Quick Read
Boards must evolve from passive compliance observers to active strategic leaders in non-financial assurance across environmental, social, human rights, cybersecurity, and circular economy domains, as regulators globally now mandate third-party assurance on sustainability data and material risks. Most organisations have developed reporting capability but lack the internal governance structures, specialist expertise, and rigorous oversight frameworks needed to ensure non-financial data is accurate, complete, and decision-relevant. This guide equips board and audit committee members with practical guidance on why these domains belong at the board table, what genuine assurance requires, and how to build credible governance and assurance strategies.
Executive Summary
The governance landscape has fundamentally changed. Environmental performance, human rights practices, cybersecurity resilience, and circular economy metrics are no longer peripheral concerns managed deep within operational teams. They are material risks and strategic opportunities that demand board-level ownership, structured oversight, and credible, independent assurance.
Yet most boards and audit committees are not yet equipped to govern these topics with the same rigour applied to financial matters. The skills, frameworks, and assurance methodologies required are genuinely different — and in many cases, far more technically complex — than those underpinning financial reporting.
This whitepaper is a practical guide for board members and audit committee members who want to lead with confidence on non-financial assurance. It explains why these domains belong at the board table, what genuine assurance requires, why specialist expertise beyond traditional accounting is essential, and how to build a credible strategy and execute it.
Speeki works with boards and organisations globally to build the systems, governance frameworks, and assurance capability needed for this new era. This guide reflects that experience.
Key takeaway: Non-financial assurance is not a simplified version of financial audit. It requires domain-specific scientific, technical, and operational expertise that accounting firms alone may not possess. Boards that recognise this — and act on it — will lead. |
1. The Board's New Frontier
Over the past decade, non-financial reporting has transformed from a voluntary communications exercise into a core governance obligation. Regulators across the European Union, the United Kingdom, the United States, Australia, and major markets across Asia have introduced or are advancing mandatory requirements for disclosure of environmental, social, governance, and supply chain data.
The Corporate Sustainability Reporting Directive (CSRD) in Europe now requires third-party assurance on sustainability information — beginning with limited assurance and progressing toward reasonable assurance over time. The International Sustainability Standards Board (ISSB) has issued disclosure standards that are being adopted globally. Major stock exchanges are embedding non-financial disclosure requirements into listing rules. Institutional investors are incorporating non-financial data into capital allocation decisions.
These are not temporary trends. They represent a structural shift in what it means to govern an organisation responsibly. And yet the governance infrastructure within most companies has not kept pace.
The Gap Between Disclosure and Governance
Many organisations have developed the ability to produce non-financial reports and disclosures. Far fewer have built the internal governance structures to ensure that data is accurate, complete, and decision-relevant — and fewer still have subjected it to rigorous independent assurance.
This distinction matters enormously. Producing a sustainability report is a communications function. Governing the underlying performance, systems, and data with the same discipline applied to financial reporting is a governance function. Boards and audit committees are responsible for the latter, not just the former.
The encouraging news is that boards do not need to become technical experts themselves. What they need to do is understand the strategic importance of these domains, ask the right questions, demand credible assurance, and ensure the right expertise surrounds the organisation.
Why Non-Financial Is Now a Strategic — Not Operational — Matter
The instinct to treat environmental, social, and cybersecurity matters as operational is understandable but increasingly untenable. Consider the following:
A failure to manage Scope 3 greenhouse gas emissions can result in loss of major customers who are under pressure from their own disclosure requirements.
Inadequate supply chain human rights diligence can trigger regulatory penalties, litigation, and reputational damage affecting market capitalisation.
A material cybersecurity breach can destroy shareholder value, trigger regulatory investigation, and expose directors to personal liability.
Failure to demonstrate circular economy credentials can close off access to capital as lenders and investors apply sustainability screens.
These are not operational inconveniences. They are strategic and financial risks of the first order — and they belong firmly within the board's oversight remit.
2. Understanding What Assurance Really Requires
The word 'assurance' is familiar to every finance professional and board member. In the financial context, it describes a structured process by which an independent party evaluates financial statements against established accounting standards and provides a conclusion on their accuracy and completeness.
Non-financial assurance follows the same logical architecture: a practitioner evaluates non-financial information against a defined framework or standard and issues a conclusion. However, the technical complexity of non-financial domains is vastly greater than is commonly understood.
The Two Levels of Assurance
It is important for board members to understand the distinction between the two primary levels of assurance engagement:
Limited Assurance | The practitioner performs sufficient procedures to conclude that nothing has come to their attention that causes them to believe the information is materially misstated. This is the current baseline required under CSRD and most early-stage frameworks. |
Reasonable Assurance | The practitioner performs extensive procedures — equivalent in rigour to a financial audit — and positively concludes that the information is presented fairly and free from material misstatement. This is the direction of regulatory travel and will increasingly be required for larger organisations. |
The Technical Depth Behind Non-Financial Assurance
Unlike financial reporting, which rests on a unified global accounting framework (IFRS or GAAP), non-financial assurance spans multiple distinct scientific and technical disciplines. An assurance provider working on environmental metrics must understand atmospheric chemistry. One working on cybersecurity must understand information security architecture. One working on human rights must understand international law and supply chain mapping methodologies.
Important: A qualified financial auditor is not automatically qualified to provide credible assurance over greenhouse gas emissions, cybersecurity controls, or human rights due diligence. These domains require specialist knowledge that is genuinely different — and often significantly more technically demanding — than financial audit expertise. |
Why Specialist Expertise Is Essential — And Why Accounting Firms Are Not Always the Answer
The question of who provides non-financial assurance is one that boards should examine carefully rather than assume. The natural instinct may be to extend the engagement of the incumbent financial auditor into the non-financial space. There are circumstances where this is reasonable — for example, where assurance scope is limited and the firm has invested in developing genuine non-financial competencies.
However, boards should be alert to a significant risk: the credibility and quality of non-financial assurance depends on the genuine technical expertise of the practitioner, not on the brand name of the firm. Large accounting firms are increasingly hiring specialists, but the depth of expertise available — and the methodology applied — varies considerably.
In a number of critical non-financial domains, specialist assurance bodies and technical consultancies with deep domain experience may provide more rigorous, more credible, and more value-adding assurance than a generalist accounting firm working at the boundary of its competence. The board's job is to ask hard questions about this and ensure that whoever provides assurance is genuinely qualified to do so.
Questions the Audit Committee Should Be Asking |
What specific technical qualifications does our assurance provider hold in each non-financial domain? |
Has the provider demonstrated competence in the specific frameworks we use — GHGP, ISO 14064, ISO 27001? |
Are the individuals performing the engagement — not just the firm — genuine domain experts? |
Can our provider credibly evaluate measurement methodology, sensor calibration, and calculation models? |
What is the basis for the assurance conclusion, and could we defend it to a regulator or investor? |
3. The Four Critical Domains
The following sections examine four non-financial domains in depth: Environment and Climate, Human Rights and Social, Cybersecurity and Data, and Circular Economy. For each domain, we explain the strategic importance for boards, the technical complexity of assurance, the key frameworks involved, and the expertise genuinely required.
1 | Environment & Climate GHG Protocol, Scope 1, 2 and 3 emissions, climate risk governance |
Why This Is a Board Matter
Climate-related financial risk is now a mainstream governance concern. Mandatory climate disclosure requirements — under CSRD, California's Climate Corporate Data Accountability Act (SB 253) and Climate-Related Financial Risk Act (SB 261), New York's forthcoming climate disclosure legislation, TCFD-aligned frameworks, and a rapidly expanding body of US state-level and international regulations — require boards to understand, oversee, and attest to the accuracy of their organisations' greenhouse gas emissions data and climate risk assessments.
The financial materiality of climate risk is no longer theoretical. Stranded assets, carbon pricing exposure, transition risk from shifting regulatory and market conditions, and physical risk from climate change are directly affecting business valuations. Boards that treat climate as a communications exercise rather than a governance priority are exposed.
The Technical Complexity of GHG Assurance
The Greenhouse Gas Protocol (GHGP) — the most widely used international accounting framework for greenhouse gas emissions — provides a seemingly straightforward structure: Scope 1 (direct emissions), Scope 2 (purchased energy), and Scope 3 (value chain emissions across 15 categories). In practice, the technical complexity involved in calculating, measuring, and providing credible assurance over these numbers is substantial.
Technical Reality: What GHG Assurance Requires |
Scope 1: Facility-level measurement requires understanding of combustion chemistry, fuel composition analysis, emission factors, and the calibration and maintenance of continuous emissions monitoring systems (CEMS). |
Scope 2: The choice between location-based and market-based accounting approaches requires understanding of energy attribute certificates (EACs), power purchase agreements (PPAs), and grid emission factors. |
Scope 3 Category 1 (Purchased Goods & Services): Requires supplier-specific data collection, economic input-output modelling, and spend-based estimation methodologies. |
Scope 3 Category 11 (Use of Products): Requires product lifetime energy consumption modelling and consumer usage pattern analysis. |
Verification methodology under ISO 14064-3 requires understanding of materiality thresholds, sampling methodologies, and the mathematical validation of emission factor calculations. |
An assurance practitioner working in this space must be capable of critically evaluating the measurement methodology, not merely checking whether numbers add up. They must understand whether an emission factor is appropriate for the facility type, whether a sensor is calibrated correctly, whether a Scope 3 boundary definition is defensible, and whether the uncertainty range around a calculation is acceptable.
ISO 14064-3 (Specification with guidance for the validation and verification of greenhouse gas statements) sets out the formal requirements for GHG verification. It requires the verifier to have competence in atmospheric science, emission measurement, and statistical sampling — competencies that require dedicated training and experience beyond financial audit preparation.
What the Board Should Demand
Confirmation that Scope 3 boundaries and materiality thresholds have been defined and documented — and challenged by independent experts.
Evidence that the assurance provider has independently verified calculation methodologies, not merely traced data to spreadsheets.
A clear position on the organisation's alignment with science-based targets (SBTs) and the robustness of the evidence base.
Understanding of where estimation and uncertainty exists within the GHG inventory and how this is disclosed.
2 | Human Rights & Social Supply chain due diligence, modern slavery, ISO 26000, UNGPs |
Why This Is a Board Matter
Human rights due diligence is no longer a voluntary best practice. The EU Corporate Sustainability Due Diligence Directive (CSDDD), the German Supply Chain Due Diligence Act, the French Duty of Vigilance Law, and the UK Modern Slavery Act are among a growing body of mandatory legislative requirements that create direct board-level obligations to identify, prevent, mitigate, and account for adverse human rights and environmental impacts in global supply chains.
The UN Guiding Principles on Business and Human Rights (UNGPs) — endorsed by all UN member states — articulate the expectation that boards bear responsibility for their organisation's respect for human rights across the full value chain. Courts are beginning to hold directors personally liable for systematic failures of oversight.
The Technical Complexity of Human Rights Assurance
Human rights due diligence assurance requires expertise in international human rights law, supply chain mapping methodology, social audit practice, and geopolitical risk analysis. It is not a process that can be conducted by reviewing policies and procedures in head office.
ISO 26000 (Guidance on Social Responsibility) provides a framework for understanding human rights obligations in a business context, but it is a guidance standard rather than a certifiable management system standard. More specific frameworks — including the OECD Due Diligence Guidance for Responsible Business Conduct and sector-specific instruments — govern practice in this space.
Genuine assurance over human rights performance may require: on-site facility audits in supplier locations, worker interviews conducted in local languages by trained practitioners, analysis of recruitment fee practices, review of grievance mechanism effectiveness, and mapping of sub-tier supply chain risks in high-risk regions.
Board reality check: A company with a tier-1 supply chain in multiple countries and tier-2 and tier-3 suppliers extending into high-risk regions may require multi-country, multi-language specialist audit teams to produce credible assurance. This is not work that can be delegated to a generalist financial audit team. |
What the Board Should Demand
Evidence of genuine supply chain mapping — not just a list of tier-1 suppliers — and risk prioritisation methodology.
Confirmation that the organisation's salient human rights issues have been identified through a robust prioritisation process.
Assurance from providers with verifiable expertise in social audit methodology, international labour standards, and human rights law.
A functioning grievance mechanism accessible to affected workers and communities, with evidence of uptake and resolution.
3 | Cybersecurity & Data ISO 27001, information security governance, board-level cyber risk |
Why This Is a Board Matter
Cybersecurity has crossed the threshold from a technology management issue to a board-level governance obligation. Regulators are explicit: the US Securities and Exchange Commission requires public companies to disclose material cybersecurity risks and incidents, and to describe board oversight of cybersecurity risk. The EU's NIS2 Directive places direct obligations on management bodies — including boards — for cybersecurity governance, with personal liability consequences for failures.
The financial consequences of cyber events are well documented. Ransomware attacks, data breaches, operational technology compromises, and supply chain cyber incidents can generate losses across multiple categories simultaneously: regulatory fines, litigation, operational disruption, reputational damage, and direct remediation costs.
The Technical Complexity of Cybersecurity Assurance
ISO/IEC 27001 is the leading international standard for information security management systems (ISMS). Certification against ISO 27001 requires a certified auditor with specific competence in information security — not general management systems auditing. The standard covers 93 controls across organisational, people, physical, and technological domains, and assurance requires the ability to evaluate technical controls including network segmentation, access management, cryptographic policy, incident detection capabilities, and vulnerability management processes.
Beyond ISO 27001, boards in critical infrastructure sectors must understand sector-specific frameworks such as NIST CSF 2.0, which introduced the GOVERN function as a dedicated sixth core function in its 2024 revision. The GOVERN function places explicit responsibility on senior leadership and boards to establish and communicate cybersecurity risk governance, strategy, and oversight — making it directly relevant to audit committee obligations. IEC 62443 governs operational technology environments, and boards should understand the specific cyber risk dimensions relevant to their industry. Providing genuine assurance over whether an organisation's cybersecurity posture is effective requires practitioners who can conduct technical assessments — penetration testing, red team exercises, threat modelling — not merely document reviews.
The Governance Assurance Distinction |
ISO 27001 certification tells you a management system exists and conforms to the standard. |
It does not tell you whether the organisation's defences would withstand a sophisticated threat actor. |
Boards should demand both: management system assurance AND evidence-based technical security testing. |
These are two different types of engagement requiring different types of expertise. |
What the Board Should Demand
Regular independent technical security assessments — not just management system certification — with board-level reporting on findings.
A clear articulation of the organisation's cyber risk appetite and evidence that controls are calibrated against it.
Defined incident response and recovery capability, with evidence from tested exercises, not theoretical plans.
Board-level education on the cyber threat landscape relevant to the organisation's sector and geographic footprint.
4 | Circular Economy & Waste Material flows, LCA, ISO 14040/14044, waste metrics, resource efficiency |
Why This Is a Board Matter
The circular economy represents one of the most significant structural opportunities and risks facing business over the coming decades. Resource scarcity, extended producer responsibility legislation, material cost volatility, and shifting consumer expectations are converging to make circular economy performance a material business issue — not merely an environmental preference.
The EU Circular Economy Action Plan and related product regulations are creating mandatory requirements around recycled content, repairability, product lifetime extension, and end-of-life management across a widening range of product categories. Similar momentum is building in the UK, the US, and across Asia-Pacific. Boards need to understand their organisation's exposure and opportunity in this landscape.
The Technical Complexity of Circular Economy Assurance
Circular economy metrics span a breadth of technical disciplines that challenge the limits of any single professional domain. Consider three examples:
Life Cycle Assessment (LCA), governed by ISO 14040 and ISO 14044, is the primary methodology for evaluating the environmental impacts of products across their full lifecycle — from raw material extraction through manufacture, use, and end-of-life. Conducting and assuring an LCA requires expertise in systems thinking, material science, industrial ecology, and environmental impact modelling. An LCA practitioner must understand functional unit definition, system boundary decisions, allocation methodology for co-products, and the selection and application of appropriate lifecycle inventory databases.
Material flow analysis (MFA) requires understanding of physical mass balance, waste composition analysis, and the ability to track materials through complex supply chains and production processes. Assuring that material flow data is accurate requires practitioners who can evaluate mass balance calculations, sampling methodologies for waste composition analysis, and the treatment of process losses.
Recycled content claims — increasingly mandated or regulated in product specifications — require chain of custody verification from source through processing and manufacturing. This involves physical inspection, documentary verification, and understanding of recycling technology processes. It is distinctly not a financial audit process.
Technical example: A manufacturer claiming 30% post-consumer recycled content in a product must be able to demonstrate this through a documented chain of custody from the recycling facility through each stage of processing and manufacturing. Assuring this claim requires a practitioner who understands recycling technology, material testing methods, and chain-of-custody certification standards — skills that are genuinely distinct from financial audit competence. |
What the Board Should Demand
A clear articulation of circular economy metrics included in reporting and the methodology underlying each.
Evidence that material flow and recycled content claims are supported by independently verified chain-of-custody documentation.
Where LCA methodology is applied, confirmation that it conforms to ISO 14040/14044 and has been independently critically reviewed.
A strategic view of circular economy as a value creation opportunity — not merely a compliance obligation.
4. Structuring the Board for Non-Financial Oversight
Building effective board oversight of non-financial performance requires deliberate structural choices. The following areas deserve immediate attention from boards and audit committees.
Audit Committee Scope Expansion
Historically, the audit committee's remit has centred on financial reporting, internal controls, and external audit. An increasing number of leading boards are formally extending the audit committee's mandate to include non-financial reporting oversight and assurance. This is the logical home for non-financial assurance oversight — because the skills, processes, and governance questions are analogous.
Where the volume and complexity of non-financial matters warrants it, some boards are establishing a separate sustainability or ESG committee. Either approach can work, but what matters is that there is clear, documented board-level accountability for non-financial assurance — not merely delegation to management.
Board Composition and Non-Financial Expertise
The board's ability to exercise genuine oversight is limited by its collective expertise. Boards that contain only financial and legal expertise are poorly positioned to provide meaningful challenge on scientific, technical, or operational non-financial matters. Progressive boards are actively seeking to recruit directors with genuine non-financial domain expertise — whether in environmental science, information security, human rights, or supply chain management.
Where board composition cannot be changed immediately, a practical interim approach involves establishing a formal advisory structure that gives the board access to domain expert input on a regular basis. The key is that this access is structured, not ad hoc.
Management Reporting to the Board
The board can only govern what it can see. Effective non-financial governance requires a management information framework that gives the board regular, comparable, and decision-relevant non-financial performance data. This means moving beyond annual report disclosures to quarterly or even more frequent board reporting on key non-financial metrics.
The design of this reporting framework is itself a governance task. It should be developed with input from the board, not merely presented as a fait accompli by management. Key decisions include which metrics to track, at what frequency, with what level of granularity, and against what targets or benchmarks.
5. Choosing the Right Assurance Partners
The selection of assurance providers for non-financial information is one of the most consequential governance decisions a board will make in this space. It deserves the same rigour applied to the selection and oversight of the financial auditor.
The Assurance Provider Landscape
The market for non-financial assurance is fragmented and, to date, less regulated than financial audit. Providers include:
Big Four and major accounting firms | Expanding non-financial practices. Variable quality across domains. Increasingly regulated under CSRD assurance requirements. Best suited where regulatory standardisation drives toward audit-analogous processes. |
Specialist sustainability assurance firms | Deep expertise in specific frameworks. May lack the scale or regulatory authorisation for comprehensive CSRD assurance in some jurisdictions. Often provide higher technical depth than generalist firms. |
Technical verification bodies | Sector-specific expertise — particularly in emissions verification (ISO 14064), product certification, and supply chain auditing. Essential for credible domain-specific assurance. |
Internal audit | Can provide valuable first-line assurance over controls and processes. Cannot provide independent external assurance. Should be part of an integrated assurance model. |
A Framework for Provider Assessment
When evaluating assurance providers, boards and audit committees should assess them against the following criteria:
Domain-specific technical competence of the engagement team — not just the firm. Ask for CVs and qualifications of the individuals who will perform the work.
Accreditation and registration under relevant schemes — for example, ANAB-accredited bodies for ISO 14064 GHG verification, or regulatory authorisation under CSRD assurance requirements.
Methodology transparency — the ability to explain in plain terms exactly how they will evaluate each metric and what evidence they will examine.
Independence — both formal independence from management and the absence of consulting relationships that might compromise objectivity.
Track record — evidence of comparable engagements and, where possible, references from peer organisations.
Value-adding insight — the best assurance engagements don't just provide a conclusion; they surface improvement opportunities. The provider should demonstrate they can do both.
A board that selects its non-financial assurance provider on the basis of existing audit relationships alone, without evaluating technical competence in each domain, is not fulfilling its governance obligations. The question is not who is convenient — it is who is genuinely qualified. |
6. A Practical Roadmap: From Awareness to Assurance Excellence
Building board-level non-financial assurance capability is a multi-year journey. The following phased roadmap gives boards a practical, staged approach to building genuine competence, credibility, and value.
Phase | Focus | Key Actions |
Phase 1 (Months 1–3) | Foundation | • Board skills audit and gap analysis • Map existing non-financial data flows • Identify internal domain champions • Commission materiality assessment |
Phase 2 (Months 4–6) | Structure | • Establish or expand Audit Committee remit • Define non-financial assurance scope • Issue RFP for specialist assurance providers • Develop board reporting framework |
Phase 3 (Months 7–12) | Execution | • First-cycle limited assurance engagement • Implement data quality controls • Board education programme on technical domains • Publish integrated assurance statement |
Year 2+ | Maturity | • Reasonable assurance on priority metrics • Embed domain experts in committee cycle • Multi-year assurance roadmap published • Continuous improvement mechanism |
Accelerating the Journey: Where Speeki Can Help
Speeki has developed a comprehensive assurance and technology platform specifically designed to help organisations build the governance infrastructure, data systems, and assurance readiness required for credible non-financial assurance.
From building the underlying data management systems that assurance practitioners can rely on, to delivering independent non-financial assurance engagements across environmental, social, cybersecurity, and circular economy domains — Speeki combines technology and deep domain assurance expertise at every stage of the journey.
Our assurance practice operates with the technical rigour each non-financial domain demands — understanding GHG measurement methodology, supply chain audit requirements, information security controls, and lifecycle assessment standards with the same depth expected of any credible specialist assurance body.
7. Conclusion: Leading from the Front
Non-financial assurance is not a compliance burden to be managed defensively. It is an opportunity for boards to demonstrate genuine leadership — to show stakeholders, regulators, investors, employees, and communities that the organisation's non-financial commitments are real, measurable, and independently verified.
The boards and audit committees that move earliest to build genuine capability in this space will have a significant advantage. They will attract patient capital from investors who increasingly screen on ESG governance quality. They will be better positioned to navigate regulatory requirements as assurance mandates expand. They will build the internal culture and systems that drive actual performance improvement — not just reporting improvement.
But seizing this opportunity requires honesty about the current state. Most boards are not yet ready to govern non-financial assurance with the rigour these domains deserve. The skills gap is real. The tendency to delegate to management — or to default to the existing financial auditor — is understandable but insufficient.
The path forward is clear: expand the board's mandate, develop the expertise, choose assurance partners on the basis of genuine domain competence, and build toward a comprehensive, integrated assurance model that gives all stakeholders confidence in the organisation's non-financial performance.
The board that governs non-financial performance with the same rigour as financial performance is the board that is ready for the next decade of business. |
Key Standards & Frameworks Referenced in This Whitepaper |
Greenhouse Gas Protocol (GHGP) — Corporate Accounting and Reporting Standard; Corporate Value Chain (Scope 3) Standard |
ISO 14064-3 — Greenhouse gases: Specification with guidance for the validation and verification of GHG statements |
ISO 14040 / ISO 14044 — Environmental management: Life cycle assessment principles, requirements and guidelines |
ISO/IEC 27001 — Information security, cybersecurity and privacy protection: Information security management systems |
ISO 26000 — Guidance on Social Responsibility |
UN Guiding Principles on Business and Human Rights (UNGPs) |
EU Corporate Sustainability Reporting Directive (CSRD) and European Sustainability Reporting Standards (ESRS) |
EU Corporate Sustainability Due Diligence Directive (CSDDD) |
IFRS Sustainability Disclosure Standards (ISSB) — IFRS S1 and IFRS S2 |
NIST Cybersecurity Framework (CSF) 2.0 — including the GOVERN function for board-level cybersecurity oversight |
IEC 62443 — Security for industrial automation and control systems |
EU Circular Economy Action Plan and related product regulations |
Speeki Speeki is a non-financial assurance and technology company. We combine an intelligent technology platform with deep domain assurance expertise across environmental, social, human rights, cybersecurity, and circular economy performance. We provide independent non-financial assurance engagements and the underlying technology infrastructure that organisations need to generate accurate, reliable, and auditable non-financial data — giving boards, audit committees, investors, and regulators the confidence they require. To learn more about Speeki's assurance and technology capabilities, visit speeki.com or contact our team. © 2025 Speeki. This whitepaper is for informational purposes only and does not constitute legal, regulatory, or professional advice. |