Most IT leaders who want to outsource their IT asset disposition know it’s important to work with a certified ITAD provider. But checking that box off your due diligence list is more complicated than asking the simple question: “Are you certified?”
Certification is an area where you want to dig a little deeper. Ask more questions. Get more specific. You want to understand precisely what certifications are available, what they mean and why they’re essential.
This post covers all the details. By the end, you’ll know more about the certification process and understand what questions to ask potential vendors.
What does certification mean?
Let’s start with what certification means. When it comes to ITAD, certifications are far more than a plaque on the wall.
Certification means that an independent third party – governed by specific rules – has come in and reviewed a company’s processes and practices, completed an evidence-based assessment of the company’s performance and declared that the company is conforming to certain industry standards.
Earning a certification can range from a relatively straightforward application process to a time-consuming, arduous process that takes months to complete.
Given the variety of certifications available, the first thing you should ask a potential vendor is what standard they’re certified to. Not every certification is equal, and not all of them meet the latest industry standards.
For example, there’s the R2v3 certification program. It’s a comprehensive, voluntary industry standard for used IT hardware recyclers and resellers from Sustainable Electronics Recycling International, an independent non-profit. R2v3 is considered the latest and the best and is one of the certifications that take months to complete.
There’s also the Recycling Industry Operating Standard™ (usually known as RIOS™). This certification is managed by the Global Recycling Standards Organization and addresses workplace safety, environmental impact, product quality, regulatory compliance, and more.
Other relevant certifications include:
- ISO 9001 – quality management
- ISO 14001 – environmental management
- ISO 45001 – occupational health and safety
- NAID AAA – information destruction services
- ASCDI – ethics and ITAD services
- ADISA – information destruction services
All of these certifications represent specific standards to which a vendor will hold themselves. Based on their business, an ITAD vendor may get certified to one or more of these different standards.
Next is the issue of scope. Different ITAD vendors can have different skillsets and different levels of expertise. This means they can be certified for some ITAD processes but not for others.
For example, there are R2v3 certified companies with a scope that is limited to mobile devices, like cell phones and tablets. If you need ITAD support for laptops, servers, hard drives, PCs, monitors, or printers, then they’re not the best partner for you. Instead, you want a vendor that’s certified for your particular types of equipment.
For the most part, certifications in the ITAD industry are specific to a particular facility. If a company has multiple facilities, each of them needs to be audited and individually certified.
Given this, it’s important to ask potential vendors which of their facilities are certified. And pay attention to whether they proactively and transparently share this information, and confirm the facility processing your equipment.
Active vs. Expired
Another vital factor to consider is whether a certification is still active – especially with how quickly things change in the IT industry.
ITAD certifications must be audited every year or they expire. Ask whether all of a vendor’s certifications are still current and active and independently verify that through the standard bodies website. If any of them are expired, that’s a sign you want to interview different vendors.
Why are ITAD certifications so important?
Becoming certified is voluntary, but it provides you with independent and expert third-party verification of an ITAD vendor’s processes. Certifications also prove that a vendor has a deep understanding of – and is compliant with – all applicable laws.
Having this level of expertise has never been more critical when you consider some of the issues the industry is facing:
- Data is becoming more vulnerable and data attacks are happening around the world
- Industries are introducing new regulations and compliance requirements to protect consumer information and privacy
- Climate change is leading to new and revised environmental standards
In addition, earning certifications demonstrates that a vendor is committed to performing at a certain level and dedicated enough to its clients to invest the time and resources required to get certified.
ITAD is not the time to cut corners
Suppose you’re interviewing a potential ITAD vendor who promises to do things more easily, quickly or at a better price point because they’re not certified (and therefore aren’t obligated to follow certain protocols). Red. Flag.
Similarly, a vendor who says they follow the same standards as a certified company isn’t enough, either. The only way to follow the standard is to become certified.
Simply put, with no third-party validation, you only have a self-claim. That means:
- You’re adding risk if you work with a vendor that isn’t actively certified for the proper standard, scope and facility for your business.
- You’re eliminating risk if you work with a vendor that’s actively certified to the proper standard, scope and facility for your business.
At Summit 360, we’ve earned the RIOS certification and are proud to be one of the first companies worldwide to earn the select R2v3 certification. Our certification scope applies to all types of IT equipment and electronics and includes managing the downstream recycling chain, logical and physical data sanitization, and test & repair of equipment for reuse. Our R2v3 and RIOS certifications apply to our Lone Oak facility in Eagan, Minnesota.
View our services or contact us today to learn more about our services.