← SwissSign AG cases
Bugzilla #1990277
Audit Related
SwissSign: recommendation on CA-specific risk assessment
RESOLVED
FIXED
SwissSign AG
AI Summary
The audit report for SwissSign recommended improvements to their risk assessment process to better address risks specific to certification authority operations. The recommendation highlighted the need for a more comprehensive approach that includes process and operations-based risks. SwissSign has since completed the necessary action items, integrating these considerations into their existing risk management framework. They will continue to monitor the situation for community feedback.
Chronology
- Audit report published with recommendations
- Action items completed and report closure summary provided
Participants
Sandy Balzer
External References
Similar Local Cases
SwissSign: recommendation on document release dual control
SwissSign: recommendation on BIA/BCP review
SwissSign: Findings in 2024 Audit
SwissSign Audit info
Certigna: Finding #2 ETSI Audit - Risks regarding the certification of device not described
Audit info for Gov of Spain (ACCV)
PKIoverheid: TSP CIBG Findings in 2025 ETSI Audit - Incident Report #3 – Asset Management
Thailand NRCA - Explanation for delay in WebTrust Assurance report