[cabfpub] When did the WebTrust/ETSI BR audit requirement become mandatory?

Sheehy, Don (CA - Toronto) dosheehy at deloitte.ca
Wed Feb 25 18:07:13 UTC 2015


If one remembers the discussion that we had at the face to face and others , one would remember that there are CAs that are NOT public and NOT  part of the trusted root programs that do not require the additional baseline audit. Given that, a merger into one set of standards is unlikely in the near future ( unless we decide to create WebTrust Pubic and non-public versions – but that is unlikely).

So at present you need to meet WebTrust and WebTrust BR  + WebTrust EV ( If applicable). If your reporting year starts after last June 30 you will also need to meet the Network Security requirements.

Don

Donald E. Sheehy, CPA, CA, CISA, CRISC, CIPP/C, CITP
Partner | Enterprise Risk
Deloitte


From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Eddy Nigg
Sent: Friday, February 20, 2015 5:03 PM
To: kirk_hall at trendmicro.com; i-barreira; Peter Bowen; public at cabforum.org
Subject: Re: [cabfpub] When did the WebTrust/ETSI BR audit requirement become mandatory?


On 02/20/2015 11:45 PM, kirk_hall at trendmicro.com<mailto:kirk_hall at trendmicro.com> wrote:
When you say “why” – do you mean “is regular WebTrust still required?” (it is, along with BR WebTrust), or are you suggesting that regular WebTrust should no longer be a requirement, just BR WebTrust?

I certainly would expect that this will become one (basic) audit eventually (and EV and others optional).
--
Regards



Signer:

Eddy Nigg, COO/CTO



StartCom Ltd.<http://www.startcom.org>

XMPP:

startcom at startcom.org<xmpp:startcom at startcom.org>

Blog:

Join the Revolution!<http://blog.startcom.org>

Twitter:

Follow Me<http://twitter.com/eddy_nigg>




Confidentiality Warning: 

This message and any attachments are intended only for the use of the intended recipient(s), are confidential, and may be privileged. If you are not the intended recipient, you are hereby notified that any review, retransmission, conversion to hard copy, copying, circulation or other use of this message and any attachments is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, and delete this message and any attachments from your system. Thank You

If you do not wish to receive future commercial electronic messages from Deloitte, forward this email to unsubscribe at deloitte.ca

Avertissement de confidentialité: 

Ce message, ainsi que toutes ses pièces jointes, est destiné exclusivement au(x) destinataire(s) prévu(s), est confidentiel et peut contenir des renseignements privilégiés. Si vous n’êtes pas le destinataire prévu de ce message, nous vous avisons par la présente que la modification, la retransmission, la conversion en format papier, la reproduction, la diffusion ou toute autre utilisation de ce message et de ses pièces jointes sont strictement interdites. Si vous n’êtes pas le destinataire prévu, veuillez en aviser immédiatement l’expéditeur en répondant à ce courriel et supprimez ce message et toutes ses pièces jointes de votre système. Merci.

Si vous ne voulez pas recevoir d’autres messages électroniques commerciaux de Deloitte à l’avenir, veuillez envoyer ce courriel à l’adresse unsubscribe at deloitte.ca
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150225/264b0493/attachment-0003.html>


More information about the Public mailing list