The provision of Certification Services is more than just the software of the solution, the personnel maintaining the solution and the technical infrastructure. The recognition and the trust of a Certification Services Provider depend on the internal policies and procedures the provider is implementing.
Policies and procedures are internal and confidential documents of the organization which describe the operations of the Certification Services Provider, and are critical input for an internal or external audit.
An indicative list of these documents includes:
- the Certificate Policy (CP),
- the Certificate Practice Statement (CPS),
- the Key Management Security Plan,
- the Key Management Policy,
As a founding member of the VeriSign’s Trust Network and a VeriSign Affiliate since 1998, ADACOM has a vast experience in similar engagements and provides expert PKI consulting for developing the necessary policies for a Certificate Services Provider.