TFTM 01-06 Interim Trust Mark/Listing Approach Paper Accreditation, Certification, and Trust Mark Program Key Administrative and Operational Responsibilities.

Slides:



Advertisements
Similar presentations
Establishing a New Accreditation Program in the U.S.
Advertisements

TFTM TFTM Committee working call to discuss how to describe the “IDESG-Acknowledged Identity Ecosystem” in its interim or long term state October.
MODULE B - PROCESS B1.ASME Organizational Structure B2.Standards Development: Staff and Volunteer Roles and Responsibilities B3.Conformity Assessment:
TFTM Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, IDESG TFTM Committee1.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
Ensuring Effective Monitoring, Certification and Verification of Emissions by Jed Jones Lloyd’s Register.
The New TNI Laboratory Accreditation Standards Requirements for an Accreditation Body.
Kantara Initiative Identity Assurance Framework Overview and Value Proposition March 8, 2011.
InCommon Assurance Certification VA-SCAN October 3, 2013 Mary Dunker.
Accreditation 1. Purpose of the Module - To create knowledge and understanding on accreditation system - To build capacity of National Governments/ focal.
1 WebTrust for Certification Authorities (CAs) Overview October 2011 WebTrust for Certification Authorities (CAs) Overview October 2011 Presentation based.
TFTM Sub-Committee What do we need for the IDESG Trust Mark Program Discussion Deck TFTM Committee April 16, IDESG TFTM Committee1.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct,
Proposed Workflow IDESG Self-Assessment and Attestation Program For TFP’s Discussion Deck TFTM Committee 09/23/
ISO/IEC in Brazil Helping SME of Brazil in Becoming more Competitive Getting Competitiveness to VSE.
Implementation of Electronic Signature Law Kęstutis Andrijauskas Information Society Development Committee under the Government of the Republic.
Framework Planning Draft 1 Jack Suess Ian Glazer Peter Alterman Andrew Hughes Michael Garcia.
TFTM Deliverable Trustmark and Conformance Program Discussion Deck TFTM Committee May 07, IDESG TFTM Committee1.
COEN 351: E-Commerce Security Public Key Infrastructure Assessment and Accreditation.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
Quality evaluation and improvement for Internal Audit
ISO 9000:2000 Quality system standards adopted in 1987 by International Organization for Standardization; revised in 1994 and 2000 Technical specifications.
The Global Sustainable Tourism Council (GSTC) Recognition and Accreditation Cathy Parsons and Amos Bien GSTC membership meeting Barcelona 2011.
Presented at CLEAR’s 23rd Annual Conference Toronto, Ontario September, 2003 Public Accountability – Best Practices Accrediting Your Certification Program.
Fraud Prevention and Risk Management
Chicagoland IASA Spring Conference
Quality Management Systems P.Suriya Prakash Final Mech Vcet
Identity Relationship Management The Next Evolution of Identity and Access Management for the Internet of Everything.
Functional Model Workstream 1: Functional Element Development.
NSTIC ID Ecosystem A Conceptual Model v03 Andrew Hughes October October IDESG Version 1.
Federal Emphasis on Accountability in Higher Education and Regional Accreditation Processes Carla D. Sanderson Commissioner, Southern Association of Colleges.
Requirements Development & Template Presentation to All Chairs 8/12/2014.
IAQG OPMT OP Assessor Training SMS, CBMC and OASIS Oversight Assessment February 2015 Module 16.
Lec#3 Project Quality Management Ghazala Amin. 2 Quality Specialist-Job responsibility Responsibilities Reports monitoring and measurement of processes.
WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ Identity and Privacy: the.
OHT 23.1 Galin, SQA from theory to implementation © Pearson Education Limited 2004 The benefits of use of standards The organizations involved in standards.
Conformity Assessment and Accreditation Mike Peet Chief Executive Officer South African National Accreditation System.
InCommon Assurance Discussion on NSTIC Acitivities Jack Suess April 10, IDESG TFTM Committee1.
WebTrust SM/TM Principles and Criteria for Certification Authorities CA Trust Jeff
TFTM Interim Trust Mark/Listing Approach Paper Analysis of Current Industry Trustmark Programs and GTRI PILOT Approach Discussion Deck TFTM Committee.
A DESCRIPTION OF CONCEPTS AND PLANS MAY 14, 2014 A. HUGHES FOR TFTM The Identity Ecosystem DISCUSSION DRAFT 1.
TFTM TFTM Committee working call to discuss how to describe the “IDESG-Acknowledged Identity Ecosystem” in its interim or long term state November.
TFTM Deliverable Self Assessment and Attestation Program Discussion Deck TFTM Committee June 25, IDESG TFTM Committee1.
CERTIFICATION In the Electronics Recycling Industry © 2007 IAER Web Site - -
1 EAP and EAI Alignment: FiXs Pilot Project December 14, 2005 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
10/20/ The ISMS Compliance in 2009 GRC-ISMS Module for ISO Certification.
Definition of Standards Document approved by a recognised body, that provides for common and repeated use, rules, guidelines or characteristics for products.
Identity Assurance: When it Matters David L. Wasley Internet2 / InCommon.
GFIPM FICAM Status Update GFIPM Delivery Team Meeting November 2011.
ASME C&S Training Module B9 MODULE B - PROCESS SUBMODULES B1.Organizational Structure B2.Standards Development: Roles and Responsibilities B3.Conformity.
“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.
1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.
MNAS MONGOLIAN ACCREDITATION SYSTEM
HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.
SAM-101 Standards and Evaluation. SAM-102 On security evaluations Users of secure systems need assurance that products they use are secure Users can:
HIT Policy Committee Meeting Nationwide Health Information Network Governance June 25, 2010 Mary Jo Deering, PhD ONC, Office of Policy and Planning NHIN.
Deputy Head of Federal Accreditation Service Sergey V. Migin Approximation of accreditation systems of European Union and Russia.
KENYA ACCREDITATION SERVICE Doris Mueni - Msc. Med. Microbiology
Progress Report on the U.S. NSTIC Efforts Jack Suess – Delegate for Research, Development, Education & Innovation
Harmonised use of accreditation for assessing the competence of various Conformity Assessment Bodies Dr Andreas Steinhorst, EA ERA workshop 13 April 2016,
1Johannesburg South Africa SMA May International Organization for Standardization.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
66 items – 70% of circulated products
Quality Assurance in Vocational Education and Training in Kosovo
Chapter 20 Additional Assurance Services: Other Information
Quality management standards
Chapter 20 Additional Assurance Services: Other Information
ACCREDITATION PROCESS
Presentation transcript:

TFTM Interim Trust Mark/Listing Approach Paper Accreditation, Certification, and Trust Mark Program Key Administrative and Operational Responsibilities Discussion Deck TFTM Committee February 5, IDESG TFTM Committee1

Trust Framework - Developed by a community whose members have similar goals and perspectives. It defines the rights and responsibilities of that community’s participants in the Identity Ecosystem; specifies the policies and standards specific to the community; and defines the community-specific processes and procedures that provide assurance. (Source: NSTIC) Trust Framework Provider - An organization that defines or adopts a trust framework and then, certifies participants that are in compliance with the requirements of that framework. (Source: FICAM TFPAP-slightly modified for context) Accreditation Body (AKA “Accreditation Authority”) – An organization that evaluates, approves and provides formal recognition that an entity is capable of carrying out certification assessment and validation activities for a specific trust framework Accreditation - The processes for the evaluation, approval and formal recognition that an entity is capable of carrying out certification assessment and validation activities for a specific trust framework. (Source: Kantara-slightly modified for context) IDESG TFTM Committee2 Key terms for this discussion

Certification- The processes of assessing, validating, and determining that a product or service provider meets the defined requirements of a specific trust framework. (Source: FICAM TFPAP-slightly modified for context) Trustmark - A visual symbol and/or digital certificate that is used to indicate that a product or service provider has been certified to meet the requirements of a specific trust framework. (Source: NSTIC- Slightly modified) Trust List - A list of participants who have been determined to meet the requirements of a trust framework and are authorized to operate within that trust framework. Trust lists can be a simple visual representation or be integrated into the electronic interactions of a trust framework. (Source: Modified from NSTIC Trustmark definition) IDESG TFTM Committee3 Key terms for this discussion

Accreditation Program Certification Program Service Provider Administrative Responsibilities: Document and maintain : Policies and participation rules Requirements Application/Onboarding processes Standard agreement for accredited entities Maintain public trust list/registry of accredited entities Operational Responsibilities: Evaluate the capability of applicant entities for certification activities Perform policy mapping, as appropriate, for entity certification policies/requirements conformance/comparability to Accreditation Program requirements Administrative Responsibilities: Document and maintain: Requirements Assessment Processes Assessment Criteria Application/onboarding processes Standard agreement for certified entities Formal recognition of certified services Maintain public trust list/registry of certified entities Operational Responsibilities: Perform and document assessments Validate conformance to Certification Program requirements Provide formal recognition for approved/validated identity services Monitor continued conformance for certified entities Administrative Responsibilities: Document and maintain Trust Mark issuance and usage policies and participation rules Document and maintain Trust Mark (Usage) Agreement Document and maintain security and controls for Trustmark monitoring. Operational Responsibilities: Execute and maintain Trust Mark (Usage) Agreements for certified entities Monitor continued conformance to Trustmark usage requirements for certified entities Establish and maintain security and controls for issued trust marks Trust Mark Issuance Accredit Certify/Issue Certification Accreditation IDESG TFTM Committee4

IDESG TFTM Committee5 Key Administrative Responsibilities Industry ExamplesRelevant Standards Document and maintain Accreditation Program policies and participation rules Kantara IAF, IAF 1300 Assurance Assessment SchemeKantara IAF, IAF 1300 Assurance Assessment Scheme, IAF 1600 Qualified Assessor Requirements IAF 1600 Qualified Assessor Requirements SysTrust/Webtrust Trust Services Principles, Criteria, and Illustrations FICAM Trust Framework Provider Adoption Program (TFPAP), Certificate Policies for FBCA, EGCA, EGTS ISO/IEC Conformity Assessment– Vocabulary and general principles ISO/IEC Conformity assessment — General requirements for accreditation bodies Document and maintain Accreditation Program requirements Kantara IAF 1600 Qualified Assessor Requirements SysTrust/Webtrust Trust Services Principles, Criteria, and Illustrations FICAM TFPAP, Criteria and Methodology for Cross-certification with the FBCA ISO/IEC Conformity assessment — General requirements for accreditation bodies Document and maintain Accreditation Program application and approval processes (initial, renewal) Kantara Accredited Assessor Application FICAM Trust Framework Provider Assessment Package ApplicationFICAM Trust Framework Provider Assessment Package Application, Criteria and Methodology for Cross-certification with the FBCA ISO/IEC Conformity assessment — General requirements Maintain public trust list/registry of accredited entities KantaraKantara SysTrust/Webtrust FICAM TFPAP, FBCA SafeBiopharmaSafeBiopharma OIXOIX ISO/IEC Conformity assessment — General requirements for accreditation bodies Accreditation Program Key Responsibilities

IDESG TFTM Committee6 Key Operational ResponsibilitiesIndustry ExamplesRelevant Standards Process and support applicant entities through accreditation process N/A ISO/IEC Conformity assessment — General requirements for accreditation bodies accrediting conformity assessment bodies Evaluate the capability of applicant entities for certification activities N/A ISO/IEC Conformity assessment — General requirements for accreditation bodies accrediting conformity assessment bodies Perform policy mapping, as appropriate, for entity certification policies/requirements conformance/comparability to Accreditation Program requirements FICAM Trust Framework Provider Adoption Program FICAM FPKI Common Policy Framework CPS Evaluation Mapping Matrix ISO/IEC Conformity assessment — General requirements for accreditation bodies accrediting conformity assessment bodies Maintain compliance requirements for accredited entities. N/A ISO/IEC Conformity assessment — General requirements for accreditation bodies accrediting conformity assessment bodies Accreditation Program Key Responsibilities

IDESG TFTM Committee7 Key Administrative Responsibilities Industry ExamplesRelevant Standards Document and maintain Certification Program policy and requirements Kantara IAF, IAF 1300 Assurance Assessment SchemeKantara IAF, IAF 1300 Assurance Assessment Scheme, IAF 1400 Service Assessment Criteria IAF 1400 Service Assessment Criteria InCommon Identity Assurance Framework SysTrust/Webtrust Trust Services Principles, Criteria, and Illustrations FICAM TFPAP, Certificate Policies for FBCA, EGCA, EGTS ISO/IEC Conformity Assessment– Vocabulary and general principles ISO/IEC Conformity assessment— Requirements for bodies providing audit and certification of management systems Document and maintain Assessment Processes and Criteria Kantara IAF, IAF 1400 Service Assessment Criteria InCommon Identity Assurance Framework SysTrust/Webtrust Trust Services Principles, Criteria, and Illustrations Webtrust for Certification Authorities – Extended Validation Audit Criteria FICAM TFPAP, Criteria and Methodology for Cross-certification with the FBCA, PIV-I Certification Process ISO/IEC Conformity assessment— Requirements for bodies providing audit and certification of management systems Document and maintain Certification Program application processes Application for Kantara Approval FICAM Trust Framework Provider Assessment Package ApplicationFICAM Trust Framework Provider Assessment Package Application, Criteria and Methodology for Cross-certification with the FBCA ISO/IEC Conformity assessment— Requirements for bodies providing audit and certification of management systems Document and maintain standard agreement for certified entities InCommon Participation AgreementInCommon Participation Agreement (Identity Assurance Addendum)(Identity Assurance Addendum) Kantara Initiative IAF Trademark License Agreement FICAM MOU/MOA ISO/IEC Conformity assessment— Requirements for bodies providing audit and certification of management systems Certification Program Key Responsibilities

IDESG TFTM Committee8 Key Operational ResponsibilitiesIndustry ExamplesRelevant Standards Establish, train, and maintain Certification Program Assessment Team Kantara Assurance Review Board WebTrust Licensed Practitioners FICAM Trust Framework Evaluation Team, CPWG ISO/IEC Conformity assessment— Requirements for bodies providing audit and certification of management systems Perform and document assessments N/A ISO/IEC Conformity assessment— Requirements for bodies providing audit and certification of management systems Validate conformance to Certification Program requirements N/A ISO/IEC Conformity assessment— Requirements for bodies providing audit and certification of management systems Provide formal recognition /certification for approved/validated identity services N/A ISO/IEC Conformity assessment— Requirements for bodies providing audit and certification of management systems Maintain public trust list/registry of accredited entities KantaraKantara FICAM TFPAP, FBCA, SSP, PIV-IFICAM TFPAP, FBCA, SSP, PIV-I SafeBiopharmaSafeBiopharma OIXOIX WebTrust Licensed Practitioners ISO/IEC Conformity assessment— Requirements for bodies providing audit and certification of management systems Maintain, as appropriate, continued conformance for certified entities N/A ISO/IEC Conformity assessment— Requirements for bodies providing audit and certification of management systems Certification Program Key Responsibilities

IDESG TFTM Committee9 Key Administrative/Operational Responsibilities Industry ExamplesRelevant Standards Document and maintain Trust Mark issuance and usage policies and participation rules Kantara Assurance WebTrust/SysTrust InCommon Assurance US and International Trademark Law Document and maintain Trust Mark License (Usage) Agreement Kantara /IEEE-ISTO TMLA WebTrust Practioners License US and International Trademark Law Establish and maintain security and controls for Trust Mark issuance and use Kantara /IEEE-ISTO TMLA WebTrust AICPA/CICA Registry US and International Trademark Law Monitor/maintain trust mark integrity and conformance N/A US and International Trademark Law Trust Mark Program Key Responsibilities

IDESG TFTM Committee10 Accreditation, Certification and Trust Mark Flow Accreditation Body (ISO/IEC 17011) Certification (Trust Framework or Trust Mark) Providers Conformity Assessment Body (ISO/IEC 17011) Approved Service Provider (CSP) Approved Service Provider (IDP) Approved Service Provider (AA) Evaluate, approve and formally recognize entities that are capable of carrying out certification activities for a defined set of requirements (e.g., trust framework). Assess, validate, and determine that products or service providers meet the defined requirements of a specific trust framework. Service Providers apply for and are validated to meet defined Trust Framework requirements. Trust mark IDESG (?)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.