Presentation is loading. Please wait.

Presentation is loading. Please wait.

How to Audit your ITAD & Recycling Service Providers by Jade Lee, MBA President/CEO Corporate e-Waste Disposal Summit 7/31/2012.

Published byHelen Hart Modified over 8 years ago

Similar presentations

Presentation on theme: "How to Audit your ITAD & Recycling Service Providers by Jade Lee, MBA President/CEO Corporate e-Waste Disposal Summit 7/31/2012."— Presentation transcript:

1 How to Audit your ITAD & Recycling Service Providers by Jade Lee, MBA President/CEO Corporate e-Waste Disposal Summit 7/31/2012

2 Auditing – 4 Critical Areas Data Security Asset Recovery Environmental Value-Add Service Capabilities and Strategic Vision for the Future

3 Why Audit your Vendor? You can not afford to have fuzzy feeling on what your service provider do with your data & equip. R2 and e-Stewards: Baseline only, they are simply not enough to tell you what goes on inside a facility on daily basis, not to mention integrity.  Auditors only have a few days to check a facility  Auditors check paperwork most of the time  Auditors do not know all the tricks that recyclers play  Auditors may not be well-trained. They even do not know all the standard details (ex. Per R2, before shredding, you need to remove lithium batteries from circuit boards, and remove lamps from laptops, LCD display, etc.)

4 Why Audit your Vendor? Environmental certifications are great, but what about data security that could have huge financial and legal impact?  According to The Ponemon Institute, the average cost of a data breach in the US in 2011:  $194 per customer record  $5.5 million per breach! You will feel better after a first hand look at where your equipment will be managed!

5 Data Security Audit What certifications?  NAID offers different certifications. You should be aware of this before you perform the audit 1) “Hard Drive Destruction” (physical destruction only.) Recyclers usually only pursue this certification so they can claim holding a NAID certification. Punch a hole on HD can be qualified. However, it is not sufficient for ITAD/asset recovery program. 2) “Hard Drive Sanitization” (must for ITAD/asset recovery) 3) “Solid State Storage Devices/Media Destruction 4) “Solid State Storage Devices/Media Sanitization Unannounced Audit

6 Data Security Audit Chain-of-Custody Management  On-site packing protocols  Shipping security protocols  Auditing of white glove service & transportation companies Facility Security  Where is sanitization performed? a secured area?  Do they have door access control? video surveillance and motion sensor/light control at night time?  Employee background check & drug test – which employees have access to your equipment? SSI’s Dedicated Data Sanitization Room (one and only in the industry)

7 Data Security Audit Sanitization Process  How many passes? Most recyclers’ default is one (1) wipe (low level format) DoD 5220.22M & NIST Special Publication 800-88 specs: minimum 3 wipes  Do they have a well-defined verification procedure in place to verify that drives are totally wiped?  How often do they calibrate the software (for both Sanitization and Verification software)?  How will they manage data destruction on solid state hard drives – new software needed

8 Data Security Audit

9 Physical Destruction Process  If they shred, how small are the pieces?  Are circuit boards (focus materials) removed from hard drives?  How are solid state storage devices (flash drive, SIM card, etc.) handled as they are too small to be shredded by large shredders?  If they degauss, double check the maker and model to make sure that is NIST approved model.

10 Asset Recovery Audit Receiving  What information they record at receiving: BOL #, Receiving Date, Shipper company name, Shipper facility name/location  Do they have barcoded pallet ID # that can track all the way throughout the process?  Do they verify your inventory list and note what were not received and what received not on the list?  Do they record serial/asset # and ties it with the pallet ID# to track all the way throughout the process?  Do they just power on the unit or wait for at least 24-48 hours  How do they track the sold units?  Do they provide warranty services?  See a sample of settlement report details

11 Asset Recovery Audit

12 Environmental Audit Before you visit  Have the recycler fill out a detailed questionnaire. The level of detailed answer is the first indication of their practices  Read and consult with consultants on key R2 and e- Steward Standards  Will they disclose their focus material downstream vendors to you?  Check their downstream vendors’ background and EPA ECHO database: http://www.epa- echo.gov/echo/compliance_report.html

13 Environmental Audit  Ask their downstream vendors if they actually ship to them and the volume. How is their packaging and level of packing list details?  Check their environmental compliance record with Federal and State EPA’s  Check with their peers of the vendor’s reputation  Will they allow unannounced audit?

14 Environmental Audit Sample of Public Information: News published in The Sacramento Bee (California Newspaper) on recyclers submitted fraudulent reports to CA government to collect payments on residential e-waste never collected and processed.

15 Environmental Audit On-site audit:  Verify recycler’s questionnaire response against what you actually see on-site.  If the facility clean and well-organized? Are they cluttered with whole warehouse full of non-processed materials?  How many workstations do they have in view of the volume they process? Are the workstations well designed and organized? Do they use air tool or just battery powered screw drivers? Are they fast (productivity)?  Check their steel roll-offs – how many, how big and how often they switch? Check shipping records  Check their plastic bales – volume, how they bale them? Separate by type and color? Check shipping records.

16 Environmental Audit On-site audit (cont’d)  How do they manage focus materials as per R2 and e- Steward standards? For example: before shredding, batteries on processing circuit boards and lamps from laptop/LCD display have to be removed. Do they have in-depth knowledge on the proper management of these materials – check procedures? Focus Materials: CRT glass, Circuit board, Batteries, PCB’s, Mercury containing devices (such as lamps)  How do they manage other special waste such as toner (do they have procedures in handling toners taken out from printer/copier and place them in gaylord boxes with lid?)

17 Environmental Audit On-site audit (cont’d)  Observe if they have attention to details  What is the true attitude of their top management toward certifications – just for getting a pass to pursue customers or wanting to lay the foundation for continual enhancement and transformation? Is their President/CEO familiar with standards and did he/she sit through the standard audit process? Do they have a dedicated QEHS/EHS Manager?  Check their annual training schedules on environmental, quality, health/safety and data security standards. Check their training records. Are they in database tracked by subject and Staff name?

18 Export Control Management  Focus Materials: CRT glass, circuit boards, battery, mercury containing devices, PCB’s.  All the top smelters are in international countries, such as Europe and Japan.  Remarketing of Asset Recovery Items such as computer, network equipment, etc. is global market. The key is only selling fully tested and functional equip with warranty. Data in hard drives must be totally destroyed. It is hard for auditors to discern recycler’s true practices.

19 Pricing Alert  If the recycler offers no cost or below industry prices, be alert  If they pay you for incomplete IT units, be alert  Many of our OEM customers were hurt by dishonest recyclers selling their products on e-Bay  For ITAD/asset recovery program, ask them the true formula of revenue share. Do not be disguised by comparing the percentage of share (i.e. 80% vs 60%). Many recyclers use high % to disguise high deductions -- the end result of high % could be much lower share value.

20 Questions? jadelee@supply-chainservices.com www.supply-chainservices.com Phone: (630) 629-9344, x22 or x10 Cell: (630) 675-9544

Download ppt "How to Audit your ITAD & Recycling Service Providers by Jade Lee, MBA President/CEO Corporate e-Waste Disposal Summit 7/31/2012."

Similar presentations

Retirement Solution Overview

Retirement Solution Overview
California Access Controls Inc. 818.702.0746 Exciting features that are extremely easy to use Exciting features that are extremely easy to use Access Control.

California Access Controls Inc Exciting features that are extremely easy to use Exciting features that are extremely easy to use Access Control.
QLM ® CAPS CAPITAL ASSET PLANNING SYSTEM. QLM ® CAPS The focus should be on getting it right the first time. QLM Capital Asset Planning System (CAPS)

QLM ® CAPS CAPITAL ASSET PLANNING SYSTEM. QLM ® CAPS The focus should be on getting it right the first time. QLM Capital Asset Planning System (CAPS)
Front Of The House Functions

Front Of The House Functions
Universal Waste Management Training

Universal Waste Management Training
Identification and Disposition of Official University Records University of Texas at Arlington Records Management.

Identification and Disposition of Official University Records University of Texas at Arlington Records Management.
Electronics Stewardship Tim Hilton 240-696-2572

Electronics Stewardship Tim Hilton
Product Receiving, Storing, and Issuing

Product Receiving, Storing, and Issuing
Universal Waste Management Training. Introduction DEC and EPA have established standards for the handling of “Universal Wastes”. “Universal Wastes”, in.

Universal Waste Management Training. Introduction DEC and EPA have established standards for the handling of “Universal Wastes”. “Universal Wastes”, in.
Safe, Secure, Economic, & Environmentally Sound Electronics Recycling Joe Clayton Synergy Recycling, LLC

Safe, Secure, Economic, & Environmentally Sound Electronics Recycling Joe Clayton Synergy Recycling, LLC
United Electronic Recycling United Electronic Recycling.

United Electronic Recycling United Electronic Recycling.
The technology dilemma of today Presented by: Please press space or click your mouse to advance.

The technology dilemma of today Presented by: Please press space or click your mouse to advance.
Understanding secure data erasure and end-of-lifecycle IT asset management.

Understanding secure data erasure and end-of-lifecycle IT asset management.
 Corporate Profile  BOSS Overview  Current Solutions  BOSS Modules  COLORS - New BOSS Web Module  BOSS Benefits  Supplier XML Services and BOSS.

 Corporate Profile  BOSS Overview  Current Solutions  BOSS Modules  COLORS - New BOSS Web Module  BOSS Benefits  Supplier XML Services and BOSS.
Aspects of Electronic Waste Disposal Lawrence P. Hayes P.E. E-Waste Experts, Inc.

Aspects of Electronic Waste Disposal Lawrence P. Hayes P.E. E-Waste Experts, Inc.
The Toothpick Bridge Challenge

The Toothpick Bridge Challenge
Securing NPI Mary Schuster Mike Murphy.  Gramm-Leach-Bliley Act Enacted to control the ways that financial institutions deal with the private information.

Securing NPI Mary Schuster Mike Murphy.  Gramm-Leach-Bliley Act Enacted to control the ways that financial institutions deal with the private information.
Understand Merchandise Planning in Retailing. The Merchandise Plan A budgeting tool that helps retailer or buyer to meet department goals ▫Planned sales.

Understand Merchandise Planning in Retailing. The Merchandise Plan A budgeting tool that helps retailer or buyer to meet department goals ▫Planned sales.
Surplus Property February 2015. Surplus Property Policy Policy is located within the Finance and Operations Policy Library –

Surplus Property February Surplus Property Policy Policy is located within the Finance and Operations Policy Library –
Lecture # 25 Mutual Funds. Cost of Ownership Management Fee.

Lecture # 25 Mutual Funds. Cost of Ownership Management Fee.

Similar presentations

Ads by Google