If your business reports on the Corporate Sustainability Reporting Directive (CSRD), your sustainability statement must be verified by an independent auditor. Following the EU Omnibus I simplification package adopted in February 2025, CSRD scope has been narrowed to companies with 1,000+ employees (and either more than EUR 50M turnover or more than EUR 25M balance sheet), reducing the number of in-scope companies by roughly 80%. For more on how the Omnibus affects your organization, see our guide on the Omnibus Proposal and sustainability reporting.

While in the past, assurance professionals had to rely on a mix of general assurance standards and frameworks - such as the 3810N assurance standard in the Netherlands - all of that has now changed with the introduction of the International Standard on Sustainability Assurance 5000 (ISSA 5000).

A crucial step in enhancing confidence and trust in sustainability reporting, this new standard offers a more consistent, flexible, and robust framework for verifying sustainability information across all topics and industries.

Not only can this enhance the credibility of your sustainability statements, but the streamlined process can also speed up auditing - potentially cutting your overall compliance costs, too.

In this article, we'll break down everything you need to know about ISSA 5000 and what it means for CSRD compliance.

ISSA 5000: what is it, why is it important, and when is it coming into effect

ISSA 5000 is the new international standard on sustainability assurance developed and approved by the International Auditing and Assurance Standards Board (IAASB). 

It offers a framework for assurance professionals to assess and confirm the accuracy of information prepared in accordance with any sustainability reporting framework, like that required by the CSRD. 

What makes ISSA 5000 unique?

What makes ISSA 5000 unique is its flexibility. It applies to all sustainability topics and works with any reporting framework. It can also be used for both limited and reasonable assurance engagements. 

Interesting side-note: In the 196-page draft document, the CSRD is not mentioned once. This highlights that – while the ISSA 5000 is set to form the foundation of the CSRD audit – it was built as a cross-framework assurance standard.

The standard is available to all assurance practitioners, as long as they follow ethical and quality management standards, including the International Code of Ethics for Professional Accountants and the IAASB's quality management guidelines. 

ISSA 5000 is a principles-based standard, focusing on outcomes rather than strict procedures, which allows for scalability and adaptability across different sectors and organizations, regardless of their complexity.

When will ISSA 5000 come into effect?

ISSA 5000 was officially approved on September 20, 2024 and formally published by the IAASB on November 12, 2024, following certification by the Public Interest Oversight Board (PIOB).

Since then, the IAASB has released guidance and application materials, illustrative reports, and implementation Q&As to help organizations adopt the standard. ISSA 5000 is now included as Volume 3 of the 2025 IAASB Handbook and is being adopted by jurisdictions worldwide.

How the ISSA 5000 standard relates to your CSRD reporting 

If your company is required to report on the CSRD, your sustainability statement - prepared according to the amended ESRS standards - must be verified by a third-party auditor. This is to ensure that your environmental, social, and governance (ESG) data is accurate and reliable. 

Verification can be done through limited assurance or reasonable assurance. Under the CSRD's assurance timeline, companies must meet limited assurance standards initially. The transition to reasonable assurance - originally targeted for October 2028 - has been pushed back and is now unlikely before 2030 at the earliest, as the Commission reassesses feasibility in light of the Omnibus changes.

Companies currently follow their national assurance requirements for limited assurance. The EU is working toward EU-wide limited assurance standards, with ISSA 5000 positioned as the foundational framework for these engagements. A "stop-the-clock" directive agreed by the Council and Parliament in 2025 postpones reporting obligations for wave 2 and wave 3 companies by two years.

Key requirements of ISSA 5000 for CSRD compliance

As a business under the scope of CSRD, it's important to align your sustainability reports with ISSA 5000's key requirements to ensure transparency, accuracy, and compliance during the assurance process. Here's what you need to keep in mind:

Objectives of ISSA 5000

The objective of ISSA 5000 is to provide limited or reasonable assurance. This means that a third-party auditor will issue a written report confirming that your sustainability reports are free from material misstatements. This report will also outline the level of assurance (limited or reasonable) and explain the basis for their conclusion.

Engagement acceptance

Before an auditor takes on your assurance engagement, they will need to evaluate:

• Scope of work: What sustainability data will be audited?
• Reporting boundaries: What activities and data are included in your sustainability disclosures?
• Level of assurance: Will the engagement be for limited or reasonable assurance?

Planning the engagement

The assurance process requires auditors to understand your internal systems and controls for gathering and reporting sustainability information. 

Auditors will use risk assessment procedures, including those relating to fraud. Requirements will vary based on the level of assurance required, and focus more deeply on controls if reasonable assurance is required.

Materiality

ISSA 5000 follows a double materiality approach, which is also crucial for CSRD compliance. This means looking at sustainability from two perspectives:

• Financial materiality: How sustainability issues impact your company's financial performance.
• Impact materiality: How your company's activities affect the environment, society, and external factors.

Both qualitative (narrative explanations) and quantitative (data and numbers) disclosures are important. Your auditor will review how your organization has determined what is "material" and ensure that it aligns with the assurance standards.

{{custom-cta}}

Obtaining evidence

The level of evidence required will depend on whether you're seeking limited or reasonable assurance.

Limited assurance involves a moderate level of review and requires less detailed evidence. Reasonable assurance involves diving deeper into your data and processes, requiring more comprehensive evidence, especially for forward-looking or qualitative information.

Auditors will use their professional judgment to determine whether enough evidence has been provided, particularly in areas with uncertainties or future estimates.

Good to know: Coolset's new supporting evidence feature lets you easily attach documentation to each data point or ESRS disclosure. This helps auditors trace and verify data sources, ensuring CSRD compliance and simplifying the audit process. Try it out in our interactive demo.

Documentation

You will need to maintain detailed documentation that supports your sustainability claims. This includes records on how you collect, calculate, and report your ESG data. For a step-by-step guide, see how to write an ESRS sustainability statement. 

Assurance professionals will rely on this documentation to verify your compliance with CSRD, so it's important to ensure that all supporting information is complete and well-organized.

Reporting

Your auditor will issue a report outlining the level of assurance (limited or reasonable) and explaining the procedures they used. It's crucial that this report clearly distinguishes between limited and reasonable assurance, as the scope and depth of the review differ significantly. To ensure your report meets audit expectations, review the qualitative characteristics of CSRD-compliant reporting.

Main benefits of using ISSA 5000 for CSRD reporting

Not only does ISSA 5000 help you comply with the CSRD, but it also adds value to your sustainability efforts by improving credibility, transparency, and efficiency in the auditing process. Here's a breakdown of the key benefits:

1. Enhanced credibility

By applying ISSA 5000, your sustainability reports are backed by a globally recognized standard, which demonstrates your company's commitment to transparency and accountability. 

This is particularly important for businesses under the CSRD, as stakeholders, investors, and regulators are paying closer attention to the quality and reliability of sustainability data. Enhanced credibility means your company is more likely to gain the trust of investors and customers, positioning your sustainability efforts as both legitimate and impactful.

2. Better transparency

ISSA 5000 ensures sustainability information is thoroughly verified and free from material misstatements. 

The assurance process, whether limited or reasonable, involves a rigorous examination of your sustainability data, which increases transparency. By providing accurate and reliable data, your business builds trust not only with auditors and regulators but also with external stakeholders like investors, customers, and partners. 

This can improve your reputation and show that you are serious about your sustainability commitments, while also helping you avoid the risks associated with misleading or incomplete reporting, such as accusations of greenwashing.

3. Streamlined auditing processes

In the past, auditing sustainability reports lacked a universally recognized international standard specifically designed for sustainability assurance. 

ISSA 5000 provides a clear framework for assurance professionals, making the auditing process smoother and more efficient. This means less time and resources needed to complete audits. 

By aligning your reporting with ISSA 5000, you can ensure that your sustainability reports are structured in a way that auditors can easily follow, minimizing delays and improving overall efficiency. 

This is especially valuable for companies operating in multiple industries or reporting under several frameworks, as ISSA 5000's flexibility allows it to accommodate various sustainability topics and frameworks.

4. Faster CSRD compliance

ISSA 5000's standardized approach to sustainability assurance makes it easier to meet CSRD reporting requirements efficiently and avoid costly delays.  

With annual costs for limited assurance audits estimated by EFRAG to range from 0.013% to 0.026% of revenue - or EUR 13,000 to EUR 26,000 per year for every EUR 10 million in revenue - any time saved through streamlined processes helps keep these expenses in check, preventing additional audit and rework fees from poor reporting.

Get started with Coolset's CSRD compliance platform today

With fines up to EUR 10 million for non-compliance under the CSRD, ensuring your sustainability reports are audit-ready is crucial. CSRD audits can be time-consuming and costly, especially if your sustainability data isn't properly prepared or documented. 

To avoid hefty penalties and ensure smooth compliance, many businesses are turning to CSRD compliance software.

Coolset's CSRD compliance management platform offers everything you need to manage, measure, and improve your sustainability performance. Our platform guides you through every step of your CSRD compliance journey - from conducting your double materiality assessment to reporting on the relevant ESRS disclosures.

With Coolset, you can:

• Invite your auditor to the platform for seamless collaboration.
• Generate audit trails and attach supporting evidence.
• Create audit-ready reports in .XBLR format for hassle-free submission.

Ready to audit-proof your sustainability reporting? See Coolset in action below or contact one of our product experts for a personalized walkthrough today.

{{product-tour-injectable}}