Verification and Assurance

Many companies recognise the need to report on their environmental, social, and governance (ESG) performance, to meet the expectations of investors, customers, and regulators. However, the accuracy, reliability and transparency of sustainability reports has been called into question, in an era of ‘greenwashing’ stakeholders can be reluctant to put full faith into an organisation’s claims. Verification and assurance are key components in ensuring that stakeholders have the confidence in the information contained within an organisation’s reporting on sustainability issues.

The Move to Mandatory Assurance

There is a clear direction of travel in non-financial reporting, with a call for transparent reporting getting louder from stakeholders. The new Corporate Sustainability Reporting Directive (CSRD) legislation, which replaces the EU’s Non-Financial Reporting Directive (NFRD) aiming to encourage more accountability from businesses and greater clarity for investors. Under the CSRD it will be mandatory for businesses to obtain ‘limited’ (also known as ‘moderate’) assurance on all information disclosed under the directive. It is expected that ‘reasonable’ (also known as ‘high’) assurance will become a requirement at a later date once companies have had the time to put new processes into place.

Although the CSRD may not be applicable to all businesses as it relates to organisations based in or who have operations in the EU, the legislation is a clear indication of the direction of travel and so organisations need to get prepared.

Verification and assurance is undertaken to ensure the processes implemented to collect data are sound and that the sustainability information presented is accurate and complete, providing the clarity to both internal and external stakeholders on an organisation’s progress on its sustainability ambitions.

What are the Different Levels of Assurance?

When considering the level of assurance that a business should aim for, there is a base level and a more comprehensive option. The base level of assurance is known as Limited or Moderate depending on the standard used to assure the data. It is primarily focused on the accuracy of the systems in place. It requires data to be collected, recorded, calculated, and reported correctly. Meeting these standards can be achieved through an effective and streamlined data management process, with robust safeguards to identify any errors before information is made public. At this stage, CSRD only mandates a limited level of assurance on non-financial information.

Once this level of assurance has been obtained, the more comprehensive level of assurance is reasonable/high. The principal difference between the two degrees of confidence is in assessing the possibility of any missing data sources and is therefore a more thorough verification process. Reasonable assurance maintains all the requirements of limited assurance with the added aspects of site visits to determine that all potential data sources are being accounted for.

What Standards can be used to Assure Non-Financial Information?

There are a vast number of standards which sustainability certified professionals and auditors can use to verify and assure non-financial information all of which have different focuses and scopes, and so it is vital that businesses understand what they want to achieve from the assurance process.

The AA1000 AccountAbility Assurance Standard provides businesses with a comprehensive audit of the sustainability information disclosed in their reports. It is based on a business’s adherence to the AA1000AP principles of inclusivity, materiality, responsiveness and impact. The audit process involves an evaluation of an organisations systems, procedures, and policies, ultimately looking to determine the reliability of the disclosed information surrounding an organisations sustainability performance.

Other standards also include the ISAE 3000 and ISAE 3410, typically used together to ensure an in depth review of data. ISAE 3000 focuses on quality control and an assessment of material and risk factors. The ISAE 3410 standard only covers the assurance of data related to greenhouse gas emissions, with an approach which focuses more on the methods and processes behind the reported statements.

In addition, ISO 14064 is the internationally recognised series of standards used for carbon measurement, reporting and verification (MRV).

Getting Prepared


As discussed above, although a level of moderate assurance is not yet mandatory for all businesses, there is a clear direction of travel with businesses beginning to get caught out as they fail to prepare to be assured. Having a good understanding of the different levels and standards of assurance will be useful for businesses as they start to take steps towards getting their non- financial information assured, but regardless of the standard which your sustainability report is assured against, there is an underlying need to ensure the organisations data capture processes are robust.

Organisations must implement an effective data capture process, which is specific to the internal procedures of the organisation. This can be a lengthy and resource heavy process and so it is vital that businesses start to take the time to develop their approach and ensure that they have a clear and robust strategy for collecting and managing environmental and social data. We often see that organisations have started to collect data for reporting, focusing largely on the end output as opposed to maintaining a well-managed process. It is important for businesses to remember that working alongside key stakeholders such as your supply chain or your human resources team are vital components of a robust data collection process. If businesses can get this step right, it will set them up for a smoother transition to gaining assurance on their non-financial and sustainability reporting.

Asesoria has been verifying non-financial data using the AA1000as framework for over 10 years. Data assurance and verification should be a continuous process which starts with a well-defined process of collecting and disclosing data. We can support organisations in the implementation of the processes for robust data capture or can provide assurance services.

How Can We Help


As companies face increasing regulation, we have become a trusted adviser to our clients’ ensuring regulations and new requirements have timely implementation, using a pragmatic approach appropriate for that organisation. Whether it is working to comply with Corporate Sustainability Reporting Directive (CSRD), Taskforce for Climate Related Financial Disclosures (TCFD) or reporting against UN Sustainability Development Goals (SDG’s), we have supported numerous clients to develop their approach to non-financial reporting.

For more information on the topics included in this paper or would like to know more about Asesoria’s work with clients contact Melissa Kittermaster, Director on +44 (0)3053 8630. If you would like a copy of future thought papers, please contact to be added to our mailing list.