What’s the Difference Between NAID Certification & NAID Membership?

When choosing a data destruction provider, it’s important to understand the differences between NAID/i-SIGMA members and NAID AAA certified vendors.  Although NAID membership is often confused with NAID AAA certification, they are VERY different.

Who is NAID?

Since 1994, the National Association for Information Destruction (NAID) has been the governing body for data destruction operations across the globe. Its rigorous certification program was developed by industry insiders, including security experts concerned with responsible information handling and destruction.

In 2018, NAID merged with PRISM International (Professional Records and Information Services Management®) and became i-SIGMA, or the International Secure Information Governance & Management Association. The merger created a stronger association with better support for members and better capabilities to address regulators, policymakers, and decision-makers.

In early 2022, i-SIGMA retired the NAID membership logo to reinforce the name change and better differentiate i-SIGMA membership from NAID AAA certification.  The NAID membership logo and any claim to NAID membership are now defunct and should no longer be used by any service provider.  All members must refer to themselves as i-SIGMA members, not NAID members.

However, many service providers continue to highlight NAID in their credentials.

Why it Matters: i-SIGMA vs NAID

NAID AAA Certification is still the globally recognized qualification that demonstrates compliance with all known data protection laws. i-SIGMA membership (formerly NAID membership) is not the same as NAID AAA Certification.

With nearly 2,500 i-SIGMA members globally, less than half are NAID AAA certified. Among those certified vendors, even fewer have credentials specifically for hard drive destruction and overwriting.

To qualify for the certification, service providers must first become active members of i-SIGMA, followed by an extensive certification application process, and then undergo an in-depth, onsite audit to ensure they have appropriate safeguards, procedures and processes in place to comply with NAID’s standards. The results  are then submitted by the NAID auditor to the Certification Review Board for approval.

While any business can pay to be an i-SIGMA member, only vetted providers who have undergone the appropriate steps for certification can become NAID AAA certified, not all i-SIGMA members hold this title.

NAID AAA Certification Requirements

To become certified, services providers must verify compliance with all known data protection laws through scheduled and surprise audits by trained, accredited security professionals, fulfilling customers’ regulatory due diligence obligations.

NAID AAA certification may apply to physical destruction or electronic media overwriting operations. There are also specific endorsements available, including on-site (mobile) or off-site (plant-based) certifications.

Trusting your IT equipment with a NAID AAA certified vendor ensures you are taking data protection seriously. This certification helps you identify vendors who are trained, equipped, and verified to destroy your data securely.

Contact us to learn more about SEAM’s NAID AAA certified shredding and wiping services and how we can keep your business and your customers protected.