The Asset Disposal and Information Security Alliance (ADISA) is an organization that recommends standards for safely disposing of information technology (IT) equipment while minimizing the risk of exposure and misuse of any sensitive data stored on that equipment. The ADISA standards cover all phases of IT asset disposal including the collection, transportation, storage, erasure or destruction of components containing data, and recycling or waste disposal. Certification included periodic audits.
Founded in 2010, the ADISA publishes separate versions of the standard for Asia/Pacific, the European Union, North America and the United Kingdom. The ADISA IT Asset Disposal Security Standard is recognized as an industry standard of merit by the UK Defence Infosec Product Co-Operation Group.
It is a mandatory condition of the ADISA standard that all member ITADs successfully pass a minimum of 2 audits per year, at least one of these will be unannounced with the intention of ensuring that correct processes and protocol are in place at all times. These audits include a forensic investigation of hard drives.
ADISA have extended their services to include a training course to help end users understand security concerns, manage risk and maximise the value back to their business within the IT Disposal channel. The course is designed to enable end users to identify security vulnerabilities which could occur within disposal.