The Independent Standards Board, which creates, renews, and amends the Association’s certification program, has added a new requirement to the certification program effective January 1, 2023.
Agencies certified by the Association were required to adopt a written information security policy as of the beginning of the year. The Data Security Standard, put forth by the board, comprehensively enumerates eleven (11) areas of compliance and was introduced early in 2022 to allow agency members time to prepare for the adoption and implementation.
Each agency member meets the certification requirements annually to earn and maintain a Certificate of Accreditation and Compliance. The program, considered the platinum standard in the industry, is comprised of the most rigorous requirements across a number of planes. Although most of the certified agencies of CCA of A already had such a policy in place, the independent board recognized the importance codifying the requirement of securing data held within an agency and formalized it in the already unparalleled program offered by CCA of A.
“The work of the Standards Board is aimed at ensuring that the CCA of A certification program continues to be the platinum standard. The addition of the Data Security Standard requiring adherence to a written information security policy incorporating best practices further enhances the quality certification program upon which the credit community has come to rely,” commented Standards Board Chair, Christine Hayes Hickey.