ThemisIQ · Methodologies

How ThemisIQ calculates,
classifies and reports.

Every number ThemisIQ produces is grounded in a recognised international standard or regulatory framework. We don't invent methodologies — we implement the ones that matter, correctly, and keep them current.

GHG ProtocolIPCC AR6TCFDIFRS S2CSRD ESRSEU AI ActNIST CSF 2.0PCAF-alignedCS3D
Emission factors and regulatory mappings are reviewed and updated annually — or immediately when a material regulatory change occurs. Last reviewed: May 2026.
Module methodology
GHG Inventory — Scope 1 & 2
GHG Protocol Corporate Accounting and Reporting Standard
Primary standard
ThemisIQ follows the GHG Protocol Corporate Accounting and Reporting Standard — the most widely used GHG accounting framework globally, required by SB 253, CDP, ESRS E1, GRI 305, and IFRS S2.
Global Warming Potentials (GWP)
ThemisIQ applies IPCC Sixth Assessment Report (AR6) 100-year GWP values by default — the latest published IPCC set — across CDP, ESRS E1, GRI 305, EcoVadis, and IFRS S2. The one exception is California SB 253, which is reported on IPCC AR4 values for consistency with CARB's existing AB 32 / Mandatory Reporting Regulation program. AR6 distinguishes fossil from non-fossil (biogenic) methane (fossil CH₄ GWP 29.8, non-fossil 27.0, N₂O 273); the correct GWP set is applied automatically based on each selected framework and stamped on every export.
Emission factors
Combustion factors are country-matched: US locations use US EPA (2024) factors, Canadian locations use Environment and Climate Change Canada (ECCC) "Emission factors and reference values" v3.0, UK locations use UK DEFRA/DESNZ (2025) Greenhouse Gas Conversion Factors for Company Reporting, and EU member-state locations use IPCC (2006 Guidelines, Vol. 2) Tier 1 default combustion factors. For Canadian locations, natural gas CO₂ is applied per province (ECCC marketable values) and reported in m³ or Mcf. For UK locations, factors follow the DEFRA published basis — natural gas reported in kWh on a gross calorific value basis — so reported combustion figures reconcile directly to DEFRA for SECR assurance; because DEFRA factors embed a fixed GWP basis, UK combustion figures are reported on that basis rather than the user-selected AR4/AR5 set. For EU locations, IPCC Tier 1 fossil-fuel defaults are applied on a metric basis (natural gas m³, liquid fuels litres); these are 100% fossil factors and therefore exclude any biofuel-blend adjustment, making them slightly conservative relative to blended national factors. Locations outside the US, Canada, UK, and EU fall back to US EPA combustion factors. Electricity factors are location-based and country-matched: eGRID 2023 (US states), ECCC NIR (Canadian provinces), DEFRA 2025 (UK), and European Environment Agency 2023 per-country generation intensities (all 27 EU member states). All factors are versioned, country-matched, and cited in exports.
Scope 2 accounting
ThemisIQ supports both location-based and market-based Scope 2 accounting, following the GHG Protocol Scope 2 Guidance dual-reporting requirement (ESRS E1 and GRI 305). Location-based figures use grid-average emission factors. Market-based figures apply a residual-mix emission factor to the electricity NOT covered by a contractual instrument (PPAs, RECs, green tariffs) — rather than deducting contracted volumes from the grid average — so emissions attributable to untracked supply are not understated. Residual-mix factors are sourced from the Association of Issuing Bodies (AIB) European Residual Mixes 2024 for EU member states, and from Green-e (2025 residual mix, 2023 data) combined with US EPA eGRID2023 for US locations, keyed by eGRID subregion. For full-disclosure jurisdictions where no residual mix is published (e.g. Austria), the location-based factor is applied with that treatment disclosed. Every market-based factor is vintage-stamped and cited in exports.
Assurance readiness
All calculation workings are documented per emission source with factor citations, unit conversions, and GWP references — aligned with ISO 14064-3 and ISAE 3410 limited assurance requirements.
Module methodology
Scope 3 — Full Value Chain
GHG Protocol Corporate Value Chain (Scope 3) Standard
Primary standard
ThemisIQ follows the GHG Protocol Corporate Value Chain (Scope 3) Accounting and Reporting Standard across all 15 upstream and downstream categories.
Calculation hierarchy
ThemisIQ applies a three-tier data quality hierarchy: (1) Supplier-specific primary data — highest accuracy; (2) Activity-based calculations using industry average factors; (3) Spend-based estimates using DEFRA and Exiobase emission intensity factors. Each category displays its data quality level in all exports.
Category 15 — Financed emissions
Category 15 financed emissions use a PCAF-aligned methodology (Partnership for Carbon Accounting Financials). Current estimates are spend-based (PCAF data-quality tier 5); ThemisIQ is not a PCAF signatory or PCAF-accredited.
Materiality
ThemisIQ applies sector-based materiality screening aligned with GHG Protocol guidance — automatically identifying which categories are likely material for your sector and flagging immaterial categories for exclusion with documented justification.
Module methodology
Climate Risk
TCFD · IPCC AR6 · IFRS S2 · ESRS E1
Scenario framework
ThemisIQ supports climate risk assessment across recognised IPCC-aligned warming pathways and NGFS finance-oriented transition scenarios. Both IFRS S2 and CSRD ESRS E1 require testing resilience across a range of scenarios rather than against a single forecast. See the Climate Risk & Materiality methodology below for the full SSP/NGFS scenario set used by the integrated risk engine.
Physical risk data
Physical risk assessments draw on IPCC AR6 Working Group I and II regional findings, peer-reviewed climate science, and published national adaptation plans. Hazard classifications follow IPCC climatic impact-driver categories and TCFD acute/chronic terminology.
Transition risk data
Transition risks are mapped to IEA Net Zero 2050 pathway milestones, EU taxonomy activity classifications, and published regulatory transition timelines. Sector-specific transition risks reflect NGFS scenario narratives and the four TCFD transition-risk categories: policy and legal, technology, market, and reputation.
Disclosure alignment
Output is structured to support TCFD four-pillar disclosure (Governance, Strategy, Risk Management, Metrics & Targets), IFRS S2 climate-related disclosures, CSRD ESRS E1 climate change requirements, and California SB 261 climate-related financial risk reporting.
Module methodology
Climate Risk & Materiality
IFRS S2 single materiality · CSRD ESRS double materiality · IPCC AR6 · TCFD
Primary standards
ThemisIQ supports two distinct materiality determination modes kept architecturally separate because they answer fundamentally different questions: IFRS S2 single (financial) materiality — how climate-related risks affect the entity's enterprise value, cash flows and access to finance — and CSRD ESRS double materiality, which retains the financial axis and adds impact materiality (how the entity affects people and the environment). Double materiality is operationalised as the union of the two axes: a topic is reportable if material on either.
Risk model
Material climate risk is modelled as the product of four factors. Physical risk = industry sensitivity × IPCC AR6 regional hazard exposure × scenario severity × time horizon. Transition risk = industry carbon exposure × jurisdictional policy intensity × scenario policy-speed × time horizon. Physical and transition geographies are deliberately distinct: physical exposure depends on where assets are; transition exposure depends on which regulatory regimes apply. A risk is flagged only where industry sensitivity intersects with real regional or jurisdictional exposure — preventing common false-positives.
Scenario framework
Scenarios use two public, widely-adopted sets. IPCC Shared Socioeconomic Pathways (SSP1-2.6, SSP2-4.5, SSP5-8.5) provide the warming dimension. NGFS scenarios (Orderly, Disorderly, Hot House) provide a finance-oriented transition dimension. Scenarios carry inverse physical and transition multipliers: high-warming pathways raise physical risk and lower transition pressure; rapid-policy pathways raise transition risk and lower physical pressure. Resilient strategy requires testing across both ends — a disclosable judgment under both IFRS S2 and ESRS.
Geographic and topic frameworks
Physical-risk geography uses the IPCC Sixth Assessment Report (AR6) Working Group I reference regions (Iturbide et al., 2020) — public, climate-science-defined land regions, not country borders. Transition risks use the TCFD four-category classification. The impact-materiality axis (CSRD mode) uses the ten ESRS topical standards: E1–E5 environmental, S1–S4 social, G1 governance.
Scoring scheme
All factor scores are held on simple ordinal scales and combined multiplicatively, then mapped to a 0–10 materiality score and a high/medium/low band. The scheme is intentionally transparent: any flagged risk or material topic can be traced to its inputs. Scoring values are starter values, independently derived from the public frameworks listed and pending entity-specific calibration. Calibration is an ongoing process; the model version active at run time is stamped on every report so users can trace outputs to the specific version that produced them.
Independent derivation
No input layer reproduces or is structured to mirror any licensed proprietary classification. Every weighting and topic mapping is traceable to its public source framework. This is a deliberate design choice documented in the full methodology specification.
Limitations
The Climate Risk & Materiality assessment is a structured screening intended to scope and support a formal IFRS S2 disclosure or CSRD double-materiality assessment. A fully compliant ESRS assessment additionally requires (a) a defined materiality threshold agreed by the entity's governance body, and (b) stakeholder engagement informing the impact-materiality axis. The tool produces the prioritisation structure but does not replace either requirement, and outputs are not a substitute for independent professional review prior to publication.
Full specification
The complete published methodology specification — framework basis, full risk model, scoring tables, calibration approach, and limitations — is available as a downloadable PDF for advisors, auditors and assurance providers conducting diligence.
Module methodology
Supply Chain & Sustainable Procurement
GHG Protocol Scope 3 · CS3D · EcoVadis Framework
Supplier risk scoring
Supplier risk scores combine country-level ESG risk (using World Bank governance indicators and climate vulnerability indices), sector risk (based on GHG Protocol Scope 3 emission intensity and CS3D high-risk sector classifications), and spend-weighted exposure.
Questionnaire frameworks
ThemisIQ questionnaire templates are aligned with EcoVadis assessment methodology (Environment, Labour & Human Rights, Ethics, Sustainable Procurement), the GHG Protocol Scope 3 Category 1 data collection requirements, CS3D Human Rights Due Diligence requirements, and the UK and Australian Modern Slavery Acts.
Scope 3 Category 1
Spend-based estimates use sector-specific emission intensity factors from DEFRA (2023) and Exiobase v3. Supplier-specific data submitted via the portal automatically supersedes spend-based estimates, improving inventory accuracy over time.
Module methodology
People & Workforce
EU Pay Transparency Directive · ESRS S1 · GRI 405
Gender pay gap methodology
ThemisIQ calculates mean and median gender pay gap figures following the EU Pay Transparency Directive (2023/970/EU) methodology — comparing ordinary pay across gender, by job category, and across the organisation. Calculations align with UK Gender Pay Gap Reporting and California Pay Data Reporting requirements.
Disclosure frameworks
Workforce metrics are mapped to ESRS S1 (Own workforce), GRI 401-410 (Labour practices and decent work), SEC Item 101 human capital disclosure requirements, and ISO 45001 occupational health and safety indicators.
Module methodology
AI Governance
EU AI Act · NIST AI RMF · ISO 42001
Risk classification
AI system classification follows the EU AI Act (Regulation 2024/1689) risk taxonomy: Prohibited (Article 5), High-risk Annex III, Limited risk (transparency obligations), and Minimal risk. Classification logic reflects the European Commission's published guidance on Annex III interpretation.
Conformity assessment
High-risk AI system requirements follow EU AI Act Articles 8-15: risk management system, data governance, technical documentation (Article 11), transparency, human oversight, accuracy and robustness. ThemisIQ maps each requirement to specific evidence items.
NIST AI RMF alignment
Governance controls are cross-referenced to the NIST AI Risk Management Framework (AI RMF 1.0) four functions: GOVERN, MAP, MEASURE, MANAGE — enabling dual EU/US framework compliance.
Regulatory status note
ThemisIQ monitors EU AI Act implementation guidance and updates its classification logic as Commission guidance evolves. The operative deadline for high-risk AI obligations remains August 2, 2026 under enacted law. A proposed amendment (AI Act Omnibus) reached political agreement in May 2026 but is not yet enacted law.
Module methodology
Cyber Governance
NIS2 · DORA · SEC Cyber · NIST CSF 2.0
NIS2 controls
Gap assessment is structured around NIS2 Directive (2022/2555/EU) Article 21 minimum security measures: risk management policies, incident handling, business continuity, supply chain security, network security, access control, cryptography, HR security, MFA, and secure communications.
DORA requirements
DORA (Regulation 2022/2554/EU) ICT risk management requirements are mapped across five pillars: ICT risk management framework, ICT-related incident management, digital operational resilience testing, ICT third-party risk management, and information sharing.
NIST CSF 2.0 alignment
All controls are cross-referenced to NIST Cybersecurity Framework 2.0 six functions: GOVERN, IDENTIFY, PROTECT, DETECT, RESPOND, RECOVER — providing a globally recognised control reference.
Module methodology
Deals & Investment
TCFD · IFRS S2 · SFDR · SBTi
ESG risk screening
Deal-level ESG risk screening combines sector-specific physical and transition climate risks (aligned with TCFD recommendations), regulatory compliance exposure by jurisdiction, and ESG governance factors — producing a weighted risk rating for investment decision support.
Compliance cost estimation
Compliance cost estimates are indicative ranges based on publicly available regulatory implementation cost data, published industry benchmarks, and ThemisIQ practitioner experience. They are not a substitute for professional legal or financial advice.
Framework alignment
Output supports IFRS S2 climate-related financial disclosure requirements, EU SFDR sustainability-related disclosure obligations, and SBTi portfolio coverage target methodologies.
Important note

This document and all outputs generated through the ThemisIQ platform are provided for informational, screening, planning, and prioritization purposes only. They do not constitute legal, regulatory, accounting, financial, assurance, investment, or other professional advice and do not, by themselves, satisfy any reporting, disclosure, filing, compliance, assurance, or certification obligation under IFRS, ISSB, CSRD, ESRS, SEC, California climate disclosure regulations, or any other framework or jurisdiction.

Platform outputs are dependent upon information provided by users and other third-party sources. ThemisIQ Compliance Inc. does not independently verify such information and makes no representation or warranty, express or implied, regarding the completeness, accuracy, reliability, suitability, or fitness for a particular purpose of any output.

Sustainability-related laws, regulations, standards, guidance, and interpretations continue to evolve. Users remain solely responsible for determining the applicability of regulatory requirements and for obtaining independent legal, accounting, assurance, and other professional advice where appropriate.

Use of the platform does not create a professional-client, advisory, assurance, accounting, consulting, fiduciary, or legal relationship with ThemisIQ Compliance Inc.

To the maximum extent permitted by law, ThemisIQ Compliance Inc., its directors, officers, employees, contractors, and affiliates shall not be liable for any direct, indirect, incidental, consequential, special, punitive, or economic damages arising from the use of, or reliance upon, any platform output.

ThemisIQ is a software platform and is not an accredited assurance provider, certification body, or regulatory authority.

Questions about our methodologies?
Our team includes practitioners who have applied these frameworks in real reporting contexts.
How we handle your data →See which frameworks apply to you →