Absolute IT: An ADISA Certified Asset Recycling Company In Derby

Absolute IT is proud to be accredited partners of ADISA, following their approved standards for our IT Asset Disposal services. ADISA accreditation gives you confidence that we meet or exceed all the requirements and best practices necessary for the safe and secure handling of confidential data.

Why is ADISA certification so important and why does it matter for your business?

Here are answers to some of the questions we get asked most frequently about ADISA.

What Is ADISA?

The Asset Disposal and Information Security Alliance (ADISA) underwrites best practices for data security for asset recovery and disposal companies. ADISA certification reflects the highest standards of safety, environmental responsibility and confidentiality in the industry.

ADISA is the only industry-specific accreditation in IT asset disposal. Achieving this accreditation requires meeting a stringent checklist of standards and undergoing regular, unannounced operational and forensic audits by a group of independent UKAS-certified auditors.

Why Use An ADISA Certified Company?

2020 and 2019 Computer security awards winner.

The advantages of using an ADISA certified company such as Absolute IT can be summed up as follows:

  • Written confirmation of services: ADISA members must provide their customers with a formal written schedule of all contracted services, including data sanitisation, certificates of destruction and chain of accountability.
  • Verified asset disposal capacity: ADISA members are regularly subjected to unannounced audits to verify they have the tools, qualifications and capacity to carry out their advertised services to the required standard and SLA.
  • Transparent supply chain: ADISA members are required to disclose all downstream partners, including logistics, data processing and recycling third parties. Each third-party is reviewed for competence and compatibility with ADISA standards.
  • Transparent customer service: Customers of ADISA members can request copies of all the member company’s ADISA audits, and can sign up to monitor their provider for ADISA compliance. Sign up to monitor a certified company here!
  • Data Protection Act and GDPR compliance: The data sanitisation standards required for ADISA members meet and exceed the duty of care required by current data protection legislation. Working with an ADISA certified company also fully meets the guidance issued by the Information Commissioner’s Office (ICO) in 2012 for best practices when disposing of IT assets.

Where Can I Find The Latest ADISA Standards?

You can request a free, up to date version of the ADISA standards by clicking here. You can also find out what standards are most relevant to your business by chatting with a certified company. Call 01332 371 989 to find out more.

Where Can I Find An ADISA-Certified Company?

Well, you’re on the website of one now, so you can call us today to discuss your recycling requirements! Or if you’d like to find a company local to you, you can do so here on the ADISA website using their interactive map. (There are only 41 ADISA members in the UK out of over 800 registered IT recycling companies, giving an idea of the high benchmarks required to achieve ADISA accreditation.)

Is The IT Asset Disposal Company I Use ADISA Certified?

If the business appears on the ADISA Member’s List of certified companies then yes; if not, no. This is the only way to truly verify an existing ADISA accreditation; be sure to double-check on the official ADISA website.

Can I Trust The Current Company I Use?

If you’re already using an ADISA accredited business then probably, yes. However, if they are not certified there is simply no way of knowing. No matter how long a company has been in business and how many glowing reviews they can boast on Google and Facebook, what matters is the standards they follow when handling your company’s sensitive data.

The processes they follow may or not be effective – with no independent set of standards in place you can never be sure.

Can I Trust That An Uncertified Company Will Do What They Say?

Again, not really. Even if a company claims to follow ADISA standards, without regular independent auditing in place you can never be fully confident.

Why Is It Risky To Use A Non-ADISA Accredited Company?

A non-ADISA accredited company is unmonitored - essentially a disposal company with no accountability. We’re not suggesting that non-accredited companies are dishonest or unprofessional, any more than an unqualified accountant or financial adviser is necessarily dishonest – but would you trust them with your financial affairs? Probably not.

The same applies to IT asset disposal. ADISA provides the international industry standards that ensure the safe disposal of data and the sustainable recycling of IT components. Without verification that these standards are being met, you are taking a big risk.

Remember that the personal data you hold as Data Controller is your responsibility.

If data is inadequately sanitised and falls into the wrong hands it is your business that will face fines and potential prosecution for GDPR non-compliance, not the recycling company. It is your company that will ultimately be blamed if environmentally toxic IT components find their way to landfill, rather than being responsibly recycled.

Why Are ADISA Standards Not Formalised By BSI Or ISO?

At present ADISA is primarily a UK organisation, although it has several members in Canada, the USA and eight EU countries and is moving towards international and European recognition. IT asset recycling is still a fairly new industry, and as such is not yet covered by BSI and ISO standards. This being said, there are no real barriers to ADISA standards being formally recognised by the International Standards Organisation.

The difference at the moment is in auditing practice. ADISA requires twice-yearly assessments and unannounced audits at any time during membership. ISO assessments, on the other hand, are carried out at most annually (some standards are valid for up to 10 years) and by appointment only. There are no unannounced audits. ADISA auditing standards are therefore more stringent than those currently permitted by the ISO accrediting bodies.

Is ADISA Certification Officially Recognised?

Yes, ADISA standards are widely recognised and respected by official bodies in the UK, USA, Canada and the EU. In 2013 the ADISA IT Asset Disposal Standards were recognised by the Defence InfoSec Products Cooperation Group (DIPCOG) - an MoD sponsored forum representing data security specialists from the MoD and CESG.

Is ADISA Certification The Same As ISO 27001?

No. ISO 27001 covers some of the same ground as the ADISA standards but is far broader, governing information security standards in general, rather than IT asset disposal standards in particular. Some ADISA members are also ISO 27001 accredited. ADISA certification is the only accreditation specific to our industry.

Where Can I Find More Information?

The questions discussed on this page are answered in more detail in our free downloadable e-book: The 6 Hidden Dangers of Non-ADISA Accredited IT Recycling, which can be downloaded here. We are also happy to discuss your questions in person. Please call 01332 371 989 or email info@absoluteitad.com. You can visit the ADISA global website by clicking here.

Request A Quote

If you would like to find out more about our services, please get in touch today for a free, no obligation quote. Simply pick up the phone and call us on 01332 291 992, or send us a message through the form on this page.