Adherence to Information Technolgy ACT, 2000, the rules and regulations thereunder, and guidelines issued by the Controller from time-to-time
Business continuity management controls, including:
- Whether the CA has business continuity plans to maintain or restore the CA's business operations in a reasonably timely manner following interruption to or failure of critical business processes
- Whether the CA's business continuity plans define an acceptable system outage and recovery time and disclosure of the defined time period(s)
- How frequently back-up copies of essential business information and software are taken
- Proximity of recovery facilities to the CA's main site
Business Continuity Management
The Certification Authority maintains controls to provide reasonable assurance of continuity of operations in the event of a disaster.
The Certification Authority maintains controls to provide reasonable assurance of continuity of operations in the event of the compromise of the CA's private signing key. The Certification Authority maintains controls to provide reasonable assurance that potential disruptions to subscribers and relying parties are minimized as a result of the cessation of the CA's services.
Monitoring and Compliance
The Certification Authority maintains controls to provide reasonable assurance that the CA complies with legal requirements.