Hello,asked the ETSI ESI and ACAB´c Collegues to give additional input on the definitions of "Audit Period" and "Audit Frequency" as defined in European Norms.
Best regards and enjoy the week. Arno http://www.european-accreditation.org/information/etsistandard-en-319-403-published-to-provide-requirements-for-conformity-assessmentbodies-assessing-trust-service-providers-tsps Am 23.02.2017 um 21:06 schrieb Kirk Hall via Public:
Here is the “core” WT language in a practitioner’s report:We have examined the assertion by the management of [name of CA] that in providing its Certification Authority (CA) services during the period from April 1, 2015 through March 31, 2016, [CA] has: [done various things for its roots] based on the Trust Service Principles and Criteria for Certification Authorities Version 2.0. ***In our opinion, for the period April 1, 2015 through March 31, 2016, [CA’s] management’s assertion, as set forth in the first paragraph, is fairly stated, in all material respects, based on the AICPA/CICA Trust Service Principles and Criteria for Certification Authorities Version 2.0.How about changing "the period of CA operations a Qualified Auditor _considers_ ***” to “examines” or “reports on” or “covers”?Maybe we ask Jeff Ward to choose exactly the right language? Otherwise, we support and will co-endorse. Are there other minor changes to the BRs (and EVGL) to make in this same ballot?-----Original Message-----From: Public [mailto:[email protected]] On Behalf Of Gervase Markham via PublicSent: Thursday, February 23, 2017 11:51 AM To: CABFPub <[email protected]> Cc: Gervase Markham <[email protected]> Subject: [cabfpub] Ballot idea: Define "Audit Period"The term "audit period" is used in the BRs but not defined, and Kathleen tells me she keeps running into CAs who don't understand it, often confusing it with the period of time the auditor is on the premises.Would anyone be opposed to a ballot to add a definition of Audit Period along the following lines?Audit Period: the period of CA operations a Qualified Auditor considers when assessing the work of a CA in order to write an Audit Report. This is not the same as the (much shorter) period of time during which the auditor is carrying out the audit. Audit Periods MUST NOT exceed 1 year in duration, and Audit Periods for successive audits of a particular type MUST be continuous.(The latter sentence is added for clarity, and repeats something said in section 8.1.)The ballot would also replace "audit period" with "Audit Period" throughout.Gerv _______________________________________________ Public mailing list [email protected] <mailto:[email protected]> https://cabforum.org/mailman/listinfo/public _______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
-- Arno Fiedler Nimbus Technologieberatung GmbH Reichensteiner Weg 17 14195 Berlin Mobil: 0049-(0)172-3053272 Fax: 0049-(0)30-89745-777 E-Mail: [email protected] Web: www.nimbus-berlin.com Geschäftsführer: Arno Fiedler USt-IdNr. : DE 203 269 920 D-U-N-S® Nr. 50-730-8117 HandelsregisterNr:HRB 109409 B
<<attachment: arno_fiedler.vcf>>
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
