The Only Specialized Global Intellectual Property News Agency
A Member of Talal Abu-Ghazaleh Global

banner

ICANN Systems Controls Validated by Annual IANA Functions Audit

24-Apr-2020 | Source : AG-IP News | Visits : 1315

LOS ANGELES - The Internet Corporation for Assigned Names and Numbers (ICANN) announced in a press release that it has completed another year of audits of the key systems used to deliver the Internet Assigned Numbers Authority (IANA) functions. Accounting firm RSM US LLP conducted the audits of the Registry Assignment and Maintenance Systems (RAMS) and the root zone Domain Name System Security Extensions (DNSSEC) services for the period of December 1, 2018 through November 30, 2019.

For the seventh consecutive year, a Service Organization Control (SOC) 2 audit of the RAMS shows that the ICANN organization has the appropriate controls in place to ensure the security, availability, and integrity of IANA request processing.

For the tenth consecutive year, an exception-free audit has been completed for the management of the DNSSEC root key signing key (KSK), which is the trust anchor of the Domain Name System. Using the SOC 3 framework, the audit demonstrates that effective security, availability, and process integrity controls exist to manage the root KSK. The report is publicly available at http://iana.org/audits.

This year's audit period included reviewing the final milestones relating to regeneration of KSK assets. Following the first KSK rollover in 2018, this audit period involved the deletion of the first KSK and associated destruction of equipment and assets surrounding those, dating back to 2010.

"We have come a long way in the ten years since we conducted our first KSK ceremony and started our third-party audit program. From developing strong controls to ensuring comprehensive transparency in our process, this team has managed to meet the audit criteria set by the AICPA every single year. I am very proud of everyone who contributed to that achievement," said Kim Davies, President of Public Technical Identifiers and Vice President for IANA at ICANN.

SOC audits evaluate an organization's controls in relation to "trust services principles and criteria" and are managed by the American Institute of Certified Public Accountants (AICPA).

 
share



Related Articles