About ICANN
- Academic Engagement
- Acronyms and Terms
- Courses and Learning
- ICANN for Beginners
- Participate
- President's Corner
- ICANN Management Organization Chart
- Staff
- Careers
- In Focus
- Media Resources
Board Activities and Meetings
Accountability
- Accountability Mechanisms
- Reviews
  - Organizational Reviews
  - Specific Reviews
- Expected Standards of Behavior
- Employee Practices and Resources
- Enhancing ICANN Accountability – Work Stream 2 Implementation
Governance
- Governance Documents
- Evolving ICANN’s Multistakeholder Model
- Agreements
- Annual Reports
- Financials
- Planning
  - Strategic Plan
  - Operating Plan
- Presentations
- RFPs
- Litigation
- Newsletter
- Correspondence
  - 2023
  - 2022
  - 2021
  - 2020
  - 2019
  - 2018
  - 2017
  - 2016
  - 2015
  - 2014
  - 2013
  - 2012
  - 2011
  - 2010
  - 2009
  - 2008
  - 2007
  - 2006
  - 2005
  - 2004
  - 2003
  - 2002
  - 2001
  - 2000
  - 1999
  - 1998
- Quarterly Reports
Groups
- 2023 ICANN CEO Search Committee
- RSSAC
  - Charter
- SSAC
- GAC
- At-Large
- ASO
- ccNSO
- GNSO
- Technical Liaison Group
  - Technical Experts Group (TEG)
- NomCom
  - Past NomComs
- Customer Standing Committee
- Root Zone Evaluation Review Committee (RZERC)
Business
Civil Society
Complaints Office
- Complaints Report
Domain Name System Abuse
Contractual Compliance
- About
- Enforcement of DNS Abuse Obligations
- Formal Enforcement Notices
  - Archive
- Contractual Compliance Metrics
- Blogs
- Contractual Compliance Audit Program
- Notice of Bankruptcy, Convictions and Security Breaches
- Contractual Compliance Reports
- gTLD Registry Compliance
- Accredited Registrar Compliance
- General Questions
- Outreach
Contracted Parties (Registry Operators and Accredited Registrars)
Domain Name Registrants
- About Domain Names
- ICANN Policies
- Registration Data Policies
  - WHOIS and Registration Data Directory Services
    - The Domain Name Registration Process
      - Using Domain Name Registration Data
      - Keeping Registration Data Accurate
    - Access and the Evolution of the WHOIS System
- Domain Name Industry
- Registering Domain Names
- Managing Domain Names
  - Contact Information and WDRP
  - Securely Managing Your Domain Name
- Transferring Domain Names
- Renewing Domain Names
- Rights and Responsibilities
- Spam, Phishing, and Website Content
- Trademark Infringement
GDS Metrics
Identifier Systems Security, Stability and Resiliency (OCTO-SSR)
ccTLDs
- Background Materials
- Agreements
- Delegation
- Root Zone Database
- Model MOU
- Workshops
- ICANN and ISO
Internationalized Domain Names
- Root Zone Label Generation Rules (LGR)
- IDN Variant TLD Implementation
- LGR Toolset
- IDN ccTLD Fast Track
- IDN Implementation Guidelines
- Second-Level LGR Reference
- Resources
- Announcements and Blogs Posts
New gTLD Program
Universal Acceptance Initiative
- Make your systems UA-ready
- UA Training
- UA Day
- UA Readiness Evaluations
- UA Initiatives
- Announcements and Blogs Posts
Policy
- Policy Mission
- Policy Staff Goals
- Presentations
- Global Addressing
- Policy Updates
Operational Design Phase (ODP)
Implementation
Public Comment
- Open
- Upcoming
- Archive
Root Zone KSK Rollover
Technical Functions
- Tech Day Archive
ICANN Locations
- Report Security Issues
- PGP Keys
- Certificate Authority
- Registry Liaison
- Ombudsman
I Need Help
- Dispute Resolution
- Domain Name Dispute Resolution
- Name Collision
- Registrar Problems
- Whois Data Correction
- Independent Review Process
- Request for Reconsideration
- Document

Security, Stability, and Resiliency Review (SSR)

Under the Bylaws (Section 4.6(c)), ICANN is committed to a periodic review of ICANN’s execution of its commitment to enhance the operational stability, reliability, resiliency, security, and global interoperability of the systems and processes that are affected by the Internet’s system of unique identifiers that ICANN coordinates.

The ICANN organization (org) has conducted two iterations of the Security, Stability, and Resiliency (SSR) Review and is now in the process of implementing SSR2 recommendations the Board approved in July 2021, May 2022, and November 2022.

On 10 March 2022, the Board took action to defer the third Security, Stability, and Resiliency (SSR3) Review.

On 19 May 2025, the Board directed ICANN org to initiate work to design a review program that is fit for the intended purposes of enhancing ICANN’s accountability, transparency, and effectiveness. The Board identified a community dialogue to develop a shared understanding of the areas and issues for which reviews will enhance ICANN’s accountability, transparency and effectiveness as a first step. This resulted in some work plan adjustments, including the continued deferral of the ATRT4.

For more information on the community dialogue, refer to the Review of Reviews Cross Community Group work space.

Status of SSR2 Recommendations

25 January 2021 - SSR2 Final Report - 63 Recommendations Produced
Board Action	Approved	Passed Through to Community Groups	Pending Board Consideration	Rejected
22 July 2021	13 Board approves Recs. 1.1, 4.1, 5.1, 5.2, 9.1, 10.1, 16.1, 21.1, 22.1, 22.2, 23.1, 23.2 and 24.2	0	34 Boards puts in pending Recs. 3.1, 3.2, 3.3, 4.3, 5.3, 5.4, 6.1, 6.2, 7.1, 7.2, 7.3, 7.4, 7.5, 9.2, 9.3, 11.1, 12.1, 12.2, 12.3, 12.4, 13.1, 13.2, 14.2, 16.2, 16.3, 17.1, 18.1, 18.2, 18.3, 19.1, 19.2, 20.1, 20.2 and 24.1	16 Board rejects Recs. 2.1, 2.2, 2.3, 2.4, 4.2, 8.1, 9.4, 10.2, 10.3, 14.1, 14.3, 14.4, 14.5, 15.1, 15.2, and 17.2
1 May 2022	14 Board approves Rec. 5.4	0	31	18 Board rejects 19.1 and 19.2
16 November 2022	23 Board approves Recs. 3.2, 3.3, 5.3, 7.1, 7.2, 7.3, 7.5 11.1 and 24.1	0	10	30 Board rejects 3.1, 4.3, 6.1, 6.2, 7.4, 16.2, 16.3, 18.1, 18.2, 18.3, 20.1, and 20.2
10 September 2023	24 Board approves Rec. 13.2	0	1	38 Board rejects 9.2, 9.3, 12.1, 12.2, 12.3, 12.4, 13.1 and 14.2
11 December 2024	25 Board approves Rec 17.1	0	0	38

Implementation Status of SSR2 Recommendations

25 Board Approved Recommendations:

Implementation Status
Complete	SSR1 implementation: 1.1 Documentation of SSR related budgeting: 3.2, 3.3 Security Risk Management framework: 4.1 Information security management system: 5.1, 5.2 External parties: 5.3 Reporting: 5.4 Business Continuity and Disaster Recovery plans: 7.1, 7.2, 7.3, 7.5 Compliance: 9.1, 13.2 DNS abuse webpage: 10.1 Access to Centralized Zone Data Service: 11.1 Web improvements: 16.1 Name collision: 17.1 Root Zone Management System: 21.1 DNSKEY algorithm rollover: 23.1, 23.2 EBERO: 24.1, 24.2
In Progress	Reporting: 22.1 Community Feedback: 22.2
Not Started	N/A

Implementation status of recommendations should be understood as follows:

Complete: a recommendation's intent which is considered implemented or addressed.
In progress: a recommendation for which work has started to address deliverables identified during the implementation design. Implementation design is the preparatory phase for implementation during which a cross-functional project team develops guidelines that include deliverables for implementation, costing out resources, risk assessment, as well as an inventory of existing work etc.
Not started: Work has not started due to, for instance, a dependency on another recommendation and/or process.

Quarterly Updates on Specific Reviews

ICANN Specific Reviews Q2 2025 Quarterly Report (30 June 2025)
ICANN Specific Reviews Q1 2025 Quarterly Report (31 March 2025)
ICANN Specific Reviews Q4 2024 Quarterly Report (31 December 2024)
ICANN Specific Reviews Q3 2024 Quarterly Report (30 September 2024)
ICANN Specific Reviews Q2 2024 Quarterly Report (30 June 2024)
ICANN Specific Reviews Q1 2024 Quarterly Report (31 March 2024)
ICANN Specific Reviews Q4 2023 Quarterly Report (31 December 2023)
ICANN Specific Reviews Q3 2023 Quarterly Report (30 September 2023)
ICANN Specific Reviews Q2 2023 Quarterly Report (30 June 2023)
ICANN Specific Reviews Q1 2023 Quarterly Report (31 March 2023)
ICANN Specific Reviews Q4 2022 Quarterly Report (31 December 2022)

Review Progress and Milestones

The graphic below illustrates phases and status of the review - a indicates that all activities within a given phase have been completed. The chart that follows the graphic provides further details of key activities and milestones within each phase – you can view these details by clicking on each of the phases in the graphic. The table also contains links to relevant documents.

SSR2

Phase	Activity	Description	Start Date	Documents
Conduct Review	Call for Volunteers	Public announcement inviting volunteers to submit application	30 Jun 2016	Arabic Chinese English French Portuguese Russian Spanish
	Call for Volunteers Extension	Application Extended for the Second Security, Stability and Resiliency (SSR-2) Review Team	12 Aug 2016	Arabic Chinese English French Portuguese Russian Spanish
	Review Team Announced	Selection of the Second Security, Stability, and Resiliency of the DNS Review Team Members Announced	14 Feb 2017	English
	Appointment of Board Designee	Board appoints a member to the Second SSR Review Team	3 Feb 2017	English
	Second Security, Stability, and Resiliency of the DNS Review (SSR2) Restarts	The Second Review of the Security, Stability, and Resiliency of the Domain Name System (SSR2) formally restarted 7 June 2018	7 Jun 2018	English
	Additional Funding	Board resolution approving additional funding	7 Nov 2019	English
	Draft Report	Draft Report for Public Comment	24 Jan 2020	English Arabic Chinese French Russian Spanish
	Public Comment on Draft Report	Public comment on Second Security, Stability and Resiliency (SSR2) Review Team Draft Report	24 Jan 2020	English
	Public Comment Extended	Public Comment Period Extended: SSR2 Review Team Draft Report	3 Mar 2020	English
	Final Report Executive Summary	Executive summary of the SSR2 Final Report	22 Jan 2021	Arabic Chinese English French Russian Spanish
	Final Report	Second Security, Stability, and Resiliency (SSR2) Review Team Final Report	25 Jan 2021	Arabic Chinese English French Russian Spanish
Board Action*	Public Comment on Final Report	Final report and recommendations posted for Public Comment	28 Jan 2021	English
	Board Receipt of the Final Report	Board receipt of the Final Report	3 Mar 2021	English
	Board Action on Final Report and Recommendations	Board resolution taking action on 63 recommendations	22 Jul 2021	English
	Board Blog	Board Action and Next Steps on the SSR2 Review	26 Jul 2021	English
	Deferral of Third SSR Review	Deferral of the Third Review of Security, Stability and Resiliency of the Domain Name System	10 May 2022	English
	Board Action on Recommendations	Board resolution taking action on three pending recommendations	1 May 2022	English
	Board Action on Recommendations	Board resolution taking action on 21 pending recommendations	16 Nov 2022	English
	Board Action on Recommendations	Board resolution taking action on nine pending recommendations	10 Sep 2023	English
	Board Action on Recommendation	Board resolution taking action on one pending recommendation	11 Dec 2024	English
	Deferral of SSR3	Continued deferral of SSR3	19 May 2025	English

For information on the first SSR Review, click here: SSR1