Who's Really Verified? A Reality Check on Carbon Software Assurance

_Audit ready isn't assurance. This benchmark tracks software/methodology verification only, not corporate inventories or security certifications._Updated: October 9, 2025Plenty of platforms say they are "audit ready." Far fewer have an independent verifier's signature on their software methodology. This post pairs a plain English explainer with a vendor table so you can see, at a glance, who is actually verified and who is just marketing.## What "verification" means hereWe include vendors only when there is public third party verification or validation of the software/methodology used to calculate emissions, typically under ISO 14064-3 (or ISAE 3000/3410).Not included: corporate inventory verifications, SOC 2/ISO 27001 (security), or general "audit ready" claims.### Quick test for buyers- Is there a named, independent verifier? (e.g., UL Solutions, SGS, Apex, Bureau Veritas, DNV, LRQA)- Is the statement about the software/methodology itself?- Is the assurance scope and level clear? (validation/verification; limited/reasonable)## The benchmark table| Vendor | Product or module | Verified? | Standard or level | Verifier | Evidence || --------------------------------- | ---------------------------------------------------------- | :-------: | ----------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- || DitchCarbon | DitchCarbon Portal (Sustainability Information Calculator) | Yes | ISO 14064-3 (Limited assurance): Verification Opinion Declaration; plus UL Solutions 'Sustainability Information Calculator Verification' | UL Solutions | UL Solutions Verification Opinion Declaration (June 6, 2025) and program verification (June 10, 2025) || CarbonChain | Corporate and product footprint methodologies | Yes | Validated/verified as aligned with GHG Protocol | SGS (validation), Bureau Veritas (verification) | https://www.carbonchain.com/blog/carbonchain-methodology-receives-third-party-verification || Lune | Carbon calculation tool | Yes | Verified against applicable clauses of ISO 14064-1 | Interface NRM Ltd | https://docs.lune.co/lune-climate-iso14064-verification-statement.pdf || Persefoni | GHG accounting methodology (software) | Yes | ISO 14064-3 (Limited assurance): methodology validation only (excludes corporate inventory) | Apex Companies | https://persefoni-production.s3.us-east-2.amazonaws.com/docs/GLG_Persefoni_Independent_Validation_Statement.pdf || Watershed | Carbon Data Engine | Yes | ISO 14064-3 (Limited / 'moderate' assurance) | Apex Companies (independent validation) | https://storage.googleapis.com/tech-docs-watershed/Watershed-Validation-Statement-20231127.pdf || CO2 AI (BCG) | Corporate and product footprinting | No | States adherence to PACT/PEF/ISO 14067/14044; SOC 2 and ISO 27001 (security) | N/A | No public software level verification. || Carbon Interface | Emissions API | No | N/A | N/A | No public software level verification. || Climatiq | Emission factors and API | No | States 'scientifically vetted' emission factors; methodology hub | N/A | No public software level verification. || EcoVadis | Ratings and Carbon Action Module | No | External methodology committee review (not formal assurance) | External committee (advisory) | No public software level verification. || Gravity Climate | Carbon and energy management platform | No | Positions as 'audit friendly'; customers pass audits | N/A | No public software level verification. || IBM (Envizi) | Envizi ESG Suite | No | N/A | N/A | No public software level verification. || IBM EIS GHG APIs | Environmental Intelligence Suite GHG APIs | No | N/A | N/A | No public software level verification. || Manufacture 2030 | M2030 Platform | No | N/A | N/A | No public software level verification. || Normative | Carbon Accounting Methodology | No | N/A | N/A | No public software level verification. || OpenCO2 (CO2API) | Emission Factors API | No | N/A | N/A | No public software level verification. || Plan A | Platform and Methodology | No | N/A | N/A | No public software level verification. || SAP | Sustainability Control Tower | No | N/A | N/A | No public software level verification. || Sphera SCS (formerly SupplyShift) | Supply Chain Sustainability (SCS) | No | N/A | N/A | No public software level verification. || Sweep | Carbon Management Platform | No | N/A | N/A | No public software level verification. || Workiva (Sustain.Life) | Carbon / ESG Platform | No | N/A | N/A | No public software level verification. |## How to use this as a buyer- For RFPs: Require a public assurance statement for the software/methodology, including scope and level.- For CSRD/SOX alignment: Keep a copy of the statement with your audit binder and note the version/date.- For internal sign-off: Confirm your calc engine + factors align with the assured scope.## Common misconceptions- "Audit ready" is not verified. It may mean good controls, not third party assurance of the calc engine.- Inventory verification is not software verification. An auditor can verify a company's footprint without assessing the vendor's methodology.- Security certifications are not methodology assurance. SOC 2/ISO 27001 are valuable but orthogonal.