All NAID certified service providers are subject to regularly scheduled, onsite audits by trained, accredited
security professionals. In addition, random, unannounced audits are structured so NAID certified
operators will not know when they will be audited next.
The program requires written policies and procedures for each company to ensure incident response
preparedness, employee training, and regulatory compliance.
A customer may request an audit report to monitor the service provider and to ensure they meet the
regulatory risk assessment requirements.
Accredited auditors review employee background screening and training, compliance with written
procedures, access controls, operational security, destruction equipment, and confidentiality agreements.
More than 1,000 operations on five continents are certified by NAID, including mobile, plant-based,
paper, and computer destruction services. NAID certification is required by hundreds of government
offices and thousands of private contracts.
All documents and specifications are available to the public for free and online. Audit reports and
monitoring services are also provided to clients at no charge. The association’s financial records and board
of director’s meeting minutes are available online as well.
The Certification Review Board and the Certification Rules Committee oversee the program’s integrity,
A customer may monitor compliance by subscribing to email notifications of the service provider’s
certification renewal, audit, or lapse.
NAID certification is acknowledged by many accreditation programs, such as those offered by the
International Association of IT Asset Managers, the Institute of Certified Records Managers, and the R2 IT
asset recycling program certification offered by the Sustainable Electronic Recycling Institute (SERI).
When it comes to service provider qualifications, choose
the certification program with strength and integrity.