• ​Report the organization's policy and current practice with regard to seeking external assurance for the report.

  • ​If not included in the assurance report accompanying the sustainability report, report the scope and basis of any external assurance provided.

  • ​Report the relationship between the organization and the assurance providers.

  • ​Report whether the highest governance body or senior executives are involved in seeking assurance for the organization's sustainability report.

Organizations use a variety of approaches to enhance the credibility of their reports.

GRI recommends the use of external assurance for sustainability reports in addition to any internal resources, but does not require it.

GRI uses the term ‘external assurance’ to refer to activities designed to result in published conclusions on the quality of the report and the information (whether it be qualitative or quantitative) contained within it. External assurance may also refer to activities designed to result in published conclusions on systems or processes (such as the process for defining report content, including the application of the Materiality Principle or the stakeholder engagement process). This is different from activities designed to assess or validate the quality or level of performance of an organization, such as issuing performance certifications or compliance assessments.

A variety of approaches are currently used by report preparers to implement external assurance, including the use of professional assurance providers, or other external groups or individuals. Regardless of the specific approach, external assurance should be conducted by competent groups or individuals external to the organization who follow professional standards for assurance, or who apply systematic, documented, and evidence-based processes (‘assurance providers’).

Overall, for external assurance of reports using the Guidelines, it is important that the assurance providers:
  • Are independent from the organization and therefore able to reach and publish an objective and impartial opinion or conclusions on the report
  • Are demonstrably competent in both the subject matter and assurance practices
  • Apply quality control procedures to the assurance engagement
  • Conduct the engagement in a manner that is systematic, documented, evidence-based, and characterized by defined procedures
  • Assess whether the report provides a reasonable and balanced presentation of performance, taking into consideration the veracity of data in the report as well as the overall selection of content
  • Assess the extent to which the report preparer has applied the Guidelines in the course of reaching its conclusions
  • Issue a written report that is publicly available and includes an opinion or set of conclusions, a description of the responsibilities of the report preparer and the assurance provider, and a summary of the work performed to explain the nature of the assurance conveyed by the assurance report

An organization may have systems of internal controls in place and, in some jurisdictions, corporate governance codes may require directors to inquire, and then, if satisfied, to confirm in the annual report the adequacy of the organization’s internal controls. Organizations may also establish and maintain an internal audit function, as part of their processes for risk management and for managing and reporting information.

These internal systems are also important to the overall integrity and credibility of a report.

An organization may convene a stakeholder panel to review its overall approach to sustainability reporting or provide advice on the content of its sustainability report.