ICO Information Security Framework™ (IISF)


As your company prepares for an ICO (Initial Coin Offering) or token sale, it is extremely important that information security and compliance is considered throughout the entire process. While you may not yet have customers, or operate in a regulated industry (e.g. Healthcare), information security surrounding your business processes, intellectual properly, and data couldn't be any more important. We've all heard stories of companies losing millions (USD) in cryptocurrencies because their site or systems were compromised during a crypto sale. Regardless of if you're pre-ICO, or you're looking for additional ways to gain trust with investor or token buyers, it's imperative that you prioritize your information security and compliance efforts.

ICO Security and Compliance

We're excited about the prospects of cryptocurrencies and the numerous problems the blockchain can solve. It often feels like the "wild west." While the Healthcare industry has HIPAA, SaaS companies gravitate toward SOC 2, credit card processing has PCI, innovative companies using the blockchain, AI, datas science, and other emerging technologies have no guiding framework for security and compliance. To remedy this, we have developed the IISF, the ISO Information Security Framework.

About the IISF

The ISO Information Security Framework™ has been developed with the core purpose of enabling companies that are planning an ICO or token sale to build a strong foundation of information security and compliance. This is important to increase investor and customer confidence and improve the maturity of the business processes under control by the company. The IISF can serve as a due diligence function for those wishing to buy tokens.

The IISF enables pre-ICO companies to establish organization wide controls, information security and cloud best practices, and appropriate levels of change management control. Practical Assurance steps pre-ICO companies through the tasks required to secure you systems, on-going compliance monitoring, and the ability to report security/compliance status to investors and customers.

Learn More about ICO Security

Have Questions About ICO Security?

Let us help you find out what compliance framework is best for your business.

SOC 1 / SSAE 18

Learn how SOC 1 reports can help businesses with services that impact financial reporting meet the needs of customers and partners.


Learn how SOC 2 reports differ from SOC 1 and are best-suited for companies providing information services such as SaaS and cloud companies.


Learn how HIPAA no longer impacts just healthcare companies. If your company stores any health data (even on behalf of a customer), you're liable.


Learn how to classify your business based on the number of transactions performed on an annual basis. Any business accepting credit cards must demonstrate compliance.

ISO 27001 / 27002

Learn how ISO 27001 is the first step in developing an information security management program that will help your business build trust internationally.