SASB Index
The Sustainability Accounting Standards Board (SASB) standards, now part of the IFRS Foundation, enables businesses to identify, manage, and communicate information to stakeholders. The index below maps our current disclosures for relevant sustainability topics from the Software and IT Services industry standard. Guidewire has reported social and governance information cited in the SASB index for the fiscal year ended 2025 and environmental information for the fiscal year ended 20241. Social, governance, and environmental performance metrics and narrative disclosures may extend beyond these periods where relevant to our sustainability strategy and ongoing initiatives.
|
Topic |
Accounting Metric |
Code |
References and Responses |
|
Environmental Footprint of Hardware Infrastructure |
(1) Total energy consumed, (2) percentage grid electricity, (3) percentage renewable
|
TC-SI-130.a1
|
NOTE: Regarding energy consumption for hardware infrastructure, we do not operate on-premises data centers. We use a third-party data center operator (AWS). Corporate Sustainability, Climate and Energy; Products Enabling Sustainability, Sustainability Data Tables 2024 CDP Corporate Questionnaire, C7. Environmental Performance - Climate Change*
|
|
(1) Total water withdrawn, (2) total water consumed; percentage of each in regions with High or Extremely High Baseline Water Stress
|
TC-SI-130a.2
|
NOTE: Regarding water withdrawal and consumption for hardware infrastructure, we do not operate on-premises data centers. We use a third-party data center operator (AWS). Corporate Sustainability, Responsible Resource Management; Products Enabling Sustainability; Sustainability Data Tables 2024 CDP Corporate Questionnaire, C4. Governance* Environmental Policy Statement
|
|
|
Discussion of the integration of environmental considerations into strategic planning for data center needs
|
TC-SI-130a.3
|
NOTE: We do not operate on-premises data centers. Our third-party data center operator (AWS) integrates environmental considerations into strategic planning for data center needs. For additional information, please refer to our SASB TC-SI-130a.1 and TC-SI-130a.2 disclosures. Corporate Sustainability, Security and Data Privacy; Climate and Energy; Building Climate Resilience; Products Enabling Sustainability
|
|
|
Data Privacy and Freedom of Expression |
Description of policies and practices relating to behavioral advertising and user privacy
|
TC-SI-220a.1
|
NOTE: We comply with U.S. and foreign data privacy standards, including the General Data Protection Regulation (GDPR) in the EU and the U.K. and the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA), and the Colorado Privacy Act (CPA) in the U.S. Further, we hold an ISO 27701 certification. Corporate Sustainability, Security and Data Privacy Customer Data Privacy Policy**
|
|
Number of users whose information is used for secondary purposes
|
TC-SI-220a.2
|
Corporate Sustainability, Security and Data Privacy Customer Data Privacy Policy**
|
|
|
Total amount of monetary losses as a result of legal proceedings associated with user privacy |
TC-SI-220a.3
|
NOTE: We have not incurred any monetary losses as a result of legal proceedings associated with user privacy.
|
|
|
(1) Number of law enforcement requests for user information, (2) number of users whose information was requested, (3) percentage resulting in disclosure
|
TC-SI-220a.4
|
NOTE: We have a robust global privacy program, which includes regular privacy compliance training and awareness, as well as privacy governance controls, and an incidents investigation process for data privacy complaints. We take the privacy of our customers seriously as highlighted in our Customer Data Privacy Policy and we believe that any government request for data should be directed to the customer who owns and controls the data. We report any material litigation and/or governmental inquiries in our SEC filings. Customer Data Privacy Policy**
|
|
|
Data Security
|
(1) Number of data breaches, (2) percentage that are personal data breaches, (3) number of users affected
|
TC-SI-230a.1
|
NOTE: It is our policy to follow applicable U.S. and foreign laws regarding reporting breaches of customer data, including notices to individuals, regulators, and other entities. In addition, we provide information regarding data risks related to cybersecurity in our SEC filings. 2025 Annual Report on Form 10-K, Part 1. Item IA. Risk Factors, Item 1C. Cybersecurity Corporate Sustainability, Security and Data Privacy Vulnerability Disclosure Policy
|
|
Description of approach to identifying and addressing data security risks, including use of third-party cybersecurity standards
|
TC-SI-230a.2
|
NOTE: Our approach to identifying and addressing data security risks is based on third-party security standards. 2025 Annual Report on Form 10-K, Part 1. Item IA. Risk Factors, Item 1C. Cybersecurity Corporate Sustainability, Security and Data Privacy
|
|
|
Recruiting and Managing a Global, Diverse and Skilled Workforce |
Percentage of employees that require a work visa
|
TC-SI-330a.1
|
NOTE: There are instances in which members of our global workforce require a work visa. Currently, we do not publicly disclose the percentage of employees who require a work visa.
|
|
Employee engagement as a percentage
|
TC-SI-330a.2
|
Corporate Sustainability, Our People: Powering the Future of Insurance
|
|
|
Percentage of (1) gender and (2) diversity group representation
for
|
TC-SI-330a.3
|
Corporate Sustainability, Our People: Powering the Future of Insurance, Sustainability Data Tables
|
|
|
Intellectual Property Protection & Competitive Behavior
|
Total amount of monetary losses as a result of legal proceedings associated with anticompetitive behavior regulations
|
TC-SI-520a.1
|
Note: We have not incurred monetary losses as a result of legal proceedings associated with anticompetitive behavior regulations.
|
|
Managing Systemic Risks from Technology Disruptions
|
Number of (1) performance issues and (2) service disruptions; (3) total customer downtime
|
TC-SI-550a.1
|
NOTE: We host a Cloud Platform Status website for AMER, EMEA, and APAC regions with service availability updates on Guidewire Cloud Platform (GWCP). Guidewire Cloud Platform Status
|
|
Description of business continuity risks related to disruptions of operations
|
TC-SI-550a.2
|
2025 Annual Report on Form 10-K, Part I. Item lA. Risk Factors 2024 Proxy Statement, Information About the Board and Corporate Governance*** Corporate Sustainability, Security and Data Privacy; Building Climate Resilience
|
|
Activity Metric |
Code |
References and Responses |
|
|
(1) Number of licenses or subscriptions, |
TC-SI-000.A
|
NOTE: We take a cloud-first approach with respect to how we operate and innovate. We report material information on these metrics in our SEC filings. 2025 Annual Report on Form 10-K, Notes To Consolidated Financial Statements, 2. Revenue 2024 Analyst Day Presentation****
1Q25 Financial Results Conference Call
|
|
|
(1) Data processing capacity,
|
TC-SI-000.B
|
NOTE: We take a cloud-first approach with respect to how we operate and innovate. We report material information on these metrics in our SEC filings.
Form 10-Q, Item 1A. Risk Factors (1Q25)
|
|
*2025 CDP Corporate Questionnaire will be released on or around December 2025 and linked on or around February 2026.
**Company policy that we do not make publicly available.
***We expect to file our 2025 Proxy Statement with the SEC in late October 2025. Proxy Statement references and links will be updated on or around February 2026.
****We expect to hold our 2025 Analyst Day in October 2025. The Analyst Day presentation link and reference will be updated on or around February 2026.