Why is it desirable Cars Cars Cars 2 Cars 2 What does quality mean in your organisation?
1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4...
Transcript of 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4...
![Page 1: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/1.jpg)
1 / 10.02.2012
1. Audit and Assurance
![Page 2: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/2.jpg)
2 / 10.02.2012
1. Audit and Assurance
1.1 Why Audit?1.2 Policies, CCA + R/L/O1.3 Arbitration1.4 CARS1.5 Assurance Policy1.6 CAP Form1.7 Difference to pure Id checking
➢
![Page 3: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/3.jpg)
10.02.20123 /
1.1 CAcert and the Audit
● The Requests: Roots into the Browsers
● This requires: Audit●
● Audit requires: Policies (we have now)
![Page 4: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/4.jpg)
10.02.20124 /
1.1 CAcert and the Audit
Audit Management Business Areas
1. Assurances (RA) (Registration Authority)
2. Systems (CA) (Certificate Authority)3.
.ra
.ca
![Page 5: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/5.jpg)
5 / 10.02.2012
1. Audit and Assurance
1.1 Why Audit?1.2 Policies, CCA + R/L/O1.3 Arbitration1.4 CARS1.5 Assurance Policy1.6 CAP Form1.7 Difference to pure Id checking
➢
![Page 6: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/6.jpg)
10.02.20126 /
1.2 Audit and Assurances - Policies
![Page 7: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/7.jpg)
10.02.20127 /
1.2 Audit and Assurances - Policies
● CCA – CAcert Community Agreement●
● AP - Assurance-Policyrelated documents- AH Assurance Handbook- PoN Practice on NamesAP Subpolicies- PoJAM Policy on Junior Assurers/Members
●
● DRP – Dispute Resolution Policy
![Page 8: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/8.jpg)
10.02.20128 /
1.2 Audit and Assurance - CCA
● CAcert follows DRC (David Ross Criteria)
● Criteria defines disclosure of R/L/O
● Risks
● Liabilities
● Obligations
● Agreement by members to CCA
![Page 9: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/9.jpg)
10.02.20129 /
1.2 Audit and Assurance - CCA
● To check by the Assurers
● Risks: You may find yourself subject
to Arbitration
● Liabilities: limited to 1000 €
● Obligations: to keep primary email
in good working order
![Page 10: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/10.jpg)
10 / 10.02.2012
1. Audit and Assurance
1.1 Why Audit?1.2 Policies, CCA + R/L/O1.3 Arbitration1.4 CARS1.5 Assurance Policy1.6 CAP Form1.7 Difference to pure Id checking
➢
![Page 11: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/11.jpg)
10.02.201211 /
1.3 Audit and Assurance - Arbitration
Why we need our own Arbitration?
● To protect the community
● To protect each member
● Arbitration is the fallback option for all
unexpected topics
● Problem with international situation
![Page 12: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/12.jpg)
12 / 10.02.2012
1. Audit and Assurance
1.1 Why Audit?1.2 Policies, CCA + R/L/O1.3 Arbitration1.4 CARS1.5 Assurance Policy1.6 CAP Form1.7 Difference to pure Id checking
➢
![Page 13: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/13.jpg)
10.02.201213 /
1.4 Audit and Assurance - CARS
● CARS – CAcert Assurer Reliable Statement
● The Assurance Statement is a
CAcert Assurer Reliable Statement
● Will be used to reliable transfer information
for the audit
● Adopted by the arbitration system
![Page 14: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/14.jpg)
14 / 10.02.2012
1. Audit and Assurance
1.1 Why Audit?1.2 Policies, CCA + R/L/O1.3 Arbitration1.4 CARS1.5 Assurance Policy1.6 CAP Form1.7 Difference to pure Id checking
➢
![Page 15: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/15.jpg)
10.02.201215 /
1.5 Audit and Assurance - AP
● AP – Assurance Policy
defines the process of Assurance
● The purpose of the Assurance
is the bridge between Policy and Practice
● What do we have to check ?
![Page 16: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/16.jpg)
10.02.201216 /
1.5 Audit and Assurance - AP
Purpose of Assurance
→ The 5 Fingers Rule
1. Member
2. Account
3. Certificate
4. Arbitration
5. (some) Data
![Page 17: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/17.jpg)
10.02.201217 /
1.5 Audit and Assurance - AP
Purpose of Assurance
1. Member
The person is a
bonafide member
![Page 18: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/18.jpg)
10.02.201218 /
1.5 Audit and Assurance - AP
Purpose of Assurance
2. Account
A member has an account
with a verified email
Question: Do you have an Account?
Question: Primary email?
![Page 19: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/19.jpg)
10.02.201219 /
1.5 Audit and Assurance - AP
Purpose of Assurance
3. Certificate
With an account, the member
can create certificates
If there is a problem,
the unique serial number points to an
account and ...
![Page 20: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/20.jpg)
10.02.201220 /
1.5 Audit and Assurance - AP
Purpose of Assurance
4. Arbitration
therefor the member
can be brought into Arbitration
as long the member has been
bound to Arbitration
by accepting the CCA
![Page 21: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/21.jpg)
10.02.201221 /
1.5 Audit and Assurance - AP
Purpose of Assurance
5. Data
Some Data of the member
is known
- Names- Email- Secondary distinguishing feature → DoB
![Page 22: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/22.jpg)
22 / 10.02.2012
1. Audit and Assurance
1.1 Why Audit?1.2 Policies, CCA + R/L/O1.3 Arbitration1.4 CARS1.5 Assurance Policy1.6 CAP Form1.7 Difference to pure Id checking
➢
![Page 23: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/23.jpg)
10.02.201223 /
1.6 Audit and Assurance – CAP Form
● AP 4.5 – What has to be on the CAP form?
![Page 24: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/24.jpg)
10.02.201224 /
1.6 Audit and Assurance – CAP Form
● AP 4.5 – What has to be on the CAP form?
● „The Magnificent Seven“
● Assuree / Applicant
● 1. Name, 2. DoB, 3. Email
● Acceptance 4. CCA, 5. to the Assurance
● 6. Date, 7. Signature
![Page 25: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/25.jpg)
10.02.201225 /
1.6 Audit and Assurance – CAP Form
● AP 4.5 – What has to be on the CAP form?
● „The Magnificent Seven“
● Assurer
● 1. Name, 2. Points, 3. Assurance Statement
● 4. Location, 5. Date 6. Signature
● (7.) which documents?
![Page 26: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/26.jpg)
10.02.201226 /
1.6 Audit and Assurance – CAP Form
● AP 4.5 – If CCA Acceptance is missing?
→ Add by Hand
![Page 27: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/27.jpg)
27 / 10.02.2012
1. Audit and Assurance
1.1 Why Audit?1.2 Policies, CCA + R/L/O1.3 Arbitration1.4 CARS1.5 Assurance Policy1.6 CAP Form1.7 Difference to pure Id checking
➢
![Page 28: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/28.jpg)
10.02.201228 /
1.6 Audit and Assurance – CAcert Assurance
● What makes CAcert Assurance different to a
pure Id checking?
●
![Page 29: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/29.jpg)
29 / 10.02.2012
1. Audit and Assurance
1.1 Why Audit?1.2 Policies, CCA + R/L/O1.3 Arbitration1.4 CARS1.5 Assurance Policy1.6 CAP Form1.7 Difference to pure Id checking
![Page 30: 1. Audit and Assurancesvn.cacert.org/.../PDF/...10_Audit-Assurance-EN.pdf · 13 / 10.02.2012 1.4 Audit and Assurance - CARS CARS – CAcert Assurer Reliable Statement The Assurance](https://reader034.fdocuments.in/reader034/viewer/2022042202/5ea233d156137645c8724b06/html5/thumbnails/30.jpg)
30 / 10.02.2012
Questions?