[cabfpub] Ballot idea: Define "Audit Period"

Arno Fiedler arno.fiedler at nimbus-berlin.com
Sun Feb 26 16:22:32 UTC 2017

asked the ETSI ESI and ACAB´c Collegues to give additional input on the 
definitions  of "Audit Period" and "Audit Frequency" as defined in 
European Norms.

Best regards and enjoy the week.



Am 23.02.2017 um 21:06 schrieb Kirk Hall via Public:
> Here is the “core” WT language in a practitioner’s report:
> We have examined the assertion by the management of [name of CA] that 
> in providing its Certification Authority (CA) services during the 
> period from April 1, 2015 through March 31, 2016, [CA] has: [done 
> various things for its roots] based on the Trust Service Principles 
> and Criteria for Certification Authorities Version 2.0. ***
> In our opinion, for the period April 1, 2015 through March 31, 2016, 
> [CA’s] management’s assertion, as set forth in the first paragraph, is 
> fairly stated, in all material respects, based on the AICPA/CICA Trust 
> Service Principles and Criteria for Certification Authorities Version 2.0.
> How about changing "the period of CA operations a Qualified Auditor 
> _considers_ ***” to “examines” or “reports on” or “covers”?
> Maybe we ask Jeff Ward to choose exactly the right language?  
> Otherwise, we support and will co-endorse.  Are there other minor 
> changes to the BRs (and EVGL) to make in this same ballot?
> -----Original Message-----
> From: Public [mailto:public-bounces at cabforum.org] On Behalf Of Gervase 
> Markham via Public
> Sent: Thursday, February 23, 2017 11:51 AM
> To: CABFPub <public at cabforum.org>
> Cc: Gervase Markham <gerv at mozilla.org>
> Subject: [cabfpub] Ballot idea: Define "Audit Period"
> The term "audit period" is used in the BRs but not defined, and 
> Kathleen tells me she keeps running into CAs who don't understand it, 
> often confusing it with the period of time the auditor is on the premises.
> Would anyone be opposed to a ballot to add a definition of Audit 
> Period along the following lines?
> Audit Period: the period of CA operations a Qualified Auditor 
> considers when assessing the work of a CA in order to write an Audit 
> Report. This is not the same as the (much shorter) period of time 
> during which the auditor is carrying out the audit. Audit Periods MUST 
> NOT exceed 1 year in duration, and Audit Periods for successive audits 
> of a particular type MUST be continuous.
> (The latter sentence is added for clarity, and repeats something said 
> in section 8.1.)
> The ballot would also replace "audit period" with "Audit Period" 
> throughout.
> Gerv
> _______________________________________________
> Public mailing list
> Public at cabforum.org <mailto:Public at cabforum.org>
> https://cabforum.org/mailman/listinfo/public
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

Arno Fiedler
Nimbus Technologieberatung GmbH
Reichensteiner Weg 17
14195 Berlin
Mobil:      0049-(0)172-3053272
Fax:        0049-(0)30-89745-777
E-Mail:     arno.fiedler at nimbus-berlin.com
Web:        www.nimbus-berlin.com
Geschäftsführer:  Arno Fiedler
USt-IdNr. :       DE 203 269 920
D-U-N-S® Nr.      50-730-8117
HandelsregisterNr:HRB 109409 B

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170226/db458f50/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: arno_fiedler.vcf
Type: text/x-vcard
Size: 302 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170226/db458f50/attachment-0003.vcf>

More information about the Public mailing list