The ICoCA is now accepting applications for ICoCA Certification from Member companies that have third-party certification to one (or more) of the following standards: ISO 18788, ISO 28007, PSC.1, issued by an independent accredited certification body[1]:.


To assist companies in preparing for certification, the Secretariat has prepared guidance on the process for the ISO 28007, ISO 18788 and PSC.1 standards.



See  also:



The ICoCA is responsible for certifying that the systems and policies established by Member companies of the Association meet the principles and standards of the Code of Conduct, and that they are undergoing monitoring, auditing, and verification, including in the field.


The Certification Procedure which accomplishes the vision laid out in Article 11 of the Articles of Association is the result of significant study, discussion, and pragmatic compromise among the pillars – led by the Board Directors – and represents a solid methodology for implementing the first of the Association’s significant Governance and Oversight functions. Following a final comments process the General Assembly voted to accept the procedure. The procedure demonstrates the efforts of the three member pillars to harmonize the Code with newly developed and emerging national and international standards for the private security industry. 


Under the Procedure, the Board assesses and recognizes standards that are consistent with the Code of Conduct and defines, for each standard, additional information relative to the human rights and humanitarian law impact of PSC operations that it needs to assess whether a company's systems and policies meet the requirements of the Code.  Members must then become certified to a standard recognized by the Board, and supply the additional information defined by the Board, in order to become certified to the Code.


The 2017 Annual General Assembly formally amended Article 3.3.1 (Membership) of the Articles of Association with the adoption of a new Transitional Membership Process. With this amendment, Companies that have yet to achieve ICoCA Certification will be able to continue to participate in the Association whilst working towards obtaining ICoCA Certification. These Companies will be referred to as Transitional Member companies, and will be given a maximum of 2 years to obtain ICoCA Certification and become ICoCA Certified Members. For current Member Companies, the Transitional Process will start on April 15, 2018, and for new Companies joining after 15 April 2018, on the date of joining the Association. Transitional Members will pay the same dues as ICoCA Certified Members and enjoy the same rights and privileges in the governance of the Association. As part of the ICoCA Oversight responsibilities, the Secretariat will work closely with Transitional Members to enable and ensure compliance with the Code and achieve ICoCA Certification.


A complete overview of the Transitional Membership Process can be found here. The list of companies that have achieved ICoCA Certification and are therefore ICoCA Certified Members can be found here.



As foreseen under article 11.2.4 of the Articles of Association, the certification process operates in a manner that is complementary to, and not duplicative of, certification under Board-recognized national and international standards.



PSC.1-2012 establishes a mechanism for private security service providers and their clients to provide demonstrable commitment, conformance, and accountability to the principles outlined in the International Code of Conduct for Private Security Service Providers and the Montreux Document.


Following consultation with Members and Observers the Board have released a Recognition Statement for PSC.1, accompanied by Annex A (Certification Assessment Framework) and Annex B (Additional Requirements). 


ISO 28007

ISO 28007-1:2015 gives guidelines containing additional sector-specific recommendations, which companies (organizations) who comply with ISO 28000 can implement to demonstrate that they provide Privately Contracted Armed Security Personnel (PCASP) on board ships.


In accordance with the process described in the Certification Procedure, the Board have released a Recognition Statement for ISO 28007-1 (2015) ("ISO 28007"), accompanied by Annex A (Certification Assessment Framework), and Annex B (Additional Requirements). Comments received by stakeholders during the process are available here


ISO 18788

ISO 18788:2015 provides a framework for establishing, implementing, operating, monitoring, reviewing, maintaining and improving the management of security operations. It provides the principles and requirements for a security operations management system; and provides a business and risk management framework for organizations conducting or contracting security operations and related activities.


In accordance with the process described in the Certification Procedure, the Board have released a Recognition Statement for ISO 18788:2015 ("ISO 18788"), accompanied by Annex A (Certification Assessment Framework), and Annex B (Additional Requirements). Comments received by stakeholders during the process are available here.


As of 1 November 2016 the ICoCA Secretariat is accepting requests for certification based on PSC.1, ISO 28007, and ISO 18788.  To assist Member companies the Secretariat has issued guidance for companies seeking ICoCA Certification based on these standards, including instructions on the submission of the information described in the Recognition Statement.


Download the Guidance documents (pdf):



(MS Word versions available on the Resources page)


ISO 9001 is not recognized as a pathway to ICoCA certification


The Board of Directors received a request from an ICoCA member that the Association evaluate the standard ISO 9001:2015 (hereafter “ISO 9001”), coupled with a “Human Rights Due Diligence Process and a Human Rights Impact Assessment,” for potential recognition pursuant to the ICoCA’s Certification Procedure.  In accordance with the ICoCA Certification Procedure, the Secretariat has conducted a preliminary analysis of ISO 9001 using the analytical matrix referred to in the Certification Procedure. Due to the significant gap between the coverage of the standard and the Code, particularly with respect to the human rights and humanitarian law-specific provisions of the Code, the Board has decided that further assessment and administration of the additional information that would be required for ISO 9001 to be recognized would be impractical at this time. The preliminary analysis of ISO 9001 is available here.



Relevant documents






[1] The list of current independent accredited Certification Bodies are available for PSC.1; for ISO 28007 ; and for ISO 18788.  Additional information from  SCEG