Back to Frameworks
GRI Standards
International
v2023
12 domains
35 controls
Global Reporting Initiative sustainability reporting standards
Unverified
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (12)
Anti-Corruption
1 controls
| Code | Title |
|---|---|
| GRI-205-2 | Communication and Training on Anti-Corruption |
Economic
1 controls
| Code | Title |
|---|---|
| GRI-201-1 | Direct Economic Value Generated and Distributed |
Environment
3 controls
| Code | Title |
|---|---|
| GRI-302-1 | Energy Consumption Within the Organization |
| GRI-305-1 | Direct GHG Emissions (Scope 1) |
| GRI-305-2 | Energy Indirect GHG Emissions (Scope 2) |
GRI Standards: Environmental Policy & Planning
5 controls
Environmental management system planning (GRI Standards)
| Code | Title |
|---|---|
| GRI-01 | Environmental policy development |
| GRI-02 | Environmental aspects and impacts identification |
| GRI-03 | Legal and regulatory compliance obligations |
| GRI-04 | Environmental objectives and targets |
| GRI-05 | Action planning for environmental management |
GRI Standards: Operational Controls
5 controls
Environmental operational controls (GRI Standards)
| Code | Title |
|---|---|
| GRI-06 | Operational control procedures |
| GRI-07 | Emergency preparedness and response |
| GRI-08 | Resource and energy management |
| GRI-09 | Waste management and reduction |
| GRI-10 | Pollution prevention measures |
GRI Standards: Performance Evaluation
4 controls
Environmental performance monitoring (GRI Standards)
| Code | Title |
|---|---|
| GRI-11 | Environmental monitoring and measurement |
| GRI-12 | Compliance evaluation |
| GRI-13 | Internal environmental audit |
| GRI-14 | Management review of environmental performance |
General Disclosures
6 controls
| Code | Title |
|---|---|
| GRI-2-1 | Organization Details and Reporting Boundary |
| GRI-2-22 | Statement on Sustainable Development Strategy |
| GRI-2-23 | Policy Commitments |
| GRI-2-26 | Mechanisms for Seeking Advice and Raising Concerns |
| GRI-2-29 | Approach to Stakeholder Engagement |
| GRI-2-9 | Governance Structure and Composition |
Material Topics
3 controls
| Code | Title |
|---|---|
| GRI-3-1 | Process to Determine Material Topics |
| GRI-3-2 | List of Material Topics |
| GRI-3-3 | Management of Material Topics |
Materiality
1 controls
| Code | Title |
|---|---|
| GRI-DM | Double Materiality Linkage |
Sector
1 controls
| Code | Title |
|---|---|
| GRI-Sector-11 | Sector Standard Application |
Social
3 controls
| Code | Title |
|---|---|
| GRI-403-9 | Work-Related Injuries |
| GRI-405-1 | Diversity of Governance Bodies and Employees |
| GRI-413-1 | Operations with Local Community Engagement |
Universal
2 controls
| Code | Title |
|---|---|
| GRI-1-1 | Foundation and Reporting Principles |
| GRI-1-2 | Reporting in Accordance Statement |
Your Compliance Coverage
If you comply with GRI Standards, you already cover:
CSRD
20%
7 controls mapped
Compare →TCFD Recommendations
14%
5 controls mapped
Compare →ISO 14001
14%
5 controls mapped
Compare →+ 124 more: ISSB Standards (14%), EU SFDR (Sustainable Finance Disclosure Regulation) (14%)
See all 127 mapped frameworks ↓Maps to 127 other frameworks
35 total controls
CSRD
7 source controls mapped|5 target controls covered
20%
TCFD Recommendations
5 source controls mapped|5 target controls covered
14%
ISO 14001
5 source controls mapped|5 target controls covered
14%
ISSB Standards
5 source controls mapped|5 target controls covered
14%
EU SFDR (Sustainable Finance Disclosure Regulation)
5 source controls mapped|5 target controls covered
14%
NIST AI Risk Management Framework (AI RMF 1.0)
4 source controls mapped|4 target controls covered
11%
NIST AI 600-1: Generative AI Profile
4 source controls mapped|5 target controls covered
11%
EU Taxonomy Regulation (Regulation 2020/852)
4 source controls mapped|4 target controls covered
11%
EU Taxonomy Regulation
4 source controls mapped|4 target controls covered
11%
SASB Standards (ISSB Integrated)
4 source controls mapped|4 target controls covered
11%
SASB Standards
4 source controls mapped|3 target controls covered
11%
OECD AI Principles
4 source controls mapped|2 target controls covered
11%
LEED v4.1 - Green Building Rating System (US Green Building Council)
4 source controls mapped|3 target controls covered
11%
ISO/IEC 38500:2024 - Governance of IT
3 source controls mapped|1 target controls covered
9%
GLOBALG.A.P. Integrated Farm Assurance (IFA) Standard v6
3 source controls mapped|1 target controls covered
9%
OECD Guidelines for Multinational Enterprises on Responsible Business Conduct (2023 Update)
3 source controls mapped|3 target controls covered
9%
OECD Recommendation on Artificial Intelligence (2024 Update)
3 source controls mapped|2 target controls covered
9%
UNESCO Recommendation on the Ethics of AI
3 source controls mapped|3 target controls covered
9%
ISO 20400:2017 - Sustainable Procurement
3 source controls mapped|3 target controls covered
9%
ISO 26000:2010
3 source controls mapped|2 target controls covered
9%
BREEAM - Building Research Establishment Environmental Assessment Method
3 source controls mapped|3 target controls covered
9%
TNFD Recommendations
3 source controls mapped|1 target controls covered
9%
ICMM Mining Principles (2024 Update)
3 source controls mapped|1 target controls covered
9%
ISO 37000:2021 - Governance of Organizations
3 source controls mapped|2 target controls covered
9%
CDP (formerly Carbon Disclosure Project)
1 source controls mapped|1 target controls covered
3%
EU Machinery Regulation (Regulation (EU) 2023/1230)
1 source controls mapped|1 target controls covered
3%
EDM Council DCAM - Data Management Capability Assessment Model
1 source controls mapped|1 target controls covered
3%
FATF 40 Recommendations
1 source controls mapped|1 target controls covered
3%
GLI-33 - Gaming Laboratories International Event Wagering Systems
1 source controls mapped|1 target controls covered
3%
OWASP DevSecOps Maturity Model (DSOMM)
1 source controls mapped|1 target controls covered
3%
Switzerland FADP
1 source controls mapped|1 target controls covered
3%
EDM Council CDMC - Cloud Data Management Capability Framework
1 source controls mapped|1 target controls covered
3%
Ley Orgánica de Protección de Datos Personales (LOPDP)
1 source controls mapped|1 target controls covered
3%
AWS Well-Architected Security Pillar
1 source controls mapped|1 target controls covered
3%
FERPA
1 source controls mapped|1 target controls covered
3%
Law No. 172-13 on the Protection of Personal Data
1 source controls mapped|1 target controls covered
3%
ESRB Privacy Certified
1 source controls mapped|1 target controls covered
3%
FedRAMP High
1 source controls mapped|1 target controls covered
3%
NIST SP 800-53 Revision 5.1 HIGH
1 source controls mapped|1 target controls covered
3%
IRS Publication 1075
1 source controls mapped|1 target controls covered
3%
FedRAMP Moderate
1 source controls mapped|1 target controls covered
3%
NIST SP 800-53 Rev 5 MODERATE
1 source controls mapped|1 target controls covered
3%
NIST SP 800-53 Rev 5 LOW
1 source controls mapped|1 target controls covered
3%
Azure Security Benchmark
1 source controls mapped|1 target controls covered
3%
Bahrain PDPL
1 source controls mapped|1 target controls covered
3%
EU AI Act
1 source controls mapped|1 target controls covered
3%
Global Cross-Border Privacy Rules (Global CBPR) Forum
1 source controls mapped|1 target controls covered
3%
India DPDP Act
1 source controls mapped|1 target controls covered
3%
Privacy Act 1988 (Australia)
1 source controls mapped|1 target controls covered
3%
NIST Special Publication 800-34 Revision 1, Contingency Planning Guide for Federal Information Systems
1 source controls mapped|1 target controls covered
3%
Regulation on the European Health Data Space (EHDS)
1 source controls mapped|1 target controls covered
3%
ISO 22000
1 source controls mapped|1 target controls covered
3%
IEEE 7000
1 source controls mapped|1 target controls covered
3%
US Gramm-Leach-Bliley Act (GLBA) - Higher Education Safeguards Rule
1 source controls mapped|1 target controls covered
3%
NIST SP 800-190
1 source controls mapped|1 target controls covered
3%
Indiana Consumer Data Protection Act
1 source controls mapped|1 target controls covered
3%
Uruguay DPL
1 source controls mapped|1 target controls covered
3%
Mexico LFPDPPP
1 source controls mapped|1 target controls covered
3%
NIST SP 800-145
1 source controls mapped|1 target controls covered
3%
Texas Data Privacy Act
1 source controls mapped|1 target controls covered
3%
Vietnam PDPD
1 source controls mapped|1 target controls covered
3%
Kenya DPA
1 source controls mapped|1 target controls covered
3%
Kenya Data Protection Act
1 source controls mapped|1 target controls covered
3%
Malaysia PDPA 2010
1 source controls mapped|1 target controls covered
3%
EU Medical Devices Regulation (MDR 2017/745)
1 source controls mapped|3 target controls covered
3%
UK AI Regulation Framework
1 source controls mapped|1 target controls covered
3%
Singapore AI Governance Framework
1 source controls mapped|1 target controls covered
3%
New Hampshire Data Privacy Act
1 source controls mapped|1 target controls covered
3%
UK Data Protection Act 2018
1 source controls mapped|1 target controls covered
3%
Maryland Online Data Privacy Act of 2024
1 source controls mapped|1 target controls covered
3%
Privacy Act 2020
1 source controls mapped|1 target controls covered
3%
NIST SP 800-144
1 source controls mapped|1 target controls covered
3%
Philippines Data Privacy Act (RA 10173)
1 source controls mapped|1 target controls covered
3%
POPIA
1 source controls mapped|1 target controls covered
3%
LGPD
1 source controls mapped|1 target controls covered
3%
Iceland DPA
1 source controls mapped|1 target controls covered
3%
Liechtenstein DPA
1 source controls mapped|1 target controls covered
3%
ISO 45001
1 source controls mapped|1 target controls covered
3%
South Korea PIPA
1 source controls mapped|1 target controls covered
3%
New Zealand Information Security Manual (NZISM)
1 source controls mapped|1 target controls covered
3%
Philippines DPA
1 source controls mapped|1 target controls covered
3%
Iowa Consumer Data Protection Act
1 source controls mapped|1 target controls covered
3%
New Jersey Data Privacy Act
1 source controls mapped|1 target controls covered
3%
NRF Cybersecurity and Data Privacy Framework (National Retail Federation)
1 source controls mapped|1 target controls covered
3%
Oman National Cybersecurity Framework
1 source controls mapped|1 target controls covered
3%
Kentucky Consumer Data Protection Act
1 source controls mapped|1 target controls covered
3%
Minnesota Consumer Data Privacy Act
1 source controls mapped|1 target controls covered
3%
Oregon Consumer Privacy Act
1 source controls mapped|1 target controls covered
3%
Utah Consumer Privacy Act
1 source controls mapped|1 target controls covered
3%
Nigeria Data Protection Regulation (NDPR)
1 source controls mapped|1 target controls covered
3%
Nebraska Data Privacy Act
1 source controls mapped|1 target controls covered
3%
Qatar DPL
1 source controls mapped|1 target controls covered
3%
Japan AI Guidelines
1 source controls mapped|1 target controls covered
3%
Turkey KVKK
1 source controls mapped|1 target controls covered
3%
PDPA Singapore
1 source controls mapped|1 target controls covered
3%
Mauritius DPA
1 source controls mapped|1 target controls covered
3%
Tennessee IPA
1 source controls mapped|1 target controls covered
3%
PDPA Thailand
1 source controls mapped|1 target controls covered
3%
MTCS - Multi-Tier Cloud Security (Singapore)
1 source controls mapped|1 target controls covered
3%
Peru DPL
1 source controls mapped|1 target controls covered
3%
NIST SP 800-146
1 source controls mapped|1 target controls covered
3%
Saudi Arabia PDPL
1 source controls mapped|1 target controls covered
3%
ISMAP (Japan)
1 source controls mapped|1 target controls covered
3%
TEFCA - Trusted Exchange Framework and Common Agreement
1 source controls mapped|1 target controls covered
3%
UAE PDPL
1 source controls mapped|1 target controls covered
3%
ISO 27018
1 source controls mapped|1 target controls covered
3%
Personal Data Act (personopplysningsloven)
1 source controls mapped|1 target controls covered
3%
NIST Privacy Framework 1.0
1 source controls mapped|1 target controls covered
3%
MTCS (Singapore)
1 source controls mapped|1 target controls covered
3%
Indonesia PDP Law
1 source controls mapped|1 target controls covered
3%
Taiwan PDPA
1 source controls mapped|1 target controls covered
3%
ISO 27017
1 source controls mapped|1 target controls covered
3%
Rwanda DPL
1 source controls mapped|1 target controls covered
3%
Virginia CDPA
1 source controls mapped|1 target controls covered
3%
Jamaica DPA
1 source controls mapped|1 target controls covered
3%
NIST SP 800-122
1 source controls mapped|1 target controls covered
3%
Montana Consumer Data Privacy Act
1 source controls mapped|1 target controls covered
3%
GHG Protocol
1 source controls mapped|1 target controls covered
3%
IEC 62351 - Power Systems Communication Security
1 source controls mapped|1 target controls covered
3%
Security of Critical Infrastructure Act 2018 (SOCI)
1 source controls mapped|1 target controls covered
3%
ISO 56002
1 source controls mapped|3 target controls covered
3%
ISO 41001:2018 - Facility Management Systems
1 source controls mapped|3 target controls covered
3%
ISO 39001:2012 - Road Traffic Safety Management
1 source controls mapped|3 target controls covered
3%
ISO 37002:2021 - Whistleblowing Management Systems
1 source controls mapped|3 target controls covered
3%
ISO 50001:2018 - Energy Management Systems
1 source controls mapped|3 target controls covered
3%
ISO 22313:2020 - Guidance on Business Continuity Management Systems
1 source controls mapped|3 target controls covered
3%
NABERS - National Australian Built Environment Rating System
1 source controls mapped|3 target controls covered
3%
Frequently Asked Questions
What is GRI Standards?
GRI Standards is a compliance framework from International with 12 domains and 35 controls. Global Reporting Initiative sustainability reporting standards It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does GRI Standards have?
GRI Standards has 35 controls organised across 12 domains. The largest domains are General Disclosures (6 controls), GRI Standards: Environmental Policy & Planning (5 controls), GRI Standards: Operational Controls (5 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does GRI Standards map to?
GRI Standards maps to 127 other compliance frameworks. The top mapping partners are CSRD (20% coverage), TCFD Recommendations (14% coverage), ISO 14001 (14% coverage). Use our comparison tool to explore control-level mappings between frameworks.
How do I get started with GRI Standards compliance?
Start your GRI Standards compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about GRI Standards requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 35 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 700 frameworks.
Get Started Free →Free forever — no credit card required