FAQ's

Here are answers to some of the most Frequently Asked Questions (FAQs) related to the program.

How can PRISM PRIVACY+ Certification help me grow my business?

PRISM PRIVACY+ Certified companies are eligible to compete for the business of private contracts and RFPs where PRISM PRIVACY+ Certification is required. More importantly, however, PRISM PRIVACY+ Certified service providers have the advantage of being pre-qualified as meeting the requirements of all data protection regulations. When the client understands they are legally required to verify service provider regulatory compliance, they naturally show preference to the service provider who has already verified it.

Do I have to be an i-SIGMA Member in order to be PRISM PRIVACY+ Certified?

Yes. PRISM Privacy+ Certification is a voluntary benefit of i-SIGMA Membership. Discover benefits of being an i-SIGMA Member. Those interested in joining should please contact the Membership Department for more information.

Are membership dues and the certification fees the same?

No. i-SIGMA Membership and PRISM PRIVACY+ Certification are two separate programs, with two separate fees, both of which need to be paid annually. Membership dues follow a calendar year renewal. Certification renewal fees are paid on the anniversary of your initial approval.

What happens if a company claims to be PRISM PRIVACY+ Certified but isn’t?

Please submit an ethical complaint with proof of the offense to [email protected]. The complaint will be reviewed by the Member Resolution Council. Learn more about the association’s Code of Ethics and Member Resolution Council Guidelines for how to make a formal complaint.

What is the process to become PRISM PRIVACY+ Certified?

You can apply for PRISM Privacy+ Certification by filling out & submitting the Privacy+ Certification Application. All of the criteria to become PRISM Privacy+ Certified can be found in the Certification Specifications Reference Manual.

Under the i-SIGMA audit regime, once your application is processed and certification fee is paid an auditor will be assigned who will contact you to schedule your initial audit.

You may also submit the PRISM Privacy+ Application & fee along with:
• Verification of a current SOC 2 Audit Report
or
• Current ISO 27001 Registration

How long does it take to become PRISM PRIVACY+ Certified?

Once your application & fee(s) have been received, your application will be processed as soon as possible. If using the i-SIGMA Audit Regime, an auditor will be assigned who will contact you to schedule your initial audit. The entire process can take approximately 4-8 weeks. If submitting your application & fee(s) with a compliant SOC 2 or ISO 27001, the process to have your location become Privacy+ Certified can be immediate.

Where can I find the requirements for PRISM PRIVACY+ Certification?

All criteria needed for PRISM PRIVACY+ Certification can be found in the Certification Specifications Reference Manual.

Is there someone who can help walk me through the PRISM PRIVACY+ Certification process?

The PRISM PRIVACY+ Certification Program Department are available to answer your questions and help you through the process. Contact staff anytime at [email protected] or +1 602-788-6243.

What if I don’t pass my i-SIGMA audit?

If the audit is found to be non-compliant, you’ll be contacted with a copy of the findings along with suggestions to remediate the non-compliant items. Certification is only granted to companies with a successful audit.