[cabfpub] Ballot idea: Define "Audit Period"
Arno Fiedler
arno.fiedler at nimbus-berlin.com
Sun Feb 26 16:22:32 UTC 2017
Hello,
asked the ETSI ESI and ACAB´c Collegues to give additional input on the
definitions of "Audit Period" and "Audit Frequency" as defined in
European Norms.
Best regards and enjoy the week.
Arno
http://www.european-accreditation.org/information/etsistandard-en-319-403-published-to-provide-requirements-for-conformity-assessmentbodies-assessing-trust-service-providers-tsps
Am 23.02.2017 um 21:06 schrieb Kirk Hall via Public:
>
> Here is the “core” WT language in a practitioner’s report:
>
> We have examined the assertion by the management of [name of CA] that
> in providing its Certification Authority (CA) services during the
> period from April 1, 2015 through March 31, 2016, [CA] has: [done
> various things for its roots] based on the Trust Service Principles
> and Criteria for Certification Authorities Version 2.0. ***
>
> In our opinion, for the period April 1, 2015 through March 31, 2016,
> [CA’s] management’s assertion, as set forth in the first paragraph, is
> fairly stated, in all material respects, based on the AICPA/CICA Trust
> Service Principles and Criteria for Certification Authorities Version 2.0.
>
> How about changing "the period of CA operations a Qualified Auditor
> _considers_ ***” to “examines” or “reports on” or “covers”?
>
> Maybe we ask Jeff Ward to choose exactly the right language?
> Otherwise, we support and will co-endorse. Are there other minor
> changes to the BRs (and EVGL) to make in this same ballot?
>
> -----Original Message-----
> From: Public [mailto:public-bounces at cabforum.org] On Behalf Of Gervase
> Markham via Public
> Sent: Thursday, February 23, 2017 11:51 AM
> To: CABFPub <public at cabforum.org>
> Cc: Gervase Markham <gerv at mozilla.org>
> Subject: [cabfpub] Ballot idea: Define "Audit Period"
>
> The term "audit period" is used in the BRs but not defined, and
> Kathleen tells me she keeps running into CAs who don't understand it,
> often confusing it with the period of time the auditor is on the premises.
>
> Would anyone be opposed to a ballot to add a definition of Audit
> Period along the following lines?
>
> Audit Period: the period of CA operations a Qualified Auditor
> considers when assessing the work of a CA in order to write an Audit
> Report. This is not the same as the (much shorter) period of time
> during which the auditor is carrying out the audit. Audit Periods MUST
> NOT exceed 1 year in duration, and Audit Periods for successive audits
> of a particular type MUST be continuous.
>
> (The latter sentence is added for clarity, and repeats something said
> in section 8.1.)
>
> The ballot would also replace "audit period" with "Audit Period"
> throughout.
>
> Gerv
>
> _______________________________________________
>
> Public mailing list
>
> Public at cabforum.org <mailto:Public at cabforum.org>
>
> https://cabforum.org/mailman/listinfo/public
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
--
Arno Fiedler
Nimbus Technologieberatung GmbH
Reichensteiner Weg 17
14195 Berlin
Mobil: 0049-(0)172-3053272
Fax: 0049-(0)30-89745-777
E-Mail: arno.fiedler at nimbus-berlin.com
Web: www.nimbus-berlin.com
Geschäftsführer: Arno Fiedler
USt-IdNr. : DE 203 269 920
D-U-N-S® Nr. 50-730-8117
HandelsregisterNr:HRB 109409 B
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170226/db458f50/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: arno_fiedler.vcf
Type: text/x-vcard
Size: 302 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170226/db458f50/attachment-0003.vcf>
More information about the Public
mailing list