The NAID AAA Certification® Program for secure information destruction operations has been around since 2000 (six years after the association’s founding). Here are answers to some of the most Frequently Asked Questions (FAQs) related to the program.

How can NAID AAA Certification help me grow my business?

NAID AAA Certified companies are eligible to compete for the business of thousands of private secure destruction contracts and RFPs, and hundreds of government offices where NAID AAA Certification is required. More importantly, however, NAID AAA Certified service providers have the advantage of being pre-qualified as meeting the requirements of all data protection regulations. When the client understands they are legally required to verify service provider regulatory compliance, they naturally show preference to the service provider who has already verified it.

Does NAID AAA Certification help me with my long-term exit strategy?

Yes. Any business broker or potential buyer will tell you that the value of your company is more when you can show that it is well-managed under standardized procedures, that it is compliant with regulations, and that it holds contracts that based on its credentials.

To what types of secure destruction operations does NAID AAA Certification apply?

NAID AAA Certification applies to all types of secure destruction operations and is divided into two separate programs: one that applies to physical destruction operations and another that applies to electronic media overwriting operations. Within each program, there are “endorsements” that further define the specific nature of the certification. These endorsements indicate whether a firm is certified for on-site (mobile) or off-site (facility-based) services, the types of media it is certified to destroy (paper, hard drives, micromedia). There is even an endorsement for meeting Australian Protective Security Policy Framework which is recognized by government offices there.

Do I have to be an i-SIGMA Member in order to be NAID AAA Certified?

Yes. NAID AAA Certification is a voluntary benefit of  i-SIGMA Membership. Discover benefits of being an i-SIGMA Member. Those interested in joining should please contact the Membership Department for more information.

Are membership dues and the certification fees the same?

No. i-SIGMA Membership and NAID AAA Certification are two separate programs, with two separate fees, both of which need to be paid annually. In order to be NAID AAA Certified, you must be an i-SIGMA Member in good standing. Therefore, all membership dues must be maintained in order to be NAID AAA Certified. Membership dues follow a calendar year renewal. Certification renewal fees are paid on the anniversary of your initial approval.

What is the Member Resolution Council (MRC)?

The Member Resolution Council is the governing board of NAID AAA Certification. They are responsible for approving/denying certification and can assess points or fines to the members for discrepancies found during their audits.

What happens if a company claims to be NAID AAA Certified but isn’t?

Please submit an ethical complaint with proof of the offense to [email protected]. The complaint will be reviewed by the Complaint Resolution Council. Learn more about the association’s Code of Ethics and Complaint Resolution Council Guidelines for how to make a formal complaint.

What is the process to become NAID AAA Certified?

Once you are an Active Member of i-SIGMA you can apply for NAID AAA Certification. Please submit the appropriate certification application along with the applicable fees to [email protected]. Once the application is completed, it will be assigned to a i-SIGMA auditor. The auditor will contact you to schedule the audit. They will report their findings back to i-SIGMA. If approved, you will receive an email notification along with NAID AAA Certification assets, be listed in the i-SIGMA Directory as certified, and receive a certificate showing your status.

How long does it take to become NAID AAA Certified?

Once i-SIGMA receives a completed application, NAID AAA Certification typically takes 4-8 weeks (slightly longer for electronic media erasure certification). Often, applications are not submitted complete.

What is the difference between Mobile Operations and Facility-based Operations?

Mobile Operations is completed via industrial destruction equipment in a mobile vehicle at the customer’s site to allow the customer the opportunity to witness the destruction taking place, if they chose to do so. Facility-based Operations is completed via stationary equipment in a secured building.

What is the difference between a Collection Facility and a Transfer Processing Station (TPS)?

A Collection Facility and a TPS are both temporary secured locations, where the confidential material is stored prior to being destroyed via a Facility-based Operation. A Collection Facility must abide by the same requirements as a Facility-based Operation, with the exception of the destruction equipment and CCTV system. With a Collection Facility, the confidential material is not processed and therefore the bins are secured at all times and never opened. The confidential material must be transferred to the Facility-based Operation within 3 business days for destruction. A TPS must abide by the same requirements as a Facility-based Operation, with the exception of the destruction equipment. With a TPS, the confidential material is able to be processed and therefore a TPS must be audited. The confidential material must be transferred to the Facility-based Operation within 15 business days for destruction.

What if the Customer at an onsite job doesn’t want to come out to the truck to watch? Is the work still NAID AAA Certified?

Yes. As long as the customer has the opportunity or option to witness the destruction, then the mobile destruction operation is still considered NAID AAA Certified.

I utilize a drop off service for customers and use my mobile vehicle to shred the confidential information. Would this be considered NAID AAA Certified?

As long as the customer stays to witness the destruction being performed, then it could be considered NAID AAA Certified. However, if the customer leaves and is unable to witness the destruction, the service is not considered NAID AAA Certified and the customer must be notified in writing of such.

Can I use my mobile truck inside to offer NAID AAA Certified Facility-Based Destruction?

Yes. To do so, please submit the form, Provisional Exception Request for the use of Mobile Destruction Equipment in a Facility-based Operation. The exception request will be forwarded to the Certification Committee for approval. If approved, you will be required to undergo an audit for this operation.

Do I need 90 days of CCTV recordings to become NAID AAA Certified?

Yes. All criteria must be adhered to in order to be NAID AAA Certified. Therefore, prior to submitting your certification
application, we ask that you have 90 days of CCTV recordings in place. Failure to have 90 days of recordings may results in a denial of certification from the Certification Committee.

Can the CCTV system have motion sensors?

Yes. However we ask that there is enough lighting during non-business hours to recognize the face of the person in the Facility, and we ask that you have 90 days of CCTV recordings in place. Failure to have 90 days of recordings may results in a denial of certification from the Certification Review Board.

Can I hire Temps as helpers and still be NAID AAA Certified?

Yes. To do so, you must have a letter on file stating that the temp agency is aware that the material is confidential, they accept fiduciary responsibility of the material, and that their employees have had background checks which consist of the same requirements as NAID AAA Certification.

I am the owner of the business. Do I need to undergo the employee screening requirements?

If you are involved in the day-to-day operations, then you must undergo all the employee screening requirements. However, if you are not involved in the day-to-day operations, then you are exempt from the I-9 form, drug screening and employment verification.

How much does it cost to become NAID AAA Certified?

The certification fees range from $1,248 USD to $5,802 USD and are dependent upon the type of operations performed (Mobile, Facility-based, Overwriting, Degaussing, etc.). The certification fees are due annually on the month the member’s certification expires. Fees are all inclusive, already including processing fees, any auditor fees, auditor travel expense, etc.

Where can I find the requirements for NAID AAA Certification?

All criteria needed for NAID AAA Certification can be found in the i-SIGMA Certification Specifications Manual. 

I have a multi-location operation. How is this different?

i-SIGMA offers programs for companies with multi-location operations. In order to qualify for the program, an applicant must have at least three (3) destruction locations and must be committed to achieving 100% compliance with the NAID AAA Certification specifications at all information destruction-related locations and agreeing that all such facilities will be subject to the scrutiny of audits. Contact the Certification Department for specifics regarding the multi-location program that best meets your company’s needs. [email protected] | +1 602-788-6243

Is there someone who can help walk me through the NAID AAA Certification process?

Yes, the association offers a number of resources to assist you in becoming certified.

  • The i-SIGMA Certification Program Department – The association has staff available to answer your questions. Contact staff anytime at [email protected] or +1 602-788-6243
  • NAID AAA Certified Consultants – i-SIGMA offers a list of consultants available for hire to assist your company in the certification process, available in the Online Market.
  • Attend a Conference Session – Register to attend the i-SIGMA Annual Conference & Expo, which offers excellent sessions and exhibit hall opportunities to learn more about the benefits and of becoming NAID AAA Certified and how to utilize it as a sales tool

How do I stay up to date on certification program updates?

The i-SIGMA Certification Department sends official notices of any certification program updates to the main certification contact for your company. Additionally, you can access all certification program updates here.

Still have questions about NAID AAA Certification?
Contact the Certification Department

[email protected] | +1 602-788-6243