
|
106
|
-
**Severity score (negative actual):** Scale × Scope × Irremediability (max 125)
|
|
107
|
-
**Severity score (negative potential):** Scale × Scope × Irremediability × Likelihood (max 625)
|
|
108
|
-
|
|
109
|
-
**Materiality threshold:** Company-defined (example: severity ≥ 27 for actual impacts; ≥ 50 for potential impacts)
|
|
110
|
-
|
|
111
|
-
---
|
|
112
|
-
|
|
113
|
-
### Step 4: Identify Financial Risks and Opportunities
|
|
114
|
-
|
|
115
|
-
For each ESRS topic, assess whether there are associated financial risks or opportunities.
|
|
116
|
-
|
|
117
|
-
**Financial Risk/Opportunity Identification Template:**
|
|
118
|
-
|
|
119
|
-
| ESRS Topic | Risk/Opportunity Type | Description | Time Horizon | Potential Financial Effect |
|
|
120
|
-
|-----------|----------------------|-------------|-------------|--------------------------|
|
|
121
|
-
| Climate (E1) | Physical risk (acute) | Flooding of key manufacturing site | Short-term | Asset damage, business interruption |
|
|
122
|
-
| Climate (E1) | Transition risk | Carbon pricing increases operating costs | Medium-term | Higher fuel/energy costs |
|
|
123
|
-
| Water (E3) | Physical risk (chronic) | Water scarcity in production region | Long-term | Supply disruption, increased costs |
|
|
124
|
-
| Workforce (S1) | Opportunity | Employer brand attracts talent | Short-term | Lower recruitment costs, retention |
|
|
125
|
-
|
|
126
|
-
---
|
|
127
|
-
|
|
128
|
-
### Step 5: Assess Financial Significance
|
|
129
|
-
|
|
130
|
-
Rate identified risks/opportunities:
|
|
131
|
-
|
|
132
|
-
| Rating | Magnitude | Likelihood |
|
|
133
|
-
|--------|-----------|-----------|
|
|
134
|
-
| Low | <1% of EBITDA | <25% |
|
|
135
|
-
| Medium | 1–5% of EBITDA | 25–75% |
|
|
136
|
-
| High | >5% of EBITDA | >75% |
|
|
137
|
-
|
|
138
|
-
**Financial materiality score:** Magnitude × Likelihood → topic is financially material if score exceeds threshold.
|
|
139
|
-
|
|
140
|
-
---
|
|
141
|
-
|
|
142
|
-
### Step 6: Determine Materiality — Topic by Topic
|
|
143
|
-
|
|
144
|
-
Apply the materiality determination matrix:
|
|
145
|
-
|
|
146
|
-
| ESRS Topic | Impact Material? | Financially Material? | Overall Materiality | Report? |
|
|
147
|
-
|-----------|-----------------|----------------------|-------------------|---------|
|
|
148
|
-
| E1 Climate | Yes (Scope 3 GHG) | Yes (carbon pricing risk) | **MATERIAL** | Full ESRS E1 |
|
|
149
|
-
| E2 Pollution | No | No | Non-material | Omit (brief statement) |
|
|
150
|
-
| E3 Water | Yes (operations in water-stressed area) | No | **MATERIAL** | Full ESRS E3 |
|
|
151
|
-
| S1 Own Workforce | Yes | No | **MATERIAL** | Full ESRS S1 |
|
|
152
|
-
| G1 Business Conduct | No | Yes (compliance risk) | **MATERIAL** | Full ESRS G1 |
|
|
153
|
-
|
|
154
|
-
---
|
|
155
|
-
|
|
156
|
-
### Step 7: Document the DMA (ESRS 2 SBM-3 + IRO-1)
|
|
157
|
-
|
|
158
|
-
**Mandatory disclosures about the DMA process:**
|
|
159
|
-
|
|
160
|
-
*ESRS 2 IRO-1 — Description of the process to identify and assess material IROs:*
|
|
161
|
-
- Scope of assessment (own operations / value chain depth)
|
|
162
|
-
- Methodology and criteria used
|
|
163
|
-
- How stakeholders were engaged
|
|
164
|
-
- Timeline and frequency of DMA
|
|
165
|
-
- How the results inform strategy and reporting
|
|
166
|
-
|
|
167
|
-
*ESRS 2 SBM-3 — Material impacts, risks and opportunities:*
|
|
168
|
-
- Complete list of material topics identified
|
|
169
|
-
- How material IROs interact with business model and strategy
|
|
170
|
-
- Current and anticipated financial effects
|
|
171
|
-
|
|
172
|
-
**Materiality Statement:** Brief explanation for each ESRS topic found non-material (why it was excluded).
|
|
173
|
-
|
|
174
|
-
---
|
|
175
|
-
|
|
176
|
-
### Step 8: Validate and Update
|
|
177
|
-
|
|
178
|
-
- DMA must be updated at least annually
|
|
179
|
-
- Trigger for mid-period review: significant business change, new regulation, emerging risk, stakeholder concern
|
|
180
|
-
- Changes to materiality conclusions must be disclosed
|
|
181
|
-
|
|
182
|
-
---
|
|
183
|
-
|
|
184
|
-
## Sector-Specific Guidance
|
|
185
|
-
|
|
186
|
-
### High-Likelihood Material Topics by Sector
|
|
187
|
-
|
|
188
|
-
| Sector | Typically Material |
|
|
189
|
-
|--------|-------------------|
|
|
190
|
-
| Energy / Utilities | E1 (Climate), E2 (Pollution), E3 (Water), G1 (Business Conduct) |
|
|
191
|
-
| Financial Services | E1 (financed emissions), G1 (Business Conduct), S4 (Consumers) |
|
|
192
|
-
| Manufacturing | E1 (GHG), E2 (Pollution), E5 (Circular Economy), S1 (Workforce), S2 (Value Chain) |
|
|
193
|
-
| Retail / Consumer Goods | E1, E5 (packaging/waste), S2 (supply chain labour), S4 (consumers) |
|
|
194
|
-
| Agriculture / Food | E3 (Water), E4 (Biodiversity), E2 (Pollution), S2 (Value Chain) |
|
|
195
|
-
| Construction / Real Estate | E1 (building emissions), E5 (materials), E4 (land use), S3 (communities) |
|
|
196
|
-
| Technology | S1 (Workforce), S4 (data protection/consumers), G1 (Business Conduct) |
|
|
197
|
-
| Mining / Extractives | E1, E2, E3, E4, S3 (communities), G1 |
|
|
198
|
-
| Healthcare / Pharma | S4 (consumers), S1 (workforce), G1 (business conduct), E1 |
|
|
199
|
-
|
|
200
|
-
---
|
|
201
|
-
|
|
202
|
-
## DMA Documentation Templates
|
|
203
|
-
|
|
204
|
-
### Impact Register Template
|
|
205
|
-
|
|
206
|
-
| ID | ESRS Topic | Impact Description | Direction | Scope | Time Horizon | Scale (1-5) | Scope (1-5) | Irremediability (1-5) | Likelihood (1-5) | Severity Score | Material? |
|
|
207
|
-
|----|-----------|-------------------|-----------|-------|-------------|------------|------------|----------------------|----------------|---------------|-----------|
|
|
208
|
-
| I-001 | E1 | Scope 3 GHG emissions from product use | Negative | Downstream | Long-term | 5 | 5 | 4 | 5 | 500 | YES |
|
|
209
|
-
| I-002 | S1 | Gender pay inequity among employees | Negative | Own ops | Short-term | 3 | 3 | 3 | 4 | 108 | YES |
|
|
210
|
-
| I-003 | E4 | No operations near biodiversity areas | n/a | — | — | 1 | 1 | 1 | 1 | 1 | NO |
|
|
211
|
-
|
|
212
|
-
### Financial Risk/Opportunity Register Template
|
|
213
|
-
|
|
214
|
-
| ID | ESRS Topic | Type | Description | Time Horizon | Magnitude | Likelihood | Financial Score | Material? |
|
|
215
|
-
|----|-----------|------|-------------|-------------|-----------|-----------|----------------|-----------|
|
|
216
|
-
| F-001 | E1 | Transition risk | EU ETS carbon costs increase | Short-medium | High | High | HIGH | YES |
|
|
217
|
-
| F-002 | E3 | Physical risk | Water scarcity affects key plant | Long-term | Medium | Medium | MEDIUM | YES |
|
|
218
|
-
| F-003 | S1 | Opportunity | ESG leader attracts talent | Short-term | Low | Medium | LOW | NO |
|
|
219
|
-
|
|
220
|
-
### DMA Summary Table
|
|
221
|
-
|
|
222
|
-
| ESRS Standard | Topic | Impact Materiality | Financial Materiality | Overall Material | First Reporting Year |
|
|
223
|
-
|--------------|-------|-------------------|----------------------|-----------------|---------------------|
|
|
224
|
-
| E1 | Climate Change | ✓ | ✓ | ✓ | FY 2025 |
|
|
225
|
-
| E2 | Pollution | ✗ | ✗ | ✗ | — |
|
|
226
|
-
| E3 | Water & Marine | ✓ | ✓ | ✓ | FY 2025 |
|
|
227
|
-
| E4 | Biodiversity | ✗ | ✗ | ✗ | — |
|
|
228
|
-
| E5 | Circular Economy | ✓ | ✗ | ✓ | FY 2025 |
|
|
229
|
-
| S1 | Own Workforce | ✓ | ✗ | ✓ | FY 2025 |
|
|
230
|
-
| S2 | Value Chain Workers | ✓ | ✗ | ✓ | FY 2025 |
|
|
231
|
-
| S3 | Communities | ✗ | ✗ | ✗ | — |
|
|
232
|
-
| S4 | Consumers | ✗ | ✓ | ✓ | FY 2025 |
|
|
233
|
-
| G1 | Business Conduct | ✓ | ✓ | ✓ | FY 2025 |
|
|
234
|
-
|
|
235
|
-
---
|
|
236
|
-
|
|
237
|
-
## Common DMA Pitfalls
|
|
238
|
-
|
|
239
|
-
**1. Scope too narrow:** Limiting the DMA to own operations only; ESRS requires value chain consideration where material.
|
|
240
|
-
|
|
241
|
-
**2. Stakeholder engagement inadequate:** Consulting only investors; ESRS requires engagement with affected stakeholders (workers, communities).
|
|
242
|
-
|
|
243
|
-
**3. Financial materiality neglected:** Conducting only impact assessment; financial risks/opportunities must be assessed separately.
|
|
244
|
-
|
|
245
|
-
**4. Thresholds not justified:** Setting arbitrary thresholds without documenting the rationale; thresholds must be disclosed in IRO-1.
|
|
246
|
-
|
|
247
|
-
**5. DMA done retrospectively:** Completing the DMA after deciding what to report; the DMA must drive reporting decisions.
|
|
248
|
-
|
|
249
|
-
**6. Over-exclusion:** Excluding topics from reporting without adequate justification; ESRS requires a brief explanation for excluded topics.
|
|
250
|
-
|
|
251
|
-
**7. Static DMA:** Treating DMA as a one-time exercise; it must be reviewed at least annually.
|
|
252
|
-
|
|
253
|
-
**8. Climate auto-excluded:** Climate change (E1) is presumed material for most companies; requires robust justification and strong evidence to exclude.
|
|
1
|
+
# Double Materiality Assessment (DMA) — Methodology and Templates
|
|
2
|
+
|
|
3
|
+
## Overview
|
|
4
|
+
|
|
5
|
+
The Double Materiality Assessment is the mandatory first step in CSRD compliance (ESRS 1, paras. 19–56). Every in-scope company must complete a DMA before deciding which ESRS topical standards to report on. The DMA determines what is reported; it cannot be completed retrospectively.
|
|
6
|
+
|
|
7
|
+
---
|
|
8
|
+
|
|
9
|
+
## Two Perspectives Explained
|
|
10
|
+
|
|
11
|
+
### 1. Impact Materiality (Inside-Out)
|
|
12
|
+
*Does the company have actual or potential impacts on people or the environment?*
|
|
13
|
+
|
|
14
|
+
**Scope:** Own operations + upstream and downstream value chain
|
|
15
|
+
|
|
16
|
+
**Actual impacts:** Currently occurring
|
|
17
|
+
**Potential impacts:** Could occur in the future (assess likelihood)
|
|
18
|
+
|
|
19
|
+
**Positive impacts:** Benefits to people or environment (e.g., jobs created, carbon sequestration)
|
|
20
|
+
**Negative impacts:** Harm to people or environment (e.g., pollution, unsafe working conditions)
|
|
21
|
+
|
|
22
|
+
**Significance assessment formula:**
|
|
23
|
+
- *Negative actual impacts:* Scale × Scope × Irremediability
|
|
24
|
+
- *Negative potential impacts:* Scale × Scope × Irremediability × Likelihood
|
|
25
|
+
- *Positive actual impacts:* Scale × Scope
|
|
26
|
+
- *Positive potential impacts:* Scale × Scope × Likelihood
|
|
27
|
+
|
|
28
|
+
**Definitions:**
|
|
29
|
+
| Criterion | Definition |
|
|
30
|
+
|-----------|-----------|
|
|
31
|
+
| Scale | Severity of the impact on people or environment |
|
|
32
|
+
| Scope | How widespread (number of people affected / geographic area) |
|
|
33
|
+
| Irremediability | Difficulty of restoring pre-impact state |
|
|
34
|
+
| Likelihood | Probability of potential impact occurring |
|
|
35
|
+
|
|
36
|
+
### 2. Financial Materiality (Outside-In)
|
|
37
|
+
*Does the sustainability matter create risks or opportunities affecting the company's finances?*
|
|
38
|
+
|
|
39
|
+
**Financial effects include:** Revenue, costs, assets, liabilities, cash flows, access to finance, cost of capital
|
|
40
|
+
|
|
41
|
+
**Time horizons:** Short-term (<1 year), medium-term (1–5 years), long-term (>5 years)
|
|
42
|
+
|
|
43
|
+
**Assessment criteria:**
|
|
44
|
+
- Magnitude: How large could the financial effect be? (quantify where possible)
|
|
45
|
+
- Likelihood: How probable is the financial effect?
|
|
46
|
+
|
|
47
|
+
**Sources of financial risks and opportunities:**
|
|
48
|
+
- Physical risks (acute: extreme weather; chronic: temperature, sea-level)
|
|
49
|
+
- Transition risks (policy/regulation, technology, market, reputational)
|
|
50
|
+
- Opportunities (energy efficiency, new markets, brand value, talent attraction)
|
|
51
|
+
|
|
52
|
+
### The Materiality Threshold
|
|
53
|
+
A topic is **material** if it meets EITHER the impact materiality threshold OR the financial materiality threshold (or both).
|
|
54
|
+
|
|
55
|
+
There is no prescribed numerical threshold — companies set their own thresholds, which must be justified and disclosed (ESRS 2 IRO-1).
|
|
56
|
+
|
|
57
|
+
---
|
|
58
|
+
|
|
59
|
+
## DMA Process — Step by Step
|
|
60
|
+
|
|
61
|
+
### Step 1: Understand the Context (ESRS 1, para. 45)
|
|
62
|
+
|
|
63
|
+
**Activities:**
|
|
64
|
+
1. Map the business model: products/services, markets, geographies
|
|
65
|
+
2. Map the value chain: key suppliers (tier 1 and beyond), distribution, customers, end-users
|
|
66
|
+
3. Identify the company's key activities, assets, and relationships
|
|
67
|
+
4. Identify sector-specific sustainability risks using industry references (ESRS sector standards when published, SASB, GRI sector standards)
|
|
68
|
+
|
|
69
|
+
**Output:** Business context document / value chain map
|
|
70
|
+
|
|
71
|
+
---
|
|
72
|
+
|
|
73
|
+
### Step 2: Identify Actual and Potential Impacts (ESRS 1, paras. 46–48)
|
|
74
|
+
|
|
75
|
+
**Sources of impact identification:**
|
|
76
|
+
- Internal: operations review, incident data, management interviews
|
|
77
|
+
- External: stakeholder engagement, industry benchmarks, peer analysis, ESG ratings
|
|
78
|
+
|
|
79
|
+
**Stakeholder engagement (ESRS 1, para. 22):**
|
|
80
|
+
ESRS requires meaningful engagement with affected stakeholders and users of sustainability reporting. Stakeholders to engage:
|
|
81
|
+
- Workers (own and value chain)
|
|
82
|
+
- Local communities
|
|
83
|
+
- Customers / consumers
|
|
84
|
+
- NGOs and civil society
|
|
85
|
+
- Investors and financial institutions
|
|
86
|
+
- Regulators
|
|
87
|
+
|
|
88
|
+
**Output:** Long list of potential impacts per ESRS topic area
|
|
89
|
+
|
|
90
|
+
---
|
|
91
|
+
|
|
92
|
+
### Step 3: Assess Significance of Impacts
|
|
93
|
+
|
|
94
|
+
Rate each identified impact on each criterion using a 1–5 scale (or equivalent):
|
|
95
|
+
|
|
96
|
+
**Impact Scoring Matrix:**
|
|
97
|
+
|
|
98
|
+
| Score | Scale | Scope | Irremediability | Likelihood |
|
|
99
|
+
|-------|-------|-------|----------------|-----------|
|
|
100
|
+
| 1 | Minimal | Very local / few individuals | Easily remediable | Very unlikely (<5%) |
|
|
101
|
+
| 2 | Low | Local / small group | Mostly remediable | Unlikely (5–25%) |
|
|
102
|
+
| 3 | Moderate | Regional / significant group | Partially remediable | Possible (25–50%) |
|
|
103
|
+
| 4 | High | National / large group | Mostly irreversible | Likely (50–75%) |
|
|
104
|
+
| 5 | Severe | International / systemic | Irreversible | Very likely (>75%) |
|
|
105
|
+
|
|
106
|
+
**Severity score (negative actual):** Scale × Scope × Irremediability (max 125)
|
|
107
|
+
**Severity score (negative potential):** Scale × Scope × Irremediability × Likelihood (max 625)
|
|
108
|
+
|
|
109
|
+
**Materiality threshold:** Company-defined (example: severity ≥ 27 for actual impacts; ≥ 50 for potential impacts)
|
|
110
|
+
|
|
111
|
+
---
|
|
112
|
+
|
|
113
|
+
### Step 4: Identify Financial Risks and Opportunities
|
|
114
|
+
|
|
115
|
+
For each ESRS topic, assess whether there are associated financial risks or opportunities.
|
|
116
|
+
|
|
117
|
+
**Financial Risk/Opportunity Identification Template:**
|
|
118
|
+
|
|
119
|
+
| ESRS Topic | Risk/Opportunity Type | Description | Time Horizon | Potential Financial Effect |
|
|
120
|
+
|-----------|----------------------|-------------|-------------|--------------------------|
|
|
121
|
+
| Climate (E1) | Physical risk (acute) | Flooding of key manufacturing site | Short-term | Asset damage, business interruption |
|
|
122
|
+
| Climate (E1) | Transition risk | Carbon pricing increases operating costs | Medium-term | Higher fuel/energy costs |
|
|
123
|
+
| Water (E3) | Physical risk (chronic) | Water scarcity in production region | Long-term | Supply disruption, increased costs |
|
|
124
|
+
| Workforce (S1) | Opportunity | Employer brand attracts talent | Short-term | Lower recruitment costs, retention |
|
|
125
|
+
|
|
126
|
+
---
|
|
127
|
+
|
|
128
|
+
### Step 5: Assess Financial Significance
|
|
129
|
+
|
|
130
|
+
Rate identified risks/opportunities:
|
|
131
|
+
|
|
132
|
+
| Rating | Magnitude | Likelihood |
|
|
133
|
+
|--------|-----------|-----------|
|
|
134
|
+
| Low | <1% of EBITDA | <25% |
|
|
135
|
+
| Medium | 1–5% of EBITDA | 25–75% |
|
|
136
|
+
| High | >5% of EBITDA | >75% |
|
|
137
|
+
|
|
138
|
+
**Financial materiality score:** Magnitude × Likelihood → topic is financially material if score exceeds threshold.
|
|
139
|
+
|
|
140
|
+
---
|
|
141
|
+
|
|
142
|
+
### Step 6: Determine Materiality — Topic by Topic
|
|
143
|
+
|
|
144
|
+
Apply the materiality determination matrix:
|
|
145
|
+
|
|
146
|
+
| ESRS Topic | Impact Material? | Financially Material? | Overall Materiality | Report? |
|
|
147
|
+
|-----------|-----------------|----------------------|-------------------|---------|
|
|
148
|
+
| E1 Climate | Yes (Scope 3 GHG) | Yes (carbon pricing risk) | **MATERIAL** | Full ESRS E1 |
|
|
149
|
+
| E2 Pollution | No | No | Non-material | Omit (brief statement) |
|
|
150
|
+
| E3 Water | Yes (operations in water-stressed area) | No | **MATERIAL** | Full ESRS E3 |
|
|
151
|
+
| S1 Own Workforce | Yes | No | **MATERIAL** | Full ESRS S1 |
|
|
152
|
+
| G1 Business Conduct | No | Yes (compliance risk) | **MATERIAL** | Full ESRS G1 |
|
|
153
|
+
|
|
154
|
+
---
|
|
155
|
+
|
|
156
|
+
### Step 7: Document the DMA (ESRS 2 SBM-3 + IRO-1)
|
|
157
|
+
|
|
158
|
+
**Mandatory disclosures about the DMA process:**
|
|
159
|
+
|
|
160
|
+
*ESRS 2 IRO-1 — Description of the process to identify and assess material IROs:*
|
|
161
|
+
- Scope of assessment (own operations / value chain depth)
|
|
162
|
+
- Methodology and criteria used
|
|
163
|
+
- How stakeholders were engaged
|
|
164
|
+
- Timeline and frequency of DMA
|
|
165
|
+
- How the results inform strategy and reporting
|
|
166
|
+
|
|
167
|
+
*ESRS 2 SBM-3 — Material impacts, risks and opportunities:*
|
|
168
|
+
- Complete list of material topics identified
|
|
169
|
+
- How material IROs interact with business model and strategy
|
|
170
|
+
- Current and anticipated financial effects
|
|
171
|
+
|
|
172
|
+
**Materiality Statement:** Brief explanation for each ESRS topic found non-material (why it was excluded).
|
|
173
|
+
|
|
174
|
+
---
|
|
175
|
+
|
|
176
|
+
### Step 8: Validate and Update
|
|
177
|
+
|
|
178
|
+
- DMA must be updated at least annually
|
|
179
|
+
- Trigger for mid-period review: significant business change, new regulation, emerging risk, stakeholder concern
|
|
180
|
+
- Changes to materiality conclusions must be disclosed
|
|
181
|
+
|
|
182
|
+
---
|
|
183
|
+
|
|
184
|
+
## Sector-Specific Guidance
|
|
185
|
+
|
|
186
|
+
### High-Likelihood Material Topics by Sector
|
|
187
|
+
|
|
188
|
+
| Sector | Typically Material |
|
|
189
|
+
|--------|-------------------|
|
|
190
|
+
| Energy / Utilities | E1 (Climate), E2 (Pollution), E3 (Water), G1 (Business Conduct) |
|
|
191
|
+
| Financial Services | E1 (financed emissions), G1 (Business Conduct), S4 (Consumers) |
|
|
192
|
+
| Manufacturing | E1 (GHG), E2 (Pollution), E5 (Circular Economy), S1 (Workforce), S2 (Value Chain) |
|
|
193
|
+
| Retail / Consumer Goods | E1, E5 (packaging/waste), S2 (supply chain labour), S4 (consumers) |
|
|
194
|
+
| Agriculture / Food | E3 (Water), E4 (Biodiversity), E2 (Pollution), S2 (Value Chain) |
|
|
195
|
+
| Construction / Real Estate | E1 (building emissions), E5 (materials), E4 (land use), S3 (communities) |
|
|
196
|
+
| Technology | S1 (Workforce), S4 (data protection/consumers), G1 (Business Conduct) |
|
|
197
|
+
| Mining / Extractives | E1, E2, E3, E4, S3 (communities), G1 |
|
|
198
|
+
| Healthcare / Pharma | S4 (consumers), S1 (workforce), G1 (business conduct), E1 |
|
|
199
|
+
|
|
200
|
+
---
|
|
201
|
+
|
|
202
|
+
## DMA Documentation Templates
|
|
203
|
+
|
|
204
|
+
### Impact Register Template
|
|
205
|
+
|
|
206
|
+
| ID | ESRS Topic | Impact Description | Direction | Scope | Time Horizon | Scale (1-5) | Scope (1-5) | Irremediability (1-5) | Likelihood (1-5) | Severity Score | Material? |
|
|
207
|
+
|----|-----------|-------------------|-----------|-------|-------------|------------|------------|----------------------|----------------|---------------|-----------|
|
|
208
|
+
| I-001 | E1 | Scope 3 GHG emissions from product use | Negative | Downstream | Long-term | 5 | 5 | 4 | 5 | 500 | YES |
|
|
209
|
+
| I-002 | S1 | Gender pay inequity among employees | Negative | Own ops | Short-term | 3 | 3 | 3 | 4 | 108 | YES |
|
|
210
|
+
| I-003 | E4 | No operations near biodiversity areas | n/a | — | — | 1 | 1 | 1 | 1 | 1 | NO |
|
|
211
|
+
|
|
212
|
+
### Financial Risk/Opportunity Register Template
|
|
213
|
+
|
|
214
|
+
| ID | ESRS Topic | Type | Description | Time Horizon | Magnitude | Likelihood | Financial Score | Material? |
|
|
215
|
+
|----|-----------|------|-------------|-------------|-----------|-----------|----------------|-----------|
|
|
216
|
+
| F-001 | E1 | Transition risk | EU ETS carbon costs increase | Short-medium | High | High | HIGH | YES |
|
|
217
|
+
| F-002 | E3 | Physical risk | Water scarcity affects key plant | Long-term | Medium | Medium | MEDIUM | YES |
|
|
218
|
+
| F-003 | S1 | Opportunity | ESG leader attracts talent | Short-term | Low | Medium | LOW | NO |
|
|
219
|
+
|
|
220
|
+
### DMA Summary Table
|
|
221
|
+
|
|
222
|
+
| ESRS Standard | Topic | Impact Materiality | Financial Materiality | Overall Material | First Reporting Year |
|
|
223
|
+
|--------------|-------|-------------------|----------------------|-----------------|---------------------|
|
|
224
|
+
| E1 | Climate Change | ✓ | ✓ | ✓ | FY 2025 |
|
|
225
|
+
| E2 | Pollution | ✗ | ✗ | ✗ | — |
|
|
226
|
+
| E3 | Water & Marine | ✓ | ✓ | ✓ | FY 2025 |
|
|
227
|
+
| E4 | Biodiversity | ✗ | ✗ | ✗ | — |
|
|
228
|
+
| E5 | Circular Economy | ✓ | ✗ | ✓ | FY 2025 |
|
|
229
|
+
| S1 | Own Workforce | ✓ | ✗ | ✓ | FY 2025 |
|
|
230
|
+
| S2 | Value Chain Workers | ✓ | ✗ | ✓ | FY 2025 |
|
|
231
|
+
| S3 | Communities | ✗ | ✗ | ✗ | — |
|
|
232
|
+
| S4 | Consumers | ✗ | ✓ | ✓ | FY 2025 |
|
|
233
|
+
| G1 | Business Conduct | ✓ | ✓ | ✓ | FY 2025 |
|
|
234
|
+
|
|
235
|
+
---
|
|
236
|
+
|
|
237
|
+
## Common DMA Pitfalls
|
|
238
|
+
|
|
239
|
+
**1. Scope too narrow:** Limiting the DMA to own operations only; ESRS requires value chain consideration where material.
|
|
240
|
+
|
|
241
|
+
**2. Stakeholder engagement inadequate:** Consulting only investors; ESRS requires engagement with affected stakeholders (workers, communities).
|
|
242
|
+
|
|
243
|
+
**3. Financial materiality neglected:** Conducting only impact assessment; financial risks/opportunities must be assessed separately.
|
|
244
|
+
|
|
245
|
+
**4. Thresholds not justified:** Setting arbitrary thresholds without documenting the rationale; thresholds must be disclosed in IRO-1.
|
|
246
|
+
|
|
247
|
+
**5. DMA done retrospectively:** Completing the DMA after deciding what to report; the DMA must drive reporting decisions.
|
|
248
|
+
|
|
249
|
+
**6. Over-exclusion:** Excluding topics from reporting without adequate justification; ESRS requires a brief explanation for excluded topics.
|
|
250
|
+
|
|
251
|
+
**7. Static DMA:** Treating DMA as a one-time exercise; it must be reviewed at least annually.
|
|
252
|
+
|
|
253
|
+
**8. Climate auto-excluded:** Climate change (E1) is presumed material for most companies; requires robust justification and strong evidence to exclude.
|