In 2018, the National Association for Information Destruction (NAID) and Professional Records and Information Services Management (PRISM) merged to create the International Secure Information Governance & Management Association (i-SIGMA). Although NAID membership has been replaced by i-SIGMA, some service providers continue to highlight NAID in their credentials. Unfortunately, this means NAID membership is often confused with NAID AAA certification, a different qualification altogether. To clear up any grey areas, i-SIGMA has retired the NAID membership logo. Here’s why it matters when you choose a provider.
What Is NAID/i-SIGMA Membership?
According to i-SIGMA, the NAID membership logo and claim are now defunct and should no longer be used by businesses. Instead, they are to refer to themselves as i-SIGMA members.
i-SIGMA is “the trade association for secure information lifecycle management.” They act as the governing body for shredding operations across the globe and oversee four key components of information management:
- Physical records and information storage
- Data protection and media vaulting
- Digitizing and scanning
- Confidential records and information destruction services
There are several tiers of i-SIGMA membership available. For example, i-SIGMA Service Provider memberships offer a number of perks, including discounted attendance to events, the ability to connect to an exclusive professional community, access to publications, and resources such as webinars and other training materials.
Importantly, however, i-SIGMA membership (formerly NAID membership) is not the same as NAID AAA certification.
What Is NAID AAA Certification?
NAID AAA Certification is a globally recognized qualification that illustrates compliance with all known data protection laws. To qualify for the certification, data destruction companies must first become active members of i-SIGMA. Yet, while an i-SIGMA member can become NAID AAA certified, not all i-SIGMA members hold this title.
Following i-SIGMA membership, prospective NAID AAA certified companies must submit an application and undergo an audit. The results will then be submitted by the NAID auditor to the Certification Review Board.
To become certified, businesses must be well-managed under standardized procedures and compliant with all applicable regulations. NAID AAA certification may apply to physical destruction or electronic media overwriting operations. There are also specific endorsements available, including on-site (mobile) or off-site (plant-based) certifications.
The Importance of Choosing a NAID AAA Certified Vendor
As you explore your options for data destruction services, it’s important to bear in mind these differences between NAID/i-SIGMA members and NAID AAA certified vendors. While there are nearly 2,500 i-SIGMA members globally, less than half are NAID AAA certified, and even fewer have the credentials for hard drive destruction and overwriting. Entrusting your end-of-life assets only with a NAID AAA certified vendor ensures you’re minimizing your risk of data leaks to the greatest possible extent, as these qualified companies are trained and equipped to destroy your data safely.
Find out more about our additional certifications and how they help keep your business and its data protected here.