Scope |
On the request of IDEMIA The Netherlands B.V. (hereafter referred to as: IDEMIA), the annual certification audit on all areas and processes was performed by BSI Group The Netherlands B.V. (John M. Keynesplein 9, 1066 EP Amsterdam, The Netherlands).
The full audit covered all applicable requirements from the audit criteria listed below (see “Audit Information”) and are defined in Idemia’s Statement of Applicability, dated 1 November 2023 and the Overview of Applicability, v1.3. The audit was planned and performed according to the requirements in the ETSI EN 319 403-1 certification scheme.
The scope of the assessment comprised the following Trust Service Provider component services, provided to the Netherlands Ministry of Defence, with regard to the ‘Defensiepas’:
-,,Subject Device Provision Service
These TSP component services are being provided for the following qualified trust services as defined in EU Regulation 910/2014 (eIDAS):
§,,Issuance of qualified certificates for electronic signatures (qualified trust service), in accordance with the policy: QCP-n-qscd
Our annual certification audit was performed in November 2023. The result of the full audit is that we conclude, based on the objective evidence collected during the surveillance audit for the period from 1 February 2023 through 31 January 2024, areas assessed during the audit were generally found to be effective, based on the applicable requirements defined in Idemia’s Statement of Applicability, dated 1 November 2023 and the Overview of Applicability, v1.3.
NEW-PAGEAudit information:
Audit criteria:
-,,ETSI EN 319 401 v2.3.1 (2021-05) General Policy Requirements for Trust Service Providers;
-,,ETSI EN 319 411-1 v1.3.1 (2021-05) Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates – Part 1: General requirements
-,,ETSI EN 319 411-2 v2.4.1 (2021-11) Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates – Part 2: Requirements for trust service providers issuing EU qualified certificates
-,,CA/Browser Forum – Network and Certificate System Security Requirements v1.7
-,,Regulation (EU) N 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC, Chapter III – Trust Services
-,,PKIoverheid - Programma van Eisen v4.10, deel 3 Basiseisen, deel 3 Aanvullende eisen and the requirements from part 3a
Audit Period of Time:
1 February 2023 through 31 January 2024
Audit performed:
November 2023
Information and Contact:
BSI Group the Netherlands B.V., John M. Keynesplein 9, 1066 EP Amsterdam, NL
|