← SwissSign AG cases
Bugzilla #1990285
CCADB Compliance
SwissSign: recommendation on log review process
RESOLVED
FIXED
SwissSign AG
AI Summary
The audit report for SwissSign recommended improvements to their log review and retention processes to align with eIDAS regulatory requirements. Specifically, it highlighted the need to extend log archival periods from 11 years to 30 years. SwissSign has since implemented these changes and verified them through internal controls and audits. All action items related to this recommendation have been completed, and SwissSign is committed to ongoing compliance and monitoring.
Chronology
- Audit report containing recommendation published
- Updated retention policies implemented and verified
Participants
Sandy Balzer
External References
Similar Local Cases
SwissSign: recommendation on review of key pair generation implementation
SwissSign: recommendation on linting software updates
SwissSign: recommendation on firewall review
SwissSign: recommendation on publication process for CA related data
SwissSign: recommendation on BIA/BCP test coverage
SwissSign: Audit Letter Validation failures on intermediate certificates
NETLOCK: Full Incident Report was not published within 14 days of notification
Chunghwa Telecom: Delayed Annual Audit Report 2024