Contractual Compliance

Revision as of 17:40, 8 September 2021 by Jessica (talk | contribs)

The Office of Contractual Compliance is an ICANN department charged with gathering information from and enforcing the contractual compliance of registries and registrars through complaint-driven informal and formal resolution processes, ICANN-initiated monitoring, and random auditing.

Complaints

Complaints commonly handled by this office include unauthorized domain name transfers or unsuccessful transfer requests; registry violations, such as providing more favorable treatment to some registrars; renewal reminders, fees, or redemption issues; and incorrect WHOIS data or access issues.[1]

Monitoring

Auditing

The Audit Program is a continuous, ongoing activity that follows a recurring cycle. Each audit round consists of six phases:[2]

  1. Planning Phase: ICANN plans the audit scope and timeline.
  2. Request for Information Phase: ICANN issues a notice of audit to the selected contracted parties, who must compile information and respond to the audit request.
  3. Audit Phase: ICANN reviews, tests, and validates the responses to ensure compliance with the contractual obligations.
  4. Initial Report Phase: ICANN issues a confidential initial audit report to each auditee containing the initial findings and allowing the contracted party to address the findings or provide clarity.
  5. Remediation Phase: ICANN collaborates with the auditees to remediate issues.
  6. Final Report Phase: ICANN issues a confidential final audit report to each auditee. ICANN also summarizes the audit round in an overall audit report

DNS Abuse

On 6 November 2018, ICANN Contractual Compliance (Compliance) launched a Registry Operator Audit for Addressing DNS Security Threats[3]