If your business falls under scope of the Corporate Sustainability Reporting Directive (CSRD), your sustainability statement must be verified by an independent auditor.

While in the past, assurance professionals had to rely on a mix of general assurance standards and frameworks, all of that has now changed with the introduction of the International Standard on Sustainability Assurance 5000 (ISSA 5000).

A crucial step in enhancing confidence and trust in sustainability reporting, this new standard offers a more consistent, flexible, and robust framework for verifying sustainability information across all topics and industries.

Not only can this enhance the credibility of your sustainability statements, but the streamlined process can also speed up auditing—potentially cutting your overall compliance costs, too.

In this article, we’ll break down everything you need to know about ISSA 5000 and what it means for CSRD compliance.

ISSA 5000: what is it, why is it important, and when is it coming into effect

ISSA 5000 is the new international standard on sustainability assurance developed and approved by the International Auditing and Assurance Standards Board (IAASB). 

It offers a framework for assurance professionals to assess and confirm the accuracy of information prepared in accordance with any sustainability reporting framework, like that required by the CSRD. 

What makes ISSA 5000 unique?

What makes ISSA 5000 unique is its flexibility. It applies to all sustainability topics and works with any reporting framework. It can also be used for both limited and reasonable assurance engagements. 

Interesting side-note: In the 196-page draft document, the CSRD is not mentioned once. This highlights that – while the ISSA 5000 is set to form the foundation of the CSRD audit – it was built as a cross-framework assurance standard.

The standard is available to all assurance practitioners, as long as they follow ethical and quality management standards, including the International Code of Ethics for Professional Accountants and the IAASB’s quality management guidelines. 

ISSA 5000 is a principles-based standard, focusing on outcomes rather than strict procedures, which allows for scalability and adaptability across different sectors and organizations, regardless of their complexity.

When will ISSA 5000 come into effect?

ISSA 5000 was officially approved on September 20, 2024. The formal publication of the standard is expected by December 2024, following final certification by the Public Interest Oversight Board (PIOB).

In January 2025, IAASB will release a range of guidance and application materials to help organizations implement the standard effectively. This sets the stage for ISSA 5000 to become widely used by early 2025, in line with the first round of official CSRD-aligned reports. 

How the ISSA 5000 standard relates to your CSRD reporting 

If your company falls under scope of the CSRD, your sustainability statement must be verified by a third-party auditor. This is to ensure that your environmental, social, and governance (ESG) data is accurate and reliable. 

Verification can be done through limited assurance or reasonable assurance. Under the CSRD’s assurance timeline, companies are required to meet limited assurance standards until October 1, 2028. By that time, the EU plans to introduce reasonable assurance standards, if feasible. 

Up until October 1, 2026, companies can follow their national assurance requirements for limited assurance. After that, the EU will introduce EU-wide limited assurance standards, and this is where ISSA 5000 plays a key role, providing a consistent, high-quality framework for these assurance engagements.

Key requirements of ISSA 5000 for CSRD compliance

As a business under the scope of CSRD, it’s important to align your sustainability reports with ISSA 5000’s key requirements to ensure transparency, accuracy, and compliance during the assurance process. Here’s what you need to keep in mind:

Objectives of ISSA 5000

The objective of ISSA 5000 is to provide limited or reasonable assurance. This means that a third-party auditor will issue a written report confirming that your sustainability reports are free from material misstatements. This report will also outline the level of assurance (limited or reasonable) and explain the basis for their conclusion.

Engagement acceptance

Before an auditor takes on your assurance engagement, they will need to evaluate:

• Scope of work: What sustainability data will be audited?
• Reporting boundaries: What activities and data are included in your sustainability disclosures?
• Level of assurance: Will the engagement be for limited or reasonable assurance?

Planning the engagement

The assurance process requires auditors to understand your internal systems and controls for gathering and reporting sustainability information. 

Auditors will use risk assessment procedures, including those relating to fraud. Requirements will vary based on the level of assurance required, and focus more deeply on controls if reasonable assurance is required.

Materiality

ISSA 5000 follows a double materiality approach, which is also crucial for CSRD compliance. This means looking at sustainability from two perspectives:

• Financial materiality: How sustainability issues impact your company’s financial performance.
• Impact materiality: How your company’s activities affect the environment, society, and external factors.

Both qualitative (narrative explanations) and quantitative (data and numbers) disclosures are important. Your auditor will review how your organization has determined what is "material" and ensure that it aligns with the assurance standards.

{{custom-cta}}

Obtaining evidence

The level of evidence required will depend on whether you're seeking limited or reasonable assurance.

Limited assurance involves a moderate level of review and requires less detailed evidence. Reasonable assurance involves diving deeper into your data and processes, requiring more comprehensive evidence, especially for forward-looking or qualitative information.

Auditors will use their professional judgment to determine whether enough evidence has been provided, particularly in areas with uncertainties or future estimates.

Good to know: Coolset’s new supporting evidence feature lets you easily attach documentation to each data point or ESRS disclosure. This helps auditors trace and verify data sources, ensuring CSRD compliance and simplifying the audit process. Try it out in our interactive demo.

Documentation

You will need to maintain detailed documentation that supports your sustainability claims. This includes records on how you collect, calculate, and report your ESG data. 

Assurance professionals will rely on this documentation to verify your compliance with CSRD, so it’s important to ensure that all supporting information is complete and well-organized.

Reporting

Your auditor will issue a report outlining the level of assurance (limited or reasonable) and explaining the procedures they used. It’s crucial that this report clearly distinguishes between limited and reasonable assurance, as the scope and depth of the review differ significantly.

Main benefits of using ISSA 5000 for CSRD reporting

Not only does ISSA 5000 help you comply with the CSRD, but it also adds value to your sustainability efforts by improving credibility, transparency, and efficiency in the auditing process. Here’s a breakdown of the key benefits:

1. Enhanced credibility

By applying ISSA 5000, your sustainability reports are backed by a globally recognized standard, which demonstrates your company’s commitment to transparency and accountability. 

This is particularly important for businesses under the CSRD, as stakeholders, investors, and regulators are paying closer attention to the quality and reliability of sustainability data. Enhanced credibility means your company is more likely to gain the trust of investors and customers, positioning your sustainability efforts as both legitimate and impactful.

2. Better transparency

ISSA 5000 ensures sustainability information is thoroughly verified and free from material misstatements. 

The assurance process, whether limited or reasonable, involves a rigorous examination of your sustainability data, which increases transparency. By providing accurate and reliable data, your business builds trust not only with auditors and regulators but also with external stakeholders like investors, customers, and partners. 

This can improve your reputation and show that you are serious about your sustainability commitments, while also helping you avoid the risks associated with misleading or incomplete reporting, such as accusations of greenwashing.

3. Streamlined auditing processes

In the past, auditing sustainability reports lacked a universally recognized international standard specifically designed for sustainability assurance. 

ISSA 5000 provides a clear framework for assurance professionals, making the auditing process smoother and more efficient. This means less time and resources needed to complete audits. 

By aligning your reporting with ISSA 5000, you can ensure that your sustainability reports are structured in a way that auditors can easily follow, minimizing delays and improving overall efficiency. 

This is especially valuable for companies operating in multiple industries or reporting under several frameworks, as ISSA 5000’s flexibility allows it to accommodate various sustainability topics and frameworks.

4. Faster CSRD compliance

ISSA 5000’s standardized approach to sustainability assurance makes it easier to meet CSRD reporting requirements efficiently and avoid costly delays.  

With annual costs for limited assurance audits estimated by EFRAG to range from 0.013% to 0.026% of revenue—or €13,000 to €26,000 per year for every €10 million in revenue—any time saved through streamlined processes helps keep these expenses in check, preventing additional audit and rework fees from poor reporting.

Get started with Coolset’s CSRD compliance platform today

With fines up to €10 million for non-compliance under the CSRD, ensuring your sustainability reports are audit-ready is crucial. CSRD audits can be time-consuming and costly, especially if your sustainability data isn't properly prepared or documented. 

To avoid hefty penalties and ensure smooth compliance, many businesses are turning to CSRD compliance software.

Coolset’s CSRD compliance management platform offers everything you need to manage, measure, and improve your sustainability performance. Our platform guides you through every step of your CSRD compliance journey—from conducting your double materiality assessment to reporting on the relevant ESRS disclosures.

With Coolset, you can:

• Invite your auditor to the platform for seamless collaboration.
• Generate audit trails and attach supporting evidence.
• Create audit-ready reports in .XBLR format for hassle-free submission.

Ready to audit-proof your sustainability reporting? See Coolset in action below or contact one of our product experts for a personalized walkthrough today.

{{product-tour-injectable}}