A climate vulnerability assessment answers a straightforward question: what physical risks threaten this facility, and what could they cost? For a single building, a specialized consultant might spend weeks and charge $50,000 or more to deliver that answer. For a portfolio of 500 commercial properties spread across three continents, manual assessments are not just expensive. They are logistically impossible.
The methodology below breaks the assessment into seven discrete steps. Each step has specific data inputs, published scientific sources, and a quantifiable output. Together, they form a pipeline that moves from a raw address to an annualized dollar figure for climate-related physical risk.
Step 1: Geocode Facility Addresses
Every spatial analysis starts with coordinates. A climate vulnerability assessment requires converting each facility’s street address into a latitude-longitude pair precise enough to place it on the correct side of a flood boundary.
Coordinate precision matters more than most teams realize. A rooftop-level geocode (accuracy within 10 meters) places a warehouse inside a specific flood zone. A city-centroid geocode (accuracy within 5 kilometers) might place it in the wrong county entirely. For flood depth modeling in Step 5, even 100 meters of error can shift the estimated water level by a full meter.
| Input | Output | Why It Matters |
|---|---|---|
| Street address | Latitude, Longitude | All downstream spatial queries depend on coordinate accuracy |
| Zip/postal code | Accuracy grade (rooftop, parcel, interpolated, centroid) | Low-accuracy geocodes need manual review before flood analysis |
| Country code | Confidence score | Flags ambiguous or unresolvable addresses |
For portfolios, batch geocoding processes thousands of addresses in a single pass. Each record gets a confidence score and accuracy grade. Records below a confidence threshold get flagged for manual review before entering the risk pipeline. Try our free Zip Code to Lat/Long Converter to see coordinate conversion in action.
Continuuiti’s geocoding API validates and converts entire property registers. A portfolio of 1,000 addresses resolves in under a minute, with accuracy grades and confidence scores for every record.
Step 2: Analyze Land Use and Environmental Context
With coordinates in hand, the next step examines what surrounds each facility. Satellite-derived land cover data reveals conditions that amplify or reduce climate risk at a site.
ESA WorldCover provides 10-meter resolution land cover classification for every point on Earth. At that resolution, you can distinguish between a warehouse surrounded by impervious pavement (high runoff, flood amplification) and one bordered by grassland and tree cover (natural drainage, lower surface temperatures).
Three environmental checks matter for a climate vulnerability assessment:
Land cover classification. The ESA WorldCover dataset assigns each 10m pixel to one of 11 classes: tree cover, shrubland, grassland, cropland, built-up, bare/sparse vegetation, snow/ice, permanent water, herbaceous wetland, mangroves, and moss/lichen. A facility surrounded by 80% built-up land faces different stormwater dynamics than one in an agricultural setting.
Change detection. Comparing land use and land cover snapshots over time flags sites where significant degradation has occurred. Newly deforested land upstream of a facility increases runoff. Rapid urbanization around a site reduces natural drainage. These changes compound forward-looking risk.
Biodiversity and deforestation proximity. For organizations reporting under the TNFD framework or complying with EUDR regulations, the land cover analysis identifies sites near active deforestation fronts or within biodiversity-sensitive areas.
Every location processed through Continuuiti gets automated satellite-derived land cover analysis at 10-meter resolution via Google Earth Engine, with change detection flags generated for the full historical record.
Step 3: Review Historical Hazard Events
Before modeling what could happen in the future, check what has already happened. Historical hazard event data grounds the assessment in observed reality and builds confidence in forward-looking risk ratings.
A facility rated “High” for river flood risk carries more weight when paired with evidence of 14 flood events within 50 kilometers over the past 25 years, including three that caused over $10 million in property damage each.
Four databases provide comprehensive historical hazard coverage:
| Database | Coverage | Events | Hazard Types | Period |
|---|---|---|---|---|
| NOAA Storm Events | US (county-level) | 1.5M+ | 51 types covering 10 of 12 climate hazards | 1996-present |
| NASA COOLR | Global (156 countries) | 55,000+ | 14 landslide categories | 2000-2024 |
| Global Flood Database | Global (114 countries) | 913 | Satellite-confirmed flood events | 2000-2018 |
| EM-DAT | Global (222 countries) | 15,700+ | All natural disaster types with damage figures | 2000-present |
The query approach is spatial: draw a radius around the facility coordinates (typically 50km for US locations, 100km for international), pull every recorded event within that boundary, and group results by hazard type. For US sites, NOAA Storm Events provides county-level records with dollar damage estimates for each event. For international sites, EM-DAT fills the gap with disaster-level records covering 222 countries.
NASA COOLR adds landslide-specific coverage across 156 countries with 14 distinct categories (rockfall, debris flow, mudslide, rotational slide, and others). The Global Flood Database contributes 913 satellite-confirmed flood events with MODIS-derived flood extent maps.
Explore historical hazard data yourself: browse 913 flood events on our Historical Floods Map or 12,948 landslide events on our Landslide Risk Map.
Continuuiti’s Peril Intelligence layer cross-references all four databases for every property in a portfolio automatically. Each site receives a historical hazard profile that pairs with its forward-looking risk scores from Step 4.
Step 4: Run a 12-Hazard Physical Risk Assessment
With the site’s location validated, its environmental context mapped, and its hazard history documented, the assessment moves to forward-looking climate projections. A physical risk assessment evaluates exposure to 12 distinct climate hazards using global climate model outputs.
The data backbone is NASA NEX-GDDP-CMIP6, a bias-corrected, statistically downscaled dataset derived from CMIP6 global climate models at approximately 25km resolution. Five climate variables feed the hazard calculations: daily mean temperature, daily maximum temperature, daily minimum temperature, precipitation flux, and surface wind speed.
Each hazard is assessed across two emission scenarios and four time horizons:
| Hazard | Key Metric | Primary Data Source |
|---|---|---|
| Temperature Change | Mean temperature shift vs baseline | NEX-GDDP-CMIP6 (tas) |
| Heat Wave | Days above extreme heat threshold | NEX-GDDP-CMIP6 (tasmax) |
| Cold Stress | Days below freezing threshold | NEX-GDDP-CMIP6 (tasmin) |
| Drought | Precipitation deficit proxy (SPI analog) | NEX-GDDP-CMIP6 (pr) |
| Water Stress | Basin-level water stress index | WRI Aqueduct 4.0 |
| Precipitation Change | Annual precipitation shift vs baseline | NEX-GDDP-CMIP6 (pr) |
| Extreme Rainfall | 95th percentile daily precipitation | NEX-GDDP-CMIP6 (pr) |
| River Flood | Terrain-modified precipitation exposure | NEX-GDDP-CMIP6 + SRTM |
| Sea Level Rise | Projected SLR vs elevation above sea level | IPCC AR6 + SRTM |
| Severe Storm | Surface wind speed change | NEX-GDDP-CMIP6 (sfcWind) |
| Wildfire | Fire weather days (heat + wind + dry fuel) | NEX-GDDP-CMIP6 + WorldCover |
| Landslide | Slope gradient + rainfall trigger | SRTM + NEX-GDDP-CMIP6 (pr) |
The two SSP scenarios bracket the range of plausible futures. SSP2-4.5 represents a middle-of-the-road pathway with moderate mitigation (~2.7C warming by 2100). SSP5-8.5 represents a fossil-fuel-intensive pathway with limited climate policy (~4.4C warming by 2100). Assessing both scenarios shows how much additional risk the facility faces if global emissions remain high.
Each hazard receives a rating on a five-tier scale: Low, Moderate, High, Very High, or Extreme. A composite risk score aggregates the individual hazard ratings with geographic weighting adjustments (coastal sites weight sea level rise and storm surge higher; arid sites weight drought and water stress higher).
The output of Step 4 identifies the two or three hazards of primary concern for each facility. These “hazards of interest” drive the detailed quantitative analysis in Steps 5 through 7.
A single API call returns all 12 hazard ratings across both scenarios and all time horizons for any coordinate on Earth. Continuuiti processes portfolios of 10,000+ properties in batch, delivering a complete 12-hazard risk profile for every site.
Step 5: Model Flood Depth Across Return Periods
When the 12-hazard assessment flags river flood or sea level rise as a primary concern, the next step quantifies that risk with actual flood depth estimates in meters. Flood depth is the critical input for financial damage modeling in Step 6.
The methodology uses two satellite-derived global flood datasets in combination:
Riverine flooding uses JRC GloFAS FloodHazard v2.1 as the baseline anchor. This dataset from the European Commission’s Joint Research Centre provides flood depth at approximately 90-meter resolution globally. The baseline depth represents current-condition flood levels at each return period.
To project how flood depths change under climate warming, the methodology applies a ratio from WRI Aqueduct Flood Hazard Maps V2:
projected_depth = JRC_baseline x (Aqueduct_future / Aqueduct_historical)
This ratio approach preserves JRC’s 90-meter spatial precision while incorporating Aqueduct’s climate sensitivity from five global climate models. The median of all five models provides a robust central estimate.
Coastal flooding uses Aqueduct’s storm surge and sea level rise projections directly, with configurable parameters for SLR percentile (5th, 50th, or 95th) and land subsidence effects.
Both flood types are modeled across four return periods, two scenarios, and three future time horizons:
| Return Period | Baseline | SSP2-4.5 2050 | SSP5-8.5 2050 |
|---|---|---|---|
| RP10 (10% annual chance) | 1.2m | 1.4m | 1.6m |
| RP50 (2% annual chance) | 3.8m | 4.3m | 4.9m |
| RP100 (1% annual chance) | 5.1m | 5.8m | 6.7m |
| RP500 (0.2% annual chance) | 7.4m | 8.5m | 9.8m |
Illustrative depths for a riverine location. Actual values vary by site.
The model also flags edge cases: locations that are currently dry but become flooded under future climate scenarios (“new flood zones”), locations where JRC satellite coverage has gaps, and locations where climate models disagree significantly (high model spread).
Each location query extracts 156 data bands in a single Google Earth Engine call, covering riverine and coastal depths across every combination of return period, scenario, and time horizon. For portfolios, Continuuiti runs batch processing with parallel execution across all locations.
Step 6: Apply Damage Curves to Quantify Financial Loss
Flood depth in meters becomes meaningful to decision-makers only when translated into dollars. Depth-damage functions are the published, peer-reviewed curves that map a given water level to a percentage of building value destroyed.
Two independently published datasets provide this translation:
FEMA HAZUS 4.0 covers the United States with 196 individual depth-damage curves spanning 33 building occupancy types (residential, commercial, industrial, agricultural, institutional). Each curve provides separate structural and contents damage ratios at 29 depth points from -4 feet (basement flooding) to +24 feet. The curves originate from Federal Insurance Administration claims data and US Army Corps of Engineers field studies.
JRC Huizinga et al. 2017 provides global coverage across 214 countries with continent-specific curves for 6 building sectors (residential, commercial, industrial, agriculture, transport, infrastructure). Country-specific construction cost data converts damage ratios into EUR per square meter.
The calculation follows a clear sequence. First, adjust the raw flood depth for the building’s first floor height to determine the actual water depth inside the structure. Then look up the damage ratio on the appropriate curve. Finally, multiply by replacement value.
| Metric | HAZUS (US) | JRC (Global) |
|---|---|---|
| Flood depth above grade | 4.5 ft (1.37m) | 1.37m |
| First floor height | 1.0 ft | 0.3m |
| Depth in structure | 3.5 ft | 1.07m |
| Structural damage ratio | 18.2% | — |
| Contents damage ratio | 22.7% | — |
| Combined damage ratio | — | 31.4% |
| Structural loss | $182,000 | — |
| Contents loss | $113,750 | — |
| Total estimated loss | $295,750 | EUR 147,000 |
Illustrative calculation for a 1-story commercial building (COM4, no basement) with $1M structural replacement value and $500K contents. Riverine flood zone, RP100 depth.
For US properties, both HAZUS and JRC estimates are computed independently and returned side by side. The two are not directly comparable (HAZUS separates structure and contents; JRC combines them), but having both perspectives gives risk managers flexibility in their analysis.
Try the methodology yourself with our free Flood Damage Calculator. Enter a flood depth, building type, and replacement value to see HAZUS and JRC estimates computed in real time.
For portfolios, Continuuiti applies the correct damage curve for each asset automatically. Upload a property register with building attributes (occupancy type, stories, replacement value) and the platform matches each record to its specific depth-damage function: HAZUS for US properties, JRC for international, both when available.
Step 7: Calculate Expected Annual Damage and Compile the Audit
Individual flood scenarios produce individual loss numbers. A RP100 event at one facility might cause $296,000 in damage. But how likely is that event in any given year, and what is the annualized cost of flood risk across all return periods?
Expected Annual Damage (EAD) answers that question by integrating losses across the full range of flood frequencies using trapezoidal approximation. EAD is the single number that goes into TCFD climate risk disclosures, insurance portfolio reviews, and capital allocation decisions.
| Return Period | Annual Exceedance Probability | Estimated Damage | Trapezoidal Area |
|---|---|---|---|
| RP10 | 0.100 | $45,000 | — |
| RP50 | 0.020 | $180,000 | $9,000 |
| RP100 | 0.010 | $296,000 | $2,380 |
| RP500 | 0.002 | $520,000 | $3,264 |
| Expected Annual Damage (EAD) | $14,644/year | ||
The trapezoidal area between each pair of return periods represents the contribution of that frequency band to annualized loss. Summing all areas gives the EAD.
For this illustrative facility, the climate vulnerability assessment produces a clear financial metric: $14,644 per year in expected flood damage under baseline conditions. Run the same calculation under SSP5-8.5 2050 projections and the EAD rises, quantifying the incremental cost of climate change for this specific asset.
At the portfolio level, EAD values are aggregated and ranked. A register of 500 commercial properties produces a ranked table showing which facilities carry the highest annualized flood exposure, which hazards dominate, and how those exposures shift under different climate scenarios.
The final audit deliverable aligns with the TCFD framework’s four pillars. Governance documents the assessment methodology and data sources. Strategy presents the scenario analysis results. Risk management outlines the 7-step process and its outputs. Metrics and targets deliver the quantified climate value at risk figures that regulators, investors, and rating agencies require.
For a portfolio of 500 commercial properties, Continuuiti delivers a ranked risk register with per-property EAD, 12-hazard profiles, historical event context, and flood depth projections. The complete climate vulnerability assessment runs as a single automated batch.
Frequently Asked Questions
What is the difference between a climate vulnerability assessment and a climate risk assessment?
A climate vulnerability assessment evaluates how susceptible a facility is to climate hazards based on its exposure, sensitivity, and adaptive capacity. A climate risk assessment goes further by quantifying the probability and financial impact of those hazards. The 7-step methodology described here combines both: Steps 1-4 assess vulnerability, while Steps 5-7 quantify risk in dollar terms.
How often should facility climate assessments be updated?
Climate projections from CMIP6 models are updated on multi-year cycles, so the underlying hazard data remains stable for several years. Most organizations reassess annually for TCFD reporting purposes. Reassessment is also warranted after significant changes: new facility acquisitions, major renovations that change building characteristics, or updated climate model releases.
What data do I need to start a climate vulnerability assessment?
At minimum, you need facility addresses (for geocoding) and building occupancy type (for damage curve selection). For more precise results, include building stories, basement presence, replacement value, and contents value. The climate hazard data, flood depth models, and damage curves are sourced from public scientific datasets and do not require proprietary data inputs.
Can climate vulnerability assessments be automated for large portfolios?
Yes. Each step in the methodology uses structured data inputs and published scientific models, making the entire pipeline automatable. Platforms like Continuuiti process the full 7-step assessment for thousands of properties in a single batch, from geocoding through EAD calculation, using satellite data from Google Earth Engine and peer-reviewed damage functions from FEMA HAZUS and JRC.
What frameworks require climate vulnerability assessments?
TCFD recommends physical risk assessment as part of its Strategy and Risk Management pillars. ISSB’s IFRS S2 requires disclosure of climate-related physical risks. CDP’s climate questionnaire asks for physical risk assessment results. California’s SB 261 mandates climate risk reports for large companies. The EU’s CSRD requires double materiality assessments that include physical climate risk.
How much does a climate vulnerability assessment cost?
Traditional consulting-led assessments range from $25,000 to $100,000+ per site depending on scope, taking weeks to deliver. Automated platforms reduce the cost per location to a fraction of that by using satellite data and published models instead of on-site fieldwork. For portfolios, the per-property cost drops further with batch processing.
