The AOC Consortium is a trusted service provider according to Regulation (EU) no. 910/2014 of the European Parliament and of the Council of 23 July 2014, relating to electronic identification and trust services for electronic transactions in the internal market and which repeals Directive 1999/93/EC (eIDAS ), and Law 6/2020, of 11 November, regulating certain aspects of trust services.
Additionally, it has powers in relation to the provision of digital identity and electronic signature services, in accordance with Law 29/2010, of August 3, on the use of electronic media in the public sector of Catalonia and with its Statutes.
By virtue of the regulations indicated, every two years , the Digital Certification Service (SCD) must carry out an audit of the service to verify compliance with the legal and technical requirements established for the issuance and management of the idCAT certificate.
Derived from the above, the different Registration Entities and Subscribers to the service must also undergo these audits, which make it possible to check that the SCD's own regulations are complied with (including the specific conditions of provision); it is also checked that the procedures provided by the consortium are applied.
See the ER idCAT audit questionnaire
You might be interested in:
- Audit: requirements for document and archive management
- Audit: operational requirements
- Audit: security requirements
For any query you can contact the audit support email.