[ALAC] Fwd: ICANN News Alert -- ICANN Systems Controls Validated by Annual IANA Functions Audit

Wed Apr 22 21:00:18 UTC 2020

[image: ICANN Announcement Alerts]

*ICANN Systems Controls Validated by Annual IANA Functions Audit
<https://newsalerts.icann.org/I010SC80P0gFNd220o0RE00>*

22 April 2020

LOS ANGELES – 22 April 2020 – The Internet Corporation for Assigned Names
and Numbers (ICANN) has completed another year of audits of the key systems
used to deliver the Internet Assigned Numbers Authority (IANA) functions.
Accounting firm RSM US LLP conducted the audits of the Registry Assignment
and Maintenance Systems (RAMS) and the root zone Domain Name System
Security Extensions (DNSSEC) services for the period of 1 December 2018
through 30 November 2019.

For the seventh consecutive year, a Service Organization Control (SOC) 2
audit of the RAMS shows that the ICANN organization has the appropriate
controls in place to ensure the security, availability, and integrity of
IANA request processing.

For the tenth consecutive year, an exception-free audit has been completed
for the management of the DNSSEC root key signing key (KSK), which is the
trust anchor of the Domain Name System. Using the SOC 3 framework, the
audit demonstrates that effective security, availability, and process
integrity controls exist to manage the root KSK. The report is publicly
available at http://iana.org/audits.
<https://newsalerts.icann.org/f00od0P08T001R22CNEGg00>

This year's audit period included reviewing the final milestones relating
to regeneration of KSK assets. Following the first KSK rollover in 2018,
this audit period involved the deletion of the first KSK and associated
destruction of equipment and assets surrounding those, dating back to 2010.

"We have come a long way in the ten years since we conducted our first KSK
ceremony and started our third-party audit program. From developing strong
controls to ensuring comprehensive transparency in our process, this team
has managed to meet the audit criteria set by the AICPA every single year.
I am very proud of everyone who contributed to that achievement," said Kim
Davies, President of Public Technical Identifiers and Vice President for
IANA at ICANN.

SOC audits evaluate an organization's controls in relation to "trust
services principles and criteria" and are managed by the American Institute
of Certified Public Accountants (AICPA).
About ICANN

ICANN's mission is to help ensure a stable, secure, and unified global
Internet. To reach another person on the Internet, you need to type an
address – a name or a number – into your computer or other device. That
address must be unique so computers know where to find each other. ICANN
helps coordinate and support these unique identifiers across the world.
ICANN was formed in 1998 as a not-for-profit public-benefit corporation
with a community of participants from all over the world.

[image: shadow]
*[image: Twitter]
<https://newsalerts.icann.org/R00P081R2d0020g0CUEoHN0>* [image:
Facebook] <https://newsalerts.icann.org/gV080NP02201RE0dC000Iog> [image:
Instagram] <https://newsalerts.icann.org/b0000dRPoCW0Eg1J020280N> [image:
Linkedin] <https://newsalerts.icann.org/MN0E0208Co01d00KP0gR0X2> [image:
YouTube] <https://newsalerts.icann.org/wR8EN0dCP0000g1L0022Y0o>
[image: shadow1]
Unsubscribe <https://newsalerts.icann.org/y1oC82gN0d0PERZ00M00020> |
https://www.icann.org <https://newsalerts.icann.org/p0000C01OE0200NRdP0g8p2>
<https://newsalerts.icann.org/c00022gC0PNR01dEP081p00>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://atlarge-lists.icann.org/pipermail/alac/attachments/20200422/d6778290/attachment.html>