The ICoCA is now accepting applications for ICoCA Certification from Member companies that have third-party certification to one (or more) of the following standards: ISO 18788, ISO 28007, PSC.1, issued by an independent accredited certification body[1]:.


To assist companies in preparing for certification, the Secretariat has prepared guidance on the process for the ISO 28007, ISO 18788 and PSC.1 standards.



See  also:



The ICoCA is responsible for certifying that the systems and policies established by Member companies of the Association meet the principles and standards of the Code of Conduct, and that they are undergoing monitoring, auditing, and verification, including in the field.


The Certification Procedure which accomplishes the vision laid out in Article 11 of the Articles of Association is the result of significant study, discussion, and pragmatic compromise among the pillars – led by the Board Directors – and represents a solid methodology for implementing the first of the Association’s significant Governance and Oversight functions. Following a final comments process the General Assembly voted to accept the procedure. The procedure demonstrates the efforts of the three member pillars to harmonize the Code with newly developed and emerging national and international standards for the private security industry. 


Under the Procedure, the Board assesses and recognizes standards that are consistent with the Code of Conduct and defines, for each standard, additional information relative to the human rights and humanitarian law impact of PSC operations that it needs to assess whether a company's systems and policies meet the requirements of the Code.  Members must then become certified to a standard recognized by the Board, and supply the additional information defined by the Board, in order to become certified to the Code.


Under the Articles of Association, as a transitional matter, Member PSCs shall enjoy on a provisional basis the rights of membership prior to certification under Article 11 until 30 September 2018 (Article 3.3.1).




As foreseen under article 11.2.4 of the Articles of Association, the certification process operates in a manner that is complementary to, and not duplicative of, certification under Board-recognized national and international standards.



PSC.1-2012 establishes a mechanism for private security service providers and their clients to provide demonstrable commitment, conformance, and accountability to the principles outlined in the International Code of Conduct for Private Security Service Providers and the Montreux Document.


Following consultation with Members and Observers the Board have released a Recognition Statement for PSC.1, accompanied by Annex A (Certification Assessment Framework) and Annex B (Additional Requirements). 


ISO 28007

ISO 28007-1:2015 gives guidelines containing additional sector-specific recommendations, which companies (organizations) who comply with ISO 28000 can implement to demonstrate that they provide Privately Contracted Armed Security Personnel (PCASP) on board ships.


In accordance with the process described in the Certification Procedure, the Board have released a Recognition Statement for ISO 28007-1 (2015) ("ISO 28007"), accompanied by Annex A (Certification Assessment Framework), and Annex B (Additional Requirements). Comments received by stakeholders during the process are available here


ISO 18788

ISO 18788:2015 provides a framework for establishing, implementing, operating, monitoring, reviewing, maintaining and improving the management of security operations. It provides the principles and requirements for a security operations management system; and provides a business and risk management framework for organizations conducting or contracting security operations and related activities.


In accordance with the process described in the Certification Procedure, the Board have released a Recognition Statement for ISO 18788:2015 ("ISO 18788"), accompanied by Annex A (Certification Assessment Framework), and Annex B (Additional Requirements). Comments received by stakeholders during the process are available here.


As of 1 November 2016 the ICoCA Secretariat is accepting requests for certification based on PSC.1, ISO 28007, and ISO 18788.  To assist Member companies the Secretariat has issued guidance for companies seeking ICoCA Certification based on these standards, including instructions on the submission of the information described in the Recognition Statement.


Download the Guidance documents (pdf):



(MS Word versions available on the Resources page)


ISO 9001 is not recognized as a pathway to ICoCA certification


The Board of Directors received a request from an ICoCA member that the Association evaluate the standard ISO 9001:2015 (hereafter “ISO 9001”), coupled with a “Human Rights Due Diligence Process and a Human Rights Impact Assessment,” for potential recognition pursuant to the ICoCA’s Certification Procedure.  In accordance with the ICoCA Certification Procedure, the Secretariat has conducted a preliminary analysis of ISO 9001 using the analytical matrix referred to in the Certification Procedure. Due to the significant gap between the coverage of the standard and the Code, particularly with respect to the human rights and humanitarian law-specific provisions of the Code, the Board has decided that further assessment and administration of the additional information that would be required for ISO 9001 to be recognized would be impractical at this time. The preliminary analysis of ISO 9001 is available here.



Relevant documents






[1] The list of current independent accredited Certification Bodies are available for PSC.1; for ISO 28007 ; and for ISO 18788.  Additional information from  SCEG