ETSI - TR 119 411-4
Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates; Part 4: Checklist supporting audit of TSP against ETSI EN 319 411-1 or ETSI EN 319 411-2
| Organization: | ETSI |
| Publication Date: | 1 May 2018 |
| Status: | active |
| Page Count: | 7 |
scope:
The present document is a checklist of the policy requirements specific to TSP issuing certificates (as expressed in ETSI EN 319 411-1 [i.2] and ETSI EN 319 411-2 [i.3]) including the generic requirements which are independent of the type of service (as expressed in ETSI EN 319 401 [i.1]).
The checklist identifies each requirement associated with each certificate policy, as specified in ETSI EN 319 411-1 [i.2] and ETSI EN 319 411-2 [i.3], and also relates where relevant the requirement to a particular TSP component service. Additional fields are provided to allow TSPs to indicate claimed compliance to a particular requirement and for assessors to indicate the results of an assessment for each requirement. This checklist can be used by the TSP itself to prepare for an assessment of its practices against the referenced documents (i.e. serve as a basis for a self-declaration) and/or by the assessor when conducting the assessment.
The present document does not specify how the requirements identified can be assessed by an independent party, including requirements for information to be made available to such independent assessors, or requirements on such assessors.
NOTE: See ETSI EN 319 403 [i.7] for guidance on assessment of TSP's processes and services.
Document History
