The Office of Contractual Compliance is an ICANN department charged with gathering information from and enforcing the contractual compliance of registries and registrars through complaint-driven informal and formal resolution processes, ICANN-initiated monitoring, and random auditing.
Complaints commonly handled by this office include unauthorized domain name transfers or unsuccessful transfer requests; registry violations, such as providing more favorable treatment to some registrars; renewal reminders, fees, or redemption issues; and incorrect WHOIS data or access issues.
The Audit Program is a continuous, ongoing activity that follows a recurring cycle. Each audit round consists of six phases:
- Planning Phase: ICANN plans the audit scope and timeline.
- Request for Information Phase: ICANN issues a notice of audit to the selected contracted parties, who must compile information and respond to the audit request.
- Audit Phase: ICANN reviews, tests, and validates the responses to ensure compliance with the contractual obligations.
- Initial Report Phase: ICANN issues a confidential initial audit report to each auditee containing the initial findings and allowing the contracted party to address the findings or provide clarity.
- Remediation Phase: ICANN collaborates with the auditees to remediate issues.
- Final Report Phase: ICANN issues a confidential final audit report to each auditee. ICANN also summarizes the audit round in an overall audit report
On 6 November 2018, ICANN Contractual Compliance (Compliance) launched a Registry Operator Audit for Addressing DNS Security Threats
Roles at ICANN
- Senior Manager, Contractual Compliance Risk and Audit
- SVP, Contractual Compliance & U.S. Government Engagement
- Contractual Compliance Risk and Audit Senior Specialist
- Contractual Compliance Lead
- Sr. Manager, Contractual Compliance
- Contractual Compliance Analyst
- Contractual Compliance Specialist
- Contractual Compliance Senior Specialist