ARIN Completes SOC 2 Type 2 Audit and PCI DSS Certification
Posted: Monday, 13 November 2023
ARIN
ARIN is pleased to announce that it has achieved successful completion of the Service Organization Control (SOC) 2 Type 2 audit of its Resource Public Key Infrastructure (RPKI) and has demonstrated compliance with the Payment Card Industry Data Security Standard (PCI DSS) for ARIN Online.
SOC 2 is a gold standard in security compliance developed by the American Institute of Certified Public Accountants (AICPA). ARIN engaged an independent auditing firm to complete the SOC 2 Type 1 audit in December 2022 and the SOC 2 Type 2 audit on 31 October 2023.
PCI DSS is the security framework adopted by the payment card industry and is required by organizations that accept payment via credit or debit card. Changes in ARIN’s banking and payment system made it necessary to demonstrate compliance with PCI DSS’s security framework, which was successfully completed 12 October.
Reaching these milestones represents a deliberate investment in ARIN’s security infrastructure, tools, and processes, as requested by our community. We have been working toward these milestones for several years, and they demonstrate our commitment to safeguarding our systems, services, and customer data.
For more information on ARIN’s security practices, please visit https://arin.net/security or email info@arin.net.
Regards,
Christian Johnson
Chief Information Security Officer
American Registry for Internet Numbers (ARIN)
Recent Announcements
- Apply Now for an ARIN Community Grant
- Announcing the 2025 ARIN Grant Selection Committee
- Meet the ARIN 56 Fellowship Selection Committee
- Join Us for ARIN on the Road and Technical Forum in Antigua & Barbuda
- Sponsorship Opportunities Available for ARIN 56
- NOW CLOSED – Consultation on Enforcing Hierarchical Naming for AS-SETs
- Autonomous System Originations (Origin AS) Will Be Retired on 28 July
- Announcing the Launch of ARIN Academy
- Concluding the Draft RIR Governance Document Consultation
- New Features Added to ARIN’s Registration Data Access Protocol Service
- » View Archive