ICT Asset Recovery Standard 8.0
As the UK’s definitive certification for data sanitisation in IT asset disposal, the ADISA ICT Asset Recovery Standard 8.0 is an ICO-approved, UKAS-accredited UK GDPR certification scheme.

Click here to download the standard (UK) 🇬🇧
Click here to download the standard (EU) 🇪🇺
- Demonstrate compliance with UK GDPR
- Gain official recognition through ICO approval
- Build client trust and improve tender competitiveness
- Prove accountability with an auditable, measurable framework
- Reduce regulatory risk by proactively addressing data protection
- Stand out as a certified, GDPR Compliant ITAD
What is ADISA ICT Asset Recovery Standard 8.0?
ICT Asset Recovery Standard 8.0 is a certification recognised by the UK Information Commissioner’s Office (ICO) under Article 42 of the UK GDPR. It validates that IT Asset Disposition (ITAD) providers meet high data-protection standards. This certification assures regulators and clients that a company’s data sanitisation processes comply with UK GDPR requirements, offering robust and legally defensible IT asset disposal compliance.
In essence, being certified to this standard not only ensures compliance but also enhances service quality, reduces risk, and helps companies stand out in the market.
What is UKAS Accredited and ICO approved?
A scheme approved by the Information Commissioner’s Office as meeting the criteria for UK GDPR privacy certification. Find out more on the ICO website.
ICT Asset Recovery Standard 8.0 is specifically tailored to UK GDPR and formally approved by the ICO as an official UK GDPR certification scheme. ADISA Certification – the scheme owner and certification body – is UKAS-accredited to audit this standard. Certified companies can document “sufficient guarantees” of security to their data-controller clients, showing that data protection has been built into every step of the asset disposal proces.
Who is ADISA ICT Asset Recovery Standard 8.0 applicable for
ICT Asset Recovery Standard 8.0 is a certification for processors or sub-processors in the IT Asset Disposition (ITAD) sector, ensuring they meet stringent GDPR data sanitisation standards. This certification, recognised by the ICO, helps ITAD providers demonstrate compliance to clients in regulated sectors like finance, healthcare, and government, streamlining due diligence and audits. It enforces structured risk management through the ADISA DIAL framework, aligning service levels with data sensitivity and risk appetite, and positions certified firms as reliable, legally compliant partners in data protection.
A DIAL rating (Data Impact Assurance Level) is a core element of the ADISA ICT Asset Recovery Standard 8.0.
I’d like to monitor an ITAD
ICT Asset Recovery Standard 8.0-certified members undergo regular audits to maintain their certified status; any issues can impact their certification. These audit reports are accessible to end users via the Monitor an ITAD service.