git-svn-id: http://svn.cacert.org/CAcert/Policies@563 14b1bab8-4ef6-0310-b690-991c95c89dfd
This commit is contained in:
parent
1392967eb7
commit
7e8bf8c56f
1 changed files with 67 additions and 0 deletions
|
@ -0,0 +1,67 @@
|
||||||
|
<h1> <font color="blue">Organisation Assurance - sub-policy for Austrian organisations</font></h1>
|
||||||
|
<br><br>
|
||||||
|
Author: Philipp Gühring
|
||||||
|
<br>
|
||||||
|
Creation date: WIP 2008-01-21 V0.1
|
||||||
|
<br>
|
||||||
|
Status: <font="red">WIP</font> 2008-01-21
|
||||||
|
<br>
|
||||||
|
Date next status: 2008-01-28 DRAFT
|
||||||
|
<br>
|
||||||
|
<!-- $Id$ -->
|
||||||
|
|
||||||
|
<h2>0. Preliminaries</h2>
|
||||||
|
This sub-policy describes how Organisation Assurers ("OAs") conduct assurances on Austrian organisations.
|
||||||
|
It fits within the overall web-of-trust or assurance process and the Organisation Assurance Policy (OAP) of CAcert.
|
||||||
|
<br><br><br>
|
||||||
|
|
||||||
|
<h2>1. Purpose</h2>
|
||||||
|
This is a subsidiary policy to the OAP.
|
||||||
|
<br><br>
|
||||||
|
a. This sub-policy is applicable for the assurance of Austrian organisations only.<br>
|
||||||
|
b. This sub-policy is an implementation of the OAP.<br>
|
||||||
|
c. In the below, where the Assurance Officer (AO) is referred to, this includes his local delegate.
|
||||||
|
<br><br><br>
|
||||||
|
|
||||||
|
<h2>2. Organisation Assurers</h2>
|
||||||
|
|
||||||
|
<h2>2.1 Requirements for the Organisation Assurer</h2>
|
||||||
|
In addition to the requirements defined in the OAP, an OA must meet the following requirements for assuring Austrian organisations:<br>
|
||||||
|
a. Knowledge on common legal forms of organisations in Austria.<br>
|
||||||
|
<br><br><br>
|
||||||
|
|
||||||
|
<h2>3. Process</h2>
|
||||||
|
|
||||||
|
<h2>3.1 Organisations</h2>
|
||||||
|
Acceptable organisations under this sub-policy must be:
|
||||||
|
<br><br>
|
||||||
|
a. Organisations created under the rules of the Austrian jurisdiction.<br>
|
||||||
|
b. Organisations must not be revoked by a competent authority with direct oversight over the organisation.
|
||||||
|
<br><br>
|
||||||
|
|
||||||
|
<h2>3.2 Documents</h2>
|
||||||
|
The organisation has to provide documents to prove the essential standard of Organisation Assurance as defined in the policy:<br>
|
||||||
|
a. The primary mechanism to prove existence is to get an official extract from the official register, either via an online interface
|
||||||
|
or via physical means (organisation is asked to carry the costs)<br>
|
||||||
|
b. Where not available, an official document will be required from the company, subject to such checks as defined by the AO.<br>
|
||||||
|
c. Extracts from the official register should not be older than 4 weeks.<br>
|
||||||
|
d. The AO maintains a list of which specific documents and tests can be acceptable for the certain types
|
||||||
|
of organisations.<br>
|
||||||
|
f. The OA can ask for additional documents if needed to validate required information for the assurance action.
|
||||||
|
<br><br>
|
||||||
|
|
||||||
|
<h2>3.3 COAP</h2>
|
||||||
|
In addition to the checks defined in the policy, the COAP form for Austrian organisations requires:<br>
|
||||||
|
a. The OA must keep all documentation for 10 years.<br>
|
||||||
|
b. Signatures from organisation officials must meet the following requirements<br>
|
||||||
|
i. as legally specified for the type of organisation<br>
|
||||||
|
ii. as specified in the official documents (f.e. the excerpt from the register)<br>
|
||||||
|
iii. as delegated within the organisation (proof of delegation needed)
|
||||||
|
|
||||||
|
<h2>3.4 Meeting</h2>
|
||||||
|
The OA can decide to a demand a face to face meeting in the office of the requesting organisation, to verify
|
||||||
|
the authorisation of the request.
|
||||||
|
|
||||||
|
<h2>3.5 Price</h2>
|
||||||
|
The OA must inform the requestor about any upcomming costs and fees, and get the confirmation from the requestor.
|
||||||
|
|
Loading…
Reference in a new issue