Sustainability (Pillar: Sustainability)
The Sustainability pillar of WAF++ defines requirements, principles and measurable controls to make cloud IT operations demonstrably more environmentally responsible — and to meet the regulatory obligations of CSRD, the GHG Protocol and ESG frameworks.
Sustainability is no longer a voluntary initiative. With the EU-wide CSRD obligation starting in 2025, measuring, documenting and reducing IT emissions is a legal requirement for many organizations.
What does Sustainability mean in WAF++?
Sustainability means that an organization has demonstrable control over the following dimensions:
| Dimension | What is controlled? | WAF-SUS Control |
|---|---|---|
CO₂ Measurement |
Are emissions measured and reported per workload, region and service? |
WAF-SUS-010 |
Energy-Efficient Compute |
Are ARM/Graviton instances and current processor generations preferred? |
WAF-SUS-020 |
Green Regions |
Are regions with a high share of renewable energy selected for workloads? |
WAF-SUS-030 |
Idle Resources |
Are unused and underutilized resources systematically eliminated? |
WAF-SUS-040 |
Storage Lifecycle |
Do all storage resources have defined lifecycles and expiration rules? |
WAF-SUS-050 |
Workload Scheduling |
Are batch jobs shifted to low-emission time windows? |
WAF-SUS-060 |
Software Efficiency |
Is software designed and evaluated for energy efficiency (SCI)? |
WAF-SUS-070 |
Network Efficiency |
Are data transfers optimized: CDN, compression, VPC endpoints, same-region? |
WAF-SUS-080 |
ESG Reporting |
Is CO₂ data collection automated for CSRD/GHG Protocol? |
WAF-SUS-090 |
Sustainability Debt |
Are known sustainability gaps documented and assigned to a review cycle? |
WAF-SUS-100 |
Why is Sustainability a separate pillar?
Three developments make Sustainability a standalone architectural discipline:
1. CSRD: IT emissions are a reporting obligation
The EU Corporate Sustainability Reporting Directive (CSRD) requires large companies and listed SMEs to disclose material environmental information according to ESRS E1 (Climate Change) — including Scope 1, 2 and 3 greenhouse gas emissions.
Cloud IT services fall under Scope 3 Category 11 (use of purchased products/services from suppliers) and partially under Scope 2 (purchased energy, market-based method). Organizations subject to CSRD that do not report IT emissions risk fines and reputational damage.
2. Scope 3: Cloud IT is a measurable emission factor
Organizations with SBTi goals (Science Based Targets initiative) or net-zero commitments must reduce their entire Scope 3 GHG footprint. Cloud IT can account for 10–30% of the total Scope 3 footprint — a factor that cannot be reduced or proven without systematic measurement.
3. ESG pressure: customers, investors and partners demand evidence
ESG-conscious customers, institutional investors and procurement processes increasingly require verifiable CO₂ footprints as an award criterion. Without IT sustainability documentation, organizations are disadvantaged in enterprise procurement and financing rounds.
| Sustainability without measurement is greenwashing. CO₂ targets without a baseline are promises without substance. Lifecycle policies without CI enforcement accumulate storage debt. |
Demarcation from other pillars
-
Cost Optimization addresses: Economic governance, TCO, FinOps, budget governance. + Overlap: Efficient compute is cheaper AND greener. Eliminating idle resources saves costs AND CO₂. Sustainability and cost are aligned — but not identical: green regions can be more expensive; CO₂ offsetting is not a cost-control topic.
-
Operations addresses: Monitoring, incident response, change management, observability. + Overlap: Infrastructure monitoring provides utilization data for idle detection. But operations optimizes for availability and incident response — not for CO₂ reduction.
-
Architecture addresses: Design principles, patterns, technical architecture decisions. + Overlap: Sustainable software design (WAF-SUS-070) is an architecture topic. But the governance dimension — ESG reporting, CSRD, SBTi — is sustainability-specific.
-
Governance addresses: Policies, decision processes, compliance frameworks. + Overlap: ESG reporting is partly governance. But sustainability addresses the technical implementation of CO₂ measurement, lifecycle policies and compute efficiency — not just the policy level.
Controls Overview
The Sustainability pillar is operationalized through 10 measurable controls (WAF-SUS-010 to WAF-SUS-100).
| Control ID | Title | Severity | Automatable |
|---|---|---|---|
Carbon Footprint Measurement & Reporting |
High |
High |
|
Energy-Efficient Compute Selection |
High |
High |
|
Green Region & Carbon-Aware Workload Placement |
Medium |
Medium |
|
Idle & Underutilized Resource Elimination |
High |
High |
|
Storage Lifecycle & Data Minimization |
Medium |
High |
|
Workload Scheduling & Time-Shifting |
Low |
Medium |
|
Sustainable Software Design Standards |
Medium |
Partial |
|
Network & Data Transfer Efficiency |
Medium |
High |
|
ESG Reporting & Compliance Automation |
Medium |
Medium |
|
Sustainability Debt Register & Quarterly Review |
Low |
Low |
Quick Start
New to the Sustainability pillar? Recommended reading order:
-
Definition – What is IT sustainability as an architectural discipline?
-
Scope – What is in scope, what is not? Brownfield vs. greenfield?
-
Sustainability Principles – 7 core principles (SP1–SP7)
-
Design Principles – 8 technical design principles (SD1–SD8)
-
Controls – The 10 measurable controls (WAF-SUS-010 to WAF-SUS-100)
-
Maturity Model – Where does my organization stand?
-
Best Practices – How to implement concretely?
-
Evidence & Audit – What is needed for audits and CSRD?