norway updates

git-svn-id: http://svn.cacert.org/CAcert/Policies@803 14b1bab8-4ef6-0310-b690-991c95c89dfd
This commit is contained in:
Sam Johnston 2008-04-25 20:10:00 +00:00
parent cdbbb8170a
commit ccb876eb41

View file

@ -1,146 +1,143 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<!-- COUNTRY=Norway -->
<!-- ADJECTIVE=Norwegian -->
<!-- one central office of trade -->
<!-- REGS=central -->
<!-- OFT=Enhetsregisteret -->
<!-- REGISTER=Brønnøysundregistrene -->
<!-- WEBOFT=www.brreg.no -->
<!-- YEARS=7 -->
<head>
<title>
CACert Organisation Assurance Program sub-policy for
<!-- COUNTRY -->
Norway
</title>
</head>
<body>
<h1> <font color="blue">Organisation Assurance - sub-policy for
<!-- ADJECTIVE -->
Norwegian
organisations
</font></h1>
<p>
<!-- POLICY ADMIN START -->
<a href="../PolicyOnPolicy.html"><img src="../cacert-wip.png" alt="CAcert Work In Progress" height="31" width="88" style="border-style: none;" /></a><br />
<br>
Author: Dag Hovland<br />
Creation date: WIP 2008-04-25 V0.1<br />
Status: <font="red">WIP</font> 2008-04-25<br />
Next status: DRAFT 2008<br />
<!-- $Id: OrganisationAssurance-SubPolNorway.html 745 2008-04-25 15:56:20Z teus $ -->
<!-- POLICY ADMIN END -->
</p>
<h2>0. Preliminaries</h2>
This sub-policy describes how Organisation Assurers ("OAs") conduct assurances on
<!-- ADJECTIVE -->
Norwegian
organisations.
It fits within the overall web-of-trust or assurance process and the Organisation Assurance Policy (OAP) of CAcert.
<h2>1. Purpose</h2>
This is a subsidiary policy to the OAP.
<ol TYPE=a>
<li>This sub-policy is applicable for the assurance of organisations in the
<!-- COUNTRY -->
Norway
only.</li>
<li>This sub-policy is an implementation of the OAP.</li>
<li>In the below, where the Assurance Officer (AO) is referred to, this includes his local delegate.</li>
</ol>
<h2>2. Organisation Assurers</h2>
<h3>2.1 Requirements for the Organisation Assurer</h3>
In addition to the requirements defined in the OAP, an OA must meet the following requirements for assuring
<!-- ADJECTIVE -->
Norwegian
organisations:
<ol TYPE=a>
<li>Knowledge on common legal forms of organisations in the
<!-- COUNTRY -->
Norway
.</li>
<li>Must pass an additional test on local knowledge even if he is already an OA.</li>
<li>Should help the AO to define local requirements.</li>
</ol>
<h2>3. Process</h2>
<h3>3.1 Organisations</h3>
Acceptable organisations under this sub-policy must be:
<ol TYPE=a>
<li>Organisations created under the rules of the jurisdiction in the
<!-- COUNTRY -->
Norway
.</li>
<li>Organisations must not be revoked or pending by a competent authority with direct oversight over the organisation.
</li>
</ol>
<h3>3.2 Identifiers</h3>
The organization number (organisasjonsnummeret) is a unique 9 digit
identifying number assigned by the official register authority
"
<!-- REGISTER -->
Brønnøysundregisteret
"
when a body becomes registered as a legal entity.
<h3>3.2 Documents</h3>
The organisation has to provide documents to prove the essential standard of Organisation Assurance as defined in the policy:<br>
<ol TYPE=a>
<li>The primary mechanism to prove existence is to get an official
"Register Transcript with Signature"
(
<!-- OFT -->
Enhetsregisteret
)
in the official trade office "Register Authority"
(
<!-- REGISTER -->
Brønnøysundregistrene
,
<!-- WEBOFT -->
www.brreg.no
).
<br>
The organisation is asked to carry these direct costs.
<br>
The Extract should state registrated official administrative details of the organisation.
</li>
<li>Where not available, an official document will be required from the company, subject to such checks as defined by the AO.</li>
<li>If copies of official Extracts from the official register are provided, they must be officially certified</li>
<li>The Extract should not be older than 4 weeks.</li>
</ol>
<h3>3.3 COAP</h3>
In addition to the checks defined in the policy, the COAP form for
<!-- ADJECTIVE -->
Norwegian
organisations requires:<br>
<ol TYPE=a>
<li>The OA must keep all provided documentation and will maintain digital readability if documents are provided in digital format for
<!-- YEARS -->
7
years.</li>
<li>Signatures from organisation officials must meet the following requirements<br>
<ol TYPE=i>
<li>as legally specified for the type of organisation</li>
<li>as specified in the register transcript (extract) from
<!-- REGISTER -->
Brønnøysundregistrene
.</li>
<li>as delegated within the organisation (proof of delegation needed)</li>
</ol>
</li>
</ol>
<p>
<a href="http://validator.w3.org/check?uri=referer"><img src="http://www.w3.org/Icons/valid-xhtml11-blue" alt="Valid XHTML 1.1" height="31" width="88" style="border-style: none;" /></a>
</p>
</body>
<head>
<title>
CACert Organisation Assurance Program sub-policy for Norway (NO)
</title>
</head>
<body>
<h1>
CAcert Organisation Assurance Program sub-policy for Norway (NO)
</h1>
<p>
<a href="../PolicyOnPolicy.html"><img src="../Images/cacert-wip.png" alt="CAcert Policy Status" height="31" width="88" style="border-style: none;" /></a><br />
Author: Dag Hovland<br />
Creation date: 2008-04-25<br />
Status: WIP 2008-04-25<br />
Next status: DRAFT 2008<br />
<!-- $Id$ -->
</p>
<h2>
0. Preliminaries
</h2>
<p>
This CAcert sub-policy extends the Organisation Assurance Policy ("OAP") by specifying how the CAcert Organisation Assurance Program ("COAP") is to be conducted by the assigned Organisation Assurer ("OA") under the supervision of the Assurance Officer ("AO") for entities within the defined scope.
</p>
<h2>
1. Scope
</h2>
<p>
This sub-policy is applicable to:<br />
</p>
<ol style="list-style-type: lower-alpha;">
<li>Norwegian legal entities:<br />
<ol style="list-style-type: lower-roman;">
<li>Companies
</li>
</ol>
</li>
</ol>
<h2>
2. Requirements
</h2>
<p>
This section describes any scope specific requirements that are not otherwise defined in the OAP.
</p>
<h3>
2.1 Organisation
</h3>
<ol style="list-style-type: lower-alpha;">
<!-- <li>For sole traders and partnerships operating under their own name(s), business name registration is OPTIONAL.
</li>-->
<li>Applicants MUST be a valid legal entity but MAY have an arbitrary number of registered trading names.
</li>
</ol>
<h3>
2.2 Records
</h3>
<ol style="list-style-type: lower-alpha;">
<!-- <li>Digital Signatures MAY be accepted in Norway under the implementation of European Directive 2000/31/EC by way of the ??? Act.
</li>-->
<li>Historic documents MAY be accepted where it can be proven that material changes have not been made (eg via absence of subsequent submissions in official document listings).
</li>
</ol>
<h3>
2.3 Application Form
</h3>
<ol style="list-style-type: lower-alpha;">
<li>The licensing authority MUST be specified as 'Brønnøysundregistrene, Norway' for Companies.
</li>
<li>Organisation number <i>Organisasjonsnummeret</i> MUST be specified where applicable.
</li>
</ol>
<h2>
3. Registration
</h2>
<h3>
3.1 Registries
</h3>
<ol style="list-style-type: lower-alpha;">
<li><i>Brønnøysundregistrene</i> [<a title="Brønnøysundregistrene" href="http://www.brreg.no/">http://www.brreg.no</a>]<br />
<ol style="list-style-type: lower-roman;">
<li><i>Nøkkelopplysninger fra Enhetsregisteret</i> [<a title="Nøkkelopplysninger fra Enhetsregisteret" href="http://w2.brreg.no/enhet/sok/">http://w2.brreg.no/enhet/sok/</a>]<br />
</li>
</ol>
</li>
</ol>
<h3>
3.2 Identifiers
</h3>
<ol style="list-style-type: lower-alpha;">
<li>The organization number <i>Organisasjonsnummeret</i> is a unique 9 digit identifying number assigned by <i>Brønnøysundregisteret</i>.
</li>
</ol>
<h3>
3.3 Documents
</h3>
<ol style="list-style-type: lower-alpha;">
<li>Register Transcript <i>Enhetsregisteret</i>
</li>
</ol>
<h2>
4. Processes
</h2>
<h3>
4.1 Assurance
</h3>
<ol style="list-style-type: lower-alpha;">
<li>Each person listed in an application MUST be individually assured and referenced by a confirmed email.
</li>
<!-- <li>Sole traders operating under their own name(s) MAY be automatically approved without further checks.
</li>
<li>Partnerships operating under the names of the individual partners MUST have verified approval of all of the individuals (eg by digitally signed emails).
</li>
<li>All other trading names MUST be manually verified to the satisfaction of the OA with reference to TWO OR MORE of the following:<br />
<ol style="list-style-type: lower-roman;">
<li>Company Stationery (annotated per Business Names Act 1995)
</li>
<li>Particulars of Ownership notices (per section 4 of Business Names Act 1995)
</li>
<li>Utility Bill (eg electricity, gas, water)
</li>
<li>Official Registries (eg telephone book, WHOIS)
</li>
</ol>
</li>
<li>Limited Liability Partnership applicants MUST additionally be verified with CH as a current individual member (eg via a Current Appointments Report).
</li>-->
<li>Company applications MUST be made by an individual who is duly authorised to sign on behalf of the company:
<ol style="list-style-type: lower-roman;">
<li>Officeholder applicants (eg <i>Daglig leder/adm.direktør</i>) MUST be verified in a "Enhetsregisteret" (obtained from CH by the OA where fees are reclaimable from the applicant).
</li>
<li>Any other applicant MUST prove that they are duly authorised to sign on behalf of the entity (for example via delegation and/or under company rules) to the satisfaction of the OA, for approval by the OAO.
</li>
</ol>
</li>
</ol>
<p>
<a href="http://validator.w3.org/check?uri=referer"><img src="../Images/valid-xhtml11-blue" alt="Valid XHTML 1.1" height="31" width="88" style="border-style: none;" /></a>
</p>
</body>
</html>