Skip to main content
Resources

ICANN RESPONSE PLANNING FRAMEWORK

ICANN Response Planning Framework is structured around five key methodologies:

  1. Continuity Planning
  2. Crisis Management Planning
  3. Emergency Response Planning
  4. Disaster Recovery Planning
  5. Incident Response Management

Each methodology incorporates leading and standardized industry practices, providing a structured, high-level overview of ICANN's approach to response planning. This document serves as a summary of the ICANN Response Planning Framework.

  1. Continuity Planning

    ICANN maintains a risk management framework that: (i) creates a holistic, portfolio view of the most significant risks to the organization's mission; (ii) unifies the various risk management activities across the organization for a comprehensive approach and identifies risk management gaps; and (iii) provides assurance to management and the Board that the organization is operating safely in support of ICANN's mission.

    ICANN's Risk Management Framework incorporates Continuity Planning to guide the organization in maintaining critical operations during and after disruptive events. ICANN relies on practical measures to continue time-sensitive, mission-critical processes once a situation has stabilized. This approach ensures that essential activities can carry on without standard resources until these resources are restored or replaced, marking the completion of Disaster Recovery.

    The methodology identifies workarounds to sustain essential operations given an unplanned absence of the regular resources. Beyond process continuity, Continuity Planning emphasizes maintaining clear communication and structured delegation of authority to reduce dependency on specific decision-makers, fostering organizational resilience.

  2. Crisis Management Planning

    The Crisis Management Planning methodology focuses on managing the immediate consequences of an event.  It guides actions taken during the event itself or in its immediate aftermath primarily in order to minimize any impact to ICANN's people, assets, and information. The Crisis Management Team is responsible for coordinating these responses and, as needed, directing the subsequent stages of recovery and continuity efforts.

    The implemented Crisis Management Planning methodology is regularly tested to ensure continuous monitoring, to identify improvement opportunities, and to maintain readiness.

  3. Emergency Response Planning

    The Emergency Response Planning methodology is focused on the period during or immediately following an event, prioritizing the immediate protection of life and assets. In the event of an incident requiring emergency response, tactical teams—selected based on location and subject matter expertise—are primarily responsible for managing the response efforts.  Emergency Response Planning teams will continue to manage the tactical response, feeding information to and receiving tasking and guidance from the Crisis Management Team.

    The implemented Emergency Response Planning methodology is regularly tested to ensure continuous monitoring, identify improvement opportunities, and maintain readiness.

  4. Disaster Recovery Planning

    The Disaster Recovery Planning methodology provides structured guidance to capture all necessary information regarding IT Operations' capacity to withstand a disaster and outlines the essential steps IT Operations will follow to restore ICANN's groups and departments to business-as-usual operations as swiftly as possible following a disaster.

    While the detailed Disaster Recovery Planning methodology is confidential, it covers the following critical sections:

    • Introduction – Definition, Purpose, Scope, and Disaster Declaration
    • Disaster Recovery Teams and Responsibilities
    • Disaster Recovery Call Tree
    • Communication During a Disaster
    • Disaster Management – Identification and Declaration, DRP Activation, Communicating the Disaster, Standby Facility Activation
    • Restoring Engagement and IT (E&IT) Functionality – Data and Backups, Ransomware Recovery
    • Plan Testing and Maintenance

    ICANN's resilience is continually reinforced through regular testing and comprehensive training exercises, ensuring Disaster Recovery Planning ongoing effectiveness. Additionally, Disaster Recovery Planning undergoes periodic testing to ensure constant monitoring, to uncover opportunities for improvement, and to maintain a high level of preparedness.

    Internet Assigned Numbers Authority (IANA)

    Disaster Recovery Planning encompasses all of ICANN's systems that support Public Technical Identifiers' (PTI) delivery of the Internet Assigned Numbers Authority (IANA) functions, including root zone management.

    ICANN and PTI also maintain a specialized Contingency and Continuity of Operations Plan for the IANA Naming Function. Contingency and Continuity of Operations is tested annually through collaborative exercises conducted in a controlled environment. These exercises assess each party's response to potential operational failures and are designed to uncover opportunities for improvement based on the results.

    Additionally, third-party audits are conducted annually to assess various aspects of the IANA functions. According to the IANA's Audit Programs page, these audits evaluate system and organizational controls based on the "Trust Services Principles and Criteria." For more details on the audit programs, please refer to the provided information here.

  5. Incident Response Management

    The Incident Response Management methodology provides comprehensive guidance and documentation for managing information security / cybersecurity incident response and related communication efforts within ICANN. It outlines clear procedures to follow once a security incident is declared, ensuring a structured and effective response. The Incident Response Management methodology aims to address security incidents that could impact ICANN's operational capabilities or potentially affect its reputation, enabling swift and coordinated action to mitigate risks and maintain trust.

Summary

ICANN maintains various operational and organizational policy-level documents that govern critical areas such as security, disaster recovery, incident response, and access control. These documents outline ICANN's strategic approach to safeguarding its operations and ensuring resilience. As part of ICANN's IANA systems and organizational controls annual review, third-party audits are conducted to evaluate ICANN's compliance with its security commitments, including adherence and alignment with the established operational and organizational policy-level documents.

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as""icann.org"" is not an IDN."