Jump to content

Contractual Compliance: Difference between revisions

From ICANNWiki
Jessica (talk | contribs)
Created page with "The Office of '''Contractual Compliance''' is an ICANN department charged with gathering information from and enforcing the contractual compliance of registries and regist..."
 
Jessica (talk | contribs)
No edit summary
Line 4: Line 4:
transfer requests; registry violations, such as providing more favorable treatment to some registrars; renewal reminders, fees, or redemption issues; and incorrect [[WHOIS]] data or access issues.<ref>[https://www.icann.org/en/system/files/files/contractual-compliance-complaint-31mar18-en.pdf Contractual Compliance Complaints]</ref>
transfer requests; registry violations, such as providing more favorable treatment to some registrars; renewal reminders, fees, or redemption issues; and incorrect [[WHOIS]] data or access issues.<ref>[https://www.icann.org/en/system/files/files/contractual-compliance-complaint-31mar18-en.pdf Contractual Compliance Complaints]</ref>
==Monitoring==
==Monitoring==
==Auditing==
==Auditing==
The Audit Program is a continuous, ongoing activity that follows a recurring cycle. Each audit round consists of six phases:<ref>[https://www.icann.org/en/system/files/files/audit-phases-timeline-01aug17-en.pdf Audit Phases, ICANN]</ref><br/>
# Planning Phase: ICANN plans the audit scope and timeline.
# Request for Information Phase: ICANN issues a notice of audit to the selected contracted parties, who must compile information and respond to the audit request.
# Audit Phase: ICANN reviews, tests, and validates the responses to ensure compliance with the contractual obligations.
# Initial Report Phase: ICANN issues a confidential initial audit report to each auditee containing the initial findings and allowing the contracted party to address the findings or provide clarity.
# Remediation Phase: ICANN collaborates with the auditees to remediate issues.
# Final Report Phase: ICANN issues a confidential final audit report to each auditee. ICANN also summarizes the audit round in an overall audit [https://www.icann.org/resources/pages/compliance-reports-2021 report]
===DNS Abuse===
On 6 November 2018, ICANN Contractual Compliance (Compliance) launched a Registry Operator Audit for Addressing DNS Security Threats<ref>[https://www.icann.org/en/announcements/details/icann-publishes-registry-operator-audit-for-addressing-dns-security-threats-17-9-2019-en CC Audit of DNS Security Threats, ICANN Announcements]</ref>

Revision as of 17:40, 8 September 2021

The Office of Contractual Compliance is an ICANN department charged with gathering information from and enforcing the contractual compliance of registries and registrars through complaint-driven informal and formal resolution processes, ICANN-initiated monitoring, and random auditing.

Complaints

Complaints commonly handled by this office include unauthorized domain name transfers or unsuccessful transfer requests; registry violations, such as providing more favorable treatment to some registrars; renewal reminders, fees, or redemption issues; and incorrect WHOIS data or access issues.[1]

Monitoring

Auditing

The Audit Program is a continuous, ongoing activity that follows a recurring cycle. Each audit round consists of six phases:[2]

  1. Planning Phase: ICANN plans the audit scope and timeline.
  2. Request for Information Phase: ICANN issues a notice of audit to the selected contracted parties, who must compile information and respond to the audit request.
  3. Audit Phase: ICANN reviews, tests, and validates the responses to ensure compliance with the contractual obligations.
  4. Initial Report Phase: ICANN issues a confidential initial audit report to each auditee containing the initial findings and allowing the contracted party to address the findings or provide clarity.
  5. Remediation Phase: ICANN collaborates with the auditees to remediate issues.
  6. Final Report Phase: ICANN issues a confidential final audit report to each auditee. ICANN also summarizes the audit round in an overall audit report

DNS Abuse

On 6 November 2018, ICANN Contractual Compliance (Compliance) launched a Registry Operator Audit for Addressing DNS Security Threats[3]