The International Auditing and Assurance Standards Board is preparing for the adoption of its International Standard on Sustainability Assurance 5000 early next year as companies look to get outside approval from auditing firms on their environmental efforts.

The IAASB approved the standard in September, but is awaiting final approval from the Public Interest Oversight Board, an international body that oversees the IAASB and other standard-setters affiliated with the International Federation of Accountants. The IAASB expects to provide educational materials in January once the PIOB formally approves ISSA 5000, probably by the end of this year. 

Policymakers, regulators and other standard-setting bodies in multiple jurisdictions have already indicated plans to adopt this new standard. Earlier this year the U.S. Securities and Exchange Commission recognized the IAASB’s work and standards in this area for the purpose of allowing assurance on climate disclosures, even though the SEC’s own climate rule is currently on hold pending the outcome of multiple lawsuits. 

“ISSA 5000, which is our sustainability assurance standard, is meant to serve as a global baseline for sustainability assurance practices,” said IAASB chair Tom Seidenstein. 

Once the PIOB certifies the IAASB standard, the IAASB plans to offer a range of guidance and educational materials to help people and other standard-setters with the application and implementation of ISSA 5000. So far, the IAASB has heard positive responses from standard-setters in various jurisdictions, including Australia, Canada, Brazil, Turkey and the European Union, about their intention of adopting some or all of the standard for their requirements. “That’s just the earliest stages,” said Seidenstein. “They were all waiting for us to finish the standard, and we’ll have to see how those considerations progress.”

ISSA 5000 builds on two of the IAASB’s existing standards on assurance: International Standard on Assurance Engagements 3000, a principles-based standard for assurance for nonfinancial reporting, and ISAE 3410, a specific standard for greenhouse gas reporting assurance.

“With the growing desire to have sustainability reporting throughout the world and the emergence of some of the leading reporting frameworks, we were urged to take what we had and make it specific to sustainability reporting,” said Seidenstein. “We took a pretty broad-based, principles-based framework that applied to all assurance and really focused it in, took our best practices on the assurance side, grabbed some of the key concepts that we’ve brought into the audit side, and made a sustainability-specific standard. Now what’s really important about this is it will work with all sustainability information prepared with any suitable reporting framework.”

That means it would work with not only the SEC’s climate-related disclosure rule, but also with the International Sustainability Standards Board’s S1 and S2 standards on sustainability and climate-related disclosures as well as the European Sustainability Reporting Standards mandated under the European Union’s Corporate Sustainability Reporting Directive, along with other major frameworks like Global Reporting Initiative standards. The IAASB has also been in talks with the American Institute of CPAs’ Auditing Standards Board about incorporating at least some of the ISSA 5000 framework into the ASB’s attestation requirements.

The IAASB developed the standards so they could work with various frameworks. “Our standard covers any sustainability information, so that would be covered as long as the reporting framework fulfills certain criteria, then our standard will work against that,” said Seidenstein. “You’re assuring against a framework. Reporting standard-setters will set the framework.”

ISSA 5000 addresses both limited and reasonable assurance. “Most assurance engagements these days are on a limited assurance basis,” said Seidenstein, noting that both the SEC and CSRD rules require only limited assurance. But he believes investors will eventually be demanding the more stringent “reasonable assurance.” 

“We wanted to have a clear pathway in our standards with a differentiation between limited and reachable assurance requirements, and ISSA 5000 provides both,” said Seidenstein. 

Reasonable assurance is similar to the level of assurance offered in financial audits. “The assurance practitioner does a number of inquiries, does the risk assessment, responds to it and reduces the risk of material misstatement down to an acceptable level,” Seidenstein explained. “That’s really important, and will give a high-level degree of confidence that the sustainability reports are stated correctly. In the world of limited assurance, there’s less work done. It’s stated in a negative way, that there’s nothing that’s come to the attention of the practitioner that would lead them to believe that the statements are materially misstated. That’s really about a different type of risk assessment, different lines of inquiry, in responding to areas of risk, whereas a reasonable assurance engagement is much more robust. Most people are focused on limited right now to develop the capacity, knowledge and understanding as we then transition to reasonable assurance over time.”

However, the standards should help investors assess the reliability of a company’s sustainability reporting. 

“What these standards will do, just like audit standards and just like assurance today, but in a much more specific way, will give the users of information more confidence that an external third party that’s independent and expert has reviewed the sustainability reports and can either provide a limited assurance or reasonable assurance opinion against the sustainability report, and that should give confidence,” said Seidenstein. “It’s the same thing as you would expect on the financial reporting side. It’s precisely why audits are important that you have an independent expert third party look at it to make sure that there’s no material misstatements.” 

An IFAC report that was released in June aims to help those who use sustainability reporting understand what to expect from sustainability assurance, addressing limited vs. reasonable assurance and explaining what different types of conclusions can indicate.

Auditors would follow many of the same basic approaches and methodologies in the world of financial auditing, from the planning to the conclusion to the reporting stages. “We focus very much on the planning, the risk assessment phase, the risk response phase of audits, so it’s very similar in many concepts, but translated to a sustainability context,” said Seidenstein. “What is slightly different in this world is first of all, you have much more qualitative and prospective information than you would in the financial reporting context, so you’re very focused on the process, the controls, the approach to making sure that the disclosures are materially correct.”

The IAASB wrote the standard so it can be used by both accountants and non-accountants since some other types of consulting firms that aren’t accounting firms have also been providing assurance on sustainability reporting, particularly when it comes to greenhouse gas emissions. IFAC’s State of Play in Sustainability Assurance report found that 689 of 1,187 (for 950 companies) assurance reports were signed by audit firms in 2022. 

The report found the IAASB’s assurance standard, International Standard on Assurance Engagements 3000 (Revised), continues to be used most frequently. In the most recent year for which data is available (2022), 92% of firms applied ISAE 3000 (Revised) in their sustainability assurance engagements, 98% of companies reported some level of detail on sustainability, and 69% obtained assurance on at least some of their sustainability disclosures. But the mix of reporting standards used by companies remains fragmented

For ISSA 5000, non-accountant practitioners would still need to adhere to the IAASB’s quality management standards as well as the ethics standards developed by its sister standard-setting board, the International Ethics Standards Board for Accountants. IESBA has also been developing ethics standards for sustainability reporting. The International Organization of Securities Commissions has encouraged both the IAASB and IESBA to develop sustainability assurance and ethics standards since September 2022. IESBA is expected to approve its standards in December, and the PIOB will meet to certify them in January. 

“We’re clearly proud of this work, that we were able to turn this around in under two years’ time with robust due process, and we met the timeline particularly set forward by IOSCO in their recommendation to both us and IESBA in terms of supporting sustainability reporting requirements,” said Seidenstein.

Even though the SEC’s climate rule is on hold, he believes the standards will still be useful for U.S. accountants. 

“In the United States, there are many different companies that will be seeking assurance, or already do seek assurance, on their sustainability reporting,” said Seidenstein. “So many companies have ESG reports or sustainability reports on a voluntary basis. There are a number of companies that are likely to adopt ISSB standards beyond that on a voluntary basis, or report on some other set of standards currently and are seeking assurance. There are many companies that will be required to conform with the European Corporate Sustainability Reporting Directive, and they will be required to have assurance under the CSRD and potentially be required to use our set of standards. The European Commission asked the CEAOB, which is the Committee of European Audit Oversight Boards, to advise the Commission on how to implement assurance requirements. It said specifically to look at our work on 5000 in that regard. American companies may have that requirement and could be in the value chain of companies that require sustainability reporting, whether it’s in Europe or elsewhere, and would also require assurance. There are a number of ways that our work could be relevant to American companies, irrespective of the climate rule.”

A recent report from the Visual Lease Data Institute found that a little over half (55%) of finance executives who were surveyed reported that the pause on the SEC climate disclosure rule has impacted their organization’s climate-related reporting efforts, and only 43% say their companies have established related benchmarks (a 4% increase from 2023).

ISSA 5000 promises to be widely useful for auditing firms in providing assurance on these important metrics. “We believe that this will establish a global baseline on the assurance side to complement what’s happening on the reporting side, and you really can’t have one without the other,” said Seidenstein.