In January 2015, Arrow Electronics’ Value Recovery business added its North American processing facilities to the company’s existing Asset Disposal and Information Security Alliance (ADISA) certification programme. Since then, ADISA has carried out eight audits at Arrow Value Recovery sites in EMEA and the USA, and all have passed without exception.
Arrow’s Value Recovery business has successfully passed a gruelling programme of scheduled and unannounced audits by the Asset Disposal and Information Security Alliance
Founder of ADISA, Steve Mellings picks up the story, “Arrow has been very clear that its service offering is truly international, and the company’s approach to ADISA certification certainly shows the confidence of that approach. As part of their certification programme, we treat all their sites as a single entity—so if one site fails, the whole company fails meaning the pressure on the individual teams at Arrow is high.”
The ADISA Audit programme includes scheduled full audits and, more importantly, a series of completely unannounced audits that includes random forensic analysis of up to 10 different devices on each visit.
Scott Venhaus, Global Director of Compliance at Arrow adds, “Having ADISA certification as part of Arrow’s Value Recovery global compliance program demonstrates that we are serious about protecting data. Our global compliance program incorporates best practices of today’s leading industry standards, including ADISA, while creating a flexible platform that allows Arrow to keep pace with global change.”
ADISA has undertaken full audits at Arrow Value Recovery facilities in Belgium, France and the United States. In addition, unannounced audits were made in facilities in the United Kingdom, Czech Republic, Germany and the U.S.
Mellings continues, “With increasing focus on data protection, corporations are looking at all aspects of where their data could be compromised, and the end-of-life piece is an extremely challenging area. Companies like Arrow who volunteer to be put through this type of scrutiny do so to demonstrate to their customers that not only do they meet our exacting requirements once, but also they do so throughout their operations ALL the time.”
Launched in October 2010, the Asset Disposal and Information Security Alliance (ADISA) is a group of leading experts on the area risk management, compliance and data protection within the area of IT Asset Disposal. The ADISA certification programme has been formally recognised by DIPCOG (a UK Mod and CESG committee) and now has over 50 certified locations in 9 different countries. Organisations use the ADISA certification scheme to have confidence that the data on their end of life assets is being managed appropriately