Build trust with sustainability reporting

Demonstrate your positive environmental, social and governance impacts to earn favour with large enterprise customers that have formal ESG obligations

soc2-explained-video-cover
SOC 2 STANDARD

Is this the year you grow with SOC 2?

There’s no better standard to baseline your information security and earn trust with a broad customer base.

AssuranceLab is a registered CPA and CA firm ready to help you earn trust with SOC 2 in the US and globally.

We provide end-to-end readiness and audit services, with a cloud-native and agile approach that enables you to work at your own pace.

alab-network-countries-and-employees

You’re in great company. We work with hundreds of fast-growing software companies across 13 countries, ranging in size from 2 to 26,000 employees.

alab-network-countries-and-employees-1

You’re in great company. We work with hundreds of fast-growing software companies across 20+ countries, ranging in size from 2 to 26,000+ employees.

ESG Reporting

Is this the year you

prove your ESG impact?

Sustainability reporting (ESG) demonstrates your impacts to positively differentiate your company

AssuranceLab is a registered CPA and CA firm to issue trust-building reports globally.

We provide end-to-end readiness and audit services, with an agile approach that enables you to work at your own pace.

alab-soc2-image
Workvivo-logo
Sine-logo
Plexure-logo
salestrekker-logo
Nano-logo
Livepro-logo
Livehire-logo
Inlogik-logo
Humanforce-logo
Fileinvite-logo
Data-zoo-logo
Enboarder-logo
Dropsuite-logo
Checkbox-logo
Bravura-solutions-logo
rockt-logo
Civic Ledger Logo_Navy_Official

THE BENEFITS

Clear reasons to act

alab-international-credibility-icon

International
credibility

ESG frameworks recognised globally and connected with reputable sources

alab-customer-confort-and-trust-icon

Customer comfort
and trust

A detailed report providing transparency of your ESG commitments and achievements

alab-minimal-business-disruption-icon

Minimal business
disruption

Agile and flexible audits that help minimise the disruption

alab-choice-of-goalposts-icon

Choice of
goalposts

Optional control objectives to satisfy various aspects of your customers expectations

alab-multi-standard-compliance-icon

Multi-standard
compliance

Combine one or many standards into one audit process to achieve more with less

alab-recognition-of-partial-progress-icon

Recognition of
partial progress

The ability to achieve an ESG report
with ongoing improvements over time

THE PROCESS

Four Steps to Sustainability Reporting

left arrow right arrow
ESG Readiness Assessment

ESG Readiness Assessment

We built Pillar so you can assess your compliance with 30+ global standards. It helps you get started with a tailored view of your controls and any gaps to prepare for our compliance audits for one or more frameworks. And, Pillar is always free.

Remediation Support

Remediation Support

We guide you as you address any areas of improvement and uplift your ESG program. Our flexible and responsive team helps you work through it at your own pace to reach a point your proud to report to your stakeholders.

ESG First Report

ESG First Report

We conduct the first audit your pace to help you minimise disruption and learn through the process. Our iterative reviews and feedback helps you stay on track and achieve better ESG impacts for your company. We reach a point of compliance at the point you're happy to present the state of your ESG program to your stakeholders and issue the report accordingly.

ESG Recurring Reports

ESG Recurring Reports

We conduct annual recurring reviews to issue updated reports that show your continued commitment and improvements over time.

Get started your way.
We’re ready when you are!

FAQ

Your questions answered

What framework is used for ESG reporting?

AssuranceLab’s Environmental Social, Governance (ESG) Framework has been developed to provide a
clear, consistent and pragmatic way to report on the ESG activities of an organization using the System
and Organisational Controls (SOC) reporting standards. In comparison to other global ESG standards
like GRI, SASB and ISSB, this framework was designed to impose a lesser burden on the reporting and
maintenance of an ESG program, to make ESG reporting accessible to organisations of all sizes.

The ESG criteria we use draws from the Common Criteria of the System and Organisational Controls (SOC) 2
framework to leverage the principles of an effective control environment supporting the environmental, social and governance objectives. It then adds specific environmental and social impact criteria that are flexible to report on 500+ positive impact business activities that align to those positive impact outcomes.

How does AssuranceLab's framework compare to other global ESG standards?

We have directly mapped the AssuranceLab ESG framework to the Global Reporting Initiative (GRI) and United Nations Sustainable Development Goals (UN SDGs) so that the reports show how your positive impact activities also supports those commonly referred to global frameworks. 

The main difference in our ESG framework is that it offers far greater flexibility than other industry standards, by focusing on more general criteria that enables, without forcing, any relevant ESG activities to be reported while also including overview information that readers would be interested in to understand the holistic program. These differences allow far less cost and effort in the implementation, maintenance, audit and reporting of your ESG program to suit the majority of companies where other global ESG standards are not viable.

What are the environmental and social impact criteria?

The specific criteria we use to report on up to 500+ positive impact activities are included below. As you can see the generic nature of these allows a lot of flexibility in reporting what's relevant for any company.

E1.1: The entity specifies objectives, targets, commitments and policies in relation to the environmental impact of its business activities.

E1.2: The entity measures, monitors and improves its business activities to reduce harmful impacts and improve positive impacts on the environment.

E1.3: The entity identifies, assesses and responds to environmental risks and opportunities.

E1.4: The entity raises awareness and encourages employees to make a positive impact on the environment as part of their roles and individual actions.

S1.1: The entity specifies objectives, targets, commitments and policies in relation to the social and community impacts of its business activities.

S1.2: The entity measures, monitors and improves its business activities to reduce harmful impacts and improve positive impacts on society and the community.

S1.3: The entity assesses and improves its activities that support employee wellness, equality, diversity and inclusion in the workplace.

S1.4: The entity raises awareness and encourages employees to make a positive social impact as part of their roles and individual actions.

 

How do we get recognised for our ESG reporting?

These ESG reports generally do not contain sensitive information and can be published on your website and in other places accordingly. We also give you accreditation logos and status letters that you can use to represent your ESG reporting commitments in other marketing or RFP materials.

Many large enterprise have their own ESG obligations that incorporates their supply chain impacts. Being able to provide an ESG report to them as part of their due diligence assessment helps them satisfy their own obligations, which can help you close deals with those companies.

ESG is also a common area of interest for employees and employment candidates. You can share the report or highlight your ESG program to them, accordingly, to earn their trust and achieve positive goodwill from your commitment to areas they value personally.

Can we reduce the work involved by using a compliance platform?

ESG reporting has a large amount of overlap with security compliance and other areas of compliance based on the core focus on governance that underpins most compliance. Combining your ESG program into a compliance platform - like Pillar, and/or Drata - can help you centralise those commitments and compliance activities. We have developed our ESG framework for import into Drata where it can be continuously monitored and tracked along with many other compliance standards that overlap.

OTHER STANDARDS

Earn trust with other leading standards

alab-blended-audits-icon

Blended Audits

Combine two or more compliance frameworks into a single blended audit process without duplication to scale trust, not costs and effort.

alab-hipaa-icon

HIPAA

The de facto global and best practice standard for proving secure handling of electronic protected health information (ePHI).

alab-custom-framework-icon

Custom Frameworks

Manage any compliance obligations from customers, regulators or your own internal risk requirements with custom frameworks.

alab-iso-27001-icon

ISO 27001

An international framework to apply a structured and best practice methodology for managing information security.

alab-csa-star-icon

CSA STAR

A comprehensive, best practice standard for cloud security to achieve Level Two accreditation in the security, trust and risk (STAR) register.

alab-cdr-icon

Consumer Data Right

Access consumer data in Australia’s economy-wide open data regime with Consumer Data Right accreditation.

alab-soc1-sox-itgc-icon

SOC 1 / SOX ITGC

Satisfy publicly listed customers regulated by Sarbanes Oxley and supporting financial reporting requirements.

alab-gdpr-icon

GDPR

The global gold-standard for privacy. GDPR is regulated for personal data collected from EU citizens, and an effective framework to satisfy enterprise customers globally.

alab-soc1-sox-itgc-icon

SOC 2

Trust services criteria to satisfy a broad customer base globally for security, availability, confidentiality, privacy and processing integrity.

alab-gdpr-icon

GDPR

The global gold-standard for privacy. GDPR is regulated for personal data collected from EU citizens, and an effective framework to satisfy enterprise customers globally.

GET IN CONTACT

Get started your way

We’re ready when you are

Can’t wait?

Our free products help you get started without any fuss:

pillar-tab-button-normal

The always-free GRC platform that powers trust for hundreds of technology companies.

policytree-tab-button-normal (1)

Our 40-minute policy generator; a better alternative to cookie-cutter templates.