Quick Comparison
| Human Rights Due Diligence (HRDD) | Social Audit | |
|---|---|---|
| Scope | Ongoing process to identify, prevent, mitigate, and account for human rights impacts | Point-in-time assessment of a facility's compliance with social standards |
| Applicability | Entire value chain—operations, supply chain, business relationships | Individual factories, farms, or facilities within the supply chain |
| Key Focus | Systemic risk identification and remediation across the business | Compliance verification against a specific code or standard |
| Methodology | Stakeholder engagement, risk mapping, impact assessment, grievance mechanisms | Facility inspection—document review, worker interviews, site walkthrough |
| Regulatory Basis | UN Guiding Principles, OECD Guidelines, EU CSDDD, Germany's LkSG, France's Duty of Vigilance | Voluntary industry programs (SMETA, BSCI, SA8000) and buyer requirements |
| Frequency | Continuous—embedded in business processes | Periodic—typically annual or biannual snapshots |
What is Human Rights Due Diligence?
Human rights due diligence (HRDD) is a structured, ongoing process through which companies identify, prevent, mitigate, and account for how they address their adverse human rights impacts. The concept was codified in the 2011 UN Guiding Principles on Business and Human Rights (UNGPs), authored by John Ruggie, which established the "Protect, Respect and Remedy" framework. Under the UNGPs, all businesses have a responsibility to respect human rights—independent of state obligations—and HRDD is the mechanism for meeting that responsibility.
HRDD encompasses several interconnected steps: assessing actual and potential human rights impacts across the value chain, integrating findings into decision-making and operations, tracking the effectiveness of responses, and communicating how impacts are addressed. Critically, HRDD requires meaningful engagement with affected stakeholders—not just checking boxes, but actually consulting workers, communities, and civil society to understand lived impacts.
What distinguishes HRDD from earlier approaches to supply chain responsibility is its emphasis on the company's own contribution to harm, its leverage to prevent harm by business partners, and the ongoing nature of the process. HRDD isn't something you complete—it's something you embed. This aligns with the growing regulatory trend: the EU's Corporate Sustainability Due Diligence Directive (CSDDD), Germany's Supply Chain Due Diligence Act (LkSG), France's Duty of Vigilance Law, and Norway's Transparency Act all mandate HRDD as a continuous corporate obligation.
What is a Social Audit?
A social audit is a structured assessment of a specific facility—a factory, warehouse, farm, or processing site—against a set of social standards, typically covering labor rights, health and safety, working hours, wages, and management systems. The auditor (usually a third-party firm) visits the site, reviews documentation, interviews workers and management, and produces a report rating compliance levels and identifying corrective actions.
The social audit industry emerged in the 1990s in response to sweatshop scandals that hit major brands like Nike and Gap. Industry-led programs like the Sedex Members Ethical Trade Audit (SMETA), amfori BSCI, and the SA8000 standard developed codified methodologies for assessing working conditions across global supply chains. Today, millions of social audits are conducted annually, forming the backbone of most companies' supply chain social compliance programs.
Social audits serve a practical function: they give buying companies a standardized way to evaluate whether suppliers meet minimum labor standards. Audit results trigger corrective action plans, and repeat non-compliance can lead to supplier termination. The audit creates a documented record that companies use for risk management, buyer qualification, and increasingly, ESG reporting.
Key Differences
1. Process vs. Event. HRDD is an ongoing business process embedded in operations, governance, and strategy. A social audit is a discrete event—a visit to a specific site at a specific time that produces a specific report. HRDD never ends; a social audit has a start date, an end date, and a deliverable.
2. Scope of Analysis. HRDD examines the company's entire value chain and all salient human rights issues—forced labor, land rights, freedom of association, right to water, impacts on Indigenous peoples, and more. Social audits assess one facility against a defined checklist. HRDD might identify that your business model creates structural pressures (unrealistic lead times, purchasing price squeezes) that drive labor violations. A social audit wouldn't capture that—it sees the symptoms at the factory level, not the root cause in your procurement practices.
3. Stakeholder Centrality. HRDD requires meaningful engagement with affected rights-holders—the workers, communities, and individuals actually impacted by business activities. Best practice HRDD includes worker-driven monitoring, community consultation, and accessible grievance mechanisms. Social audits include worker interviews, but these are typically brief, conducted on-site (where workers may fear retaliation), and limited to the auditor's checklist questions.
4. Root Cause Analysis. HRDD asks why human rights impacts occur and whether the company's own practices contribute to them. Does your purchasing practice demand impossible turnarounds that lead to excessive overtime? Does your pricing pressure make it impossible for suppliers to pay living wages? Social audits document what they find at the facility level without necessarily examining the buying company's role in creating the conditions for non-compliance.
5. Legal Evolution. HRDD is rapidly becoming a legal obligation across major markets. The EU CSDDD requires companies to conduct HRDD across their value chains. Germany's LkSG imposes mandatory due diligence with regulatory enforcement and fines. Social audits remain voluntary industry tools—useful within an HRDD process, but not sufficient to meet emerging legal requirements on their own.
6. Known Limitations. The social audit model has faced sustained criticism for its failure to detect serious abuses. The Rana Plaza factory collapse in 2013—which killed 1,134 workers in a building that had been audited—became a watershed moment exposing the limitations of audit-based approaches. Research consistently shows that audits miss forced labor indicators, undercount working hour violations, and produce inconsistent results across auditing firms.
7. Remediation Approach. HRDD requires companies to provide or cooperate in remediation when adverse impacts are identified. This means actual remedy for affected people—compensation, rehabilitation, policy change. Social audits produce corrective action plans (CAPs) focused on facility-level fixes—install fire extinguishers, update contracts, post policies—which address symptoms but may not provide meaningful remedy to affected workers.
Which One Do You Need?
If you operate in or sell into the EU, you need HRDD—it's the law under the CSDDD, LkSG, and similar statutes. Social audits alone will not satisfy mandatory due diligence requirements. Regulators expect evidence of ongoing risk assessment, stakeholder engagement, root cause analysis, and remediation—not just a stack of audit reports.
Social audits remain useful as one tool within a broader HRDD framework. They provide facility-level visibility that supplements the systemic analysis HRDD requires. Think of social audits as the site-specific data collection mechanism and HRDD as the strategic process that determines what to do with that data.
For companies early in their supply chain responsibility journey, social audits are a reasonable starting point—they create baseline visibility into working conditions and signal expectations to suppliers. But don't stop there. Build the HRDD process around the audits: map salient risks, engage affected stakeholders, analyze root causes (including your own purchasing practices), establish grievance mechanisms, and report on progress.
The direction of travel is clear: markets and regulators are moving from audit-based compliance to HRDD-based accountability. Companies that build HRDD capabilities now will be ahead of requirements rather than scrambling when enforcement begins.
Council Fire's Perspective
We've seen too many companies confuse having a social audit program with having a human rights due diligence process. They're not the same, and the gap between them is where the most serious human rights harms hide. Audits check what's visible during a scheduled visit. Due diligence investigates what's systemic, including the buyer's own role in creating harmful conditions.
Our approach helps clients build HRDD processes that use audit data as an input—not an endpoint. We focus on the hard questions: How do your purchasing practices contribute to the labor conditions you're auditing against? Are your grievance mechanisms accessible to the most vulnerable workers? When you find problems, do you remediate for affected people or just fix the compliance gap? These are the questions regulators are starting to ask, and they can't be answered with an audit report.
Frequently Asked Questions
Do social audits satisfy HRDD legal requirements?
Not on their own. Mandatory HRDD laws—the EU CSDDD, Germany's LkSG, France's Duty of Vigilance—require ongoing processes that include risk identification across the value chain, stakeholder engagement, integration into business functions, and remediation. Social audits can contribute to the risk identification component but don't satisfy requirements for stakeholder engagement, root cause analysis of the company's own practices, or meaningful remediation. Companies subject to these laws need HRDD systems that incorporate but go beyond auditing.
Why do social audits miss forced labor?
Forced labor is deliberately concealed. Victims are coached on what to say, documents are falsified, and the most exploitative conditions are hidden from auditors. Audits are typically announced in advance, conducted during working hours, and limited to a few days on-site. Forced labor indicators—debt bondage, document retention, restricted movement—require deeper investigation, off-site worker engagement, and extended relationship-building that the audit model doesn't support. This is why anti-trafficking experts increasingly advocate for worker-driven monitoring as a complement to auditing.
How much does it cost to implement HRDD vs. running social audits?
Social audits typically cost $1,000-$5,000 per facility depending on scope and location. HRDD is a systemic investment—building internal capacity, conducting stakeholder engagement, establishing grievance mechanisms, and integrating findings into business processes. Initial HRDD implementation for a mid-sized company with a complex supply chain might cost $200,000-$500,000, with ongoing annual costs dependent on supply chain complexity. However, the regulatory cost of non-compliance with mandatory HRDD laws—fines under Germany's LkSG reach up to 2% of global revenue—makes the investment case clear.
Can worker-driven social responsibility replace both approaches?
Worker-driven social responsibility (WSR) programs like the Fair Food Program and the Bangladesh Accord represent a third model where workers and their organizations hold enforcement power. WSR programs have demonstrated stronger outcomes than both traditional audits and top-down HRDD in the specific contexts where they operate. However, they require organized worker participation, brand commitment, and sector-specific infrastructure that doesn't exist everywhere. The most robust approach combines HRDD as the strategic framework, audits for facility-level data, and WSR or worker voice mechanisms for authentic stakeholder engagement.
Need help with Human Rights Due Diligence vs Social Audit: Key Differences Explained?
Our team brings decades of sustainability consulting experience. Let's talk about how Council Fire can support your goals.