Introduction to the concept of Conformity Assessment Body

By | Sin categoría | No Comments

A Conformity Assessment Body (CAB) is a company responsible for carrying out audits or conformity assessments for Trusted Service Providers (TSPs).

Every Conformity Assessment Body must carry out audits in accordance with the regulations applicable in the sector. In the case of Trust Conformity Assessment Body (TCAB), we conduct our audits in accordance with the eIDAS Regulation and other relevant standards in the IT security sector such as ETSI, ENISA, CA/B Forum and Spanish local regulations such as SEPBLAC, among others.

The audit process is carried out in the following three phases:

  1. Planning and programming:

The audits are carried out with an Audit Plan, which will be carried out by the audit team each year. In this Plan, the audit data are established (date, duration, scope, points to be audited, audited area, contact persons) and checklists (date, time, points of the standards to be audited, audited area, contact persons) , auditors)

To prepare it, the reports of other audits already carried out will be collected. Once this is done, the Technical Committee will review and approve the audit plan.

  1. Execution:

To initiate the audit, an initial meeting will be held with the client to confirm the scope of the audit, the data collected in the Audit Plan, establish a sequence of the audit and analyze the points that both parties consider necessary. After this step, the audit will begin following the Audit Plan as a work guide. There are two steps at this point:

Documentary review: we will verify the conformity of the system (documents, records) through compliance with the points of the standards / laws of reference.

On-site inspection: verifications of compliance with the established controls will be carried out. A sampling inspection of the objective evidences will be carried out to prove the correct functioning of the technical and organizational processes related to the scope of the audit.

  1. Audit report:

Once the audit is completed, the audit team will write a results report, clearly and definitively identifying the detected non-conformities. In addition, there will be a final meeting in which the audit team will present the report to the client, so that he can review and sign it. In those cases where significant non-conformities are present, a new date will be scheduled for the next audit to verify the elimination of these non-conformities.

It is mandatory to send the CAR (Conformity Assessment Body) to the Supervisory Body, within 3 days after it is received, so that it may decide if it is granted the status of qualified and, consequently, if I can be included in it. the EU Confidence Lists.

In general, the CABs have a character of authority, since it is usually accredited by the National Certification Entities (in the case of Spain, ENAC) in order to be able to provide their services.

Click here to access the list of Conformity Assessment Bodies accredited against the requirements of eIDAS Regulation.

Conference: EU Cybersecurity Certification Framework for Products and Services

By | Sin categoría | No Comments

The conference on the preparations for the new “EU Cybersecurity Certification Framework for products and services”, jointly organized by the European Commission and ENISA, will take place on March 1, 2018 in Brussels.

This new Cybersecurity Certification Framework is one of the key elements of the proposed Cybersecurity Act Proposal.

If you wish to register to attend the event, click here.

Event data

Date: March 1, 2018

Place: Crowne Plaza Brussels – Le Palace, Belgium

Digital Day 2018 will take place in Brussels

By | Sin categoría | No Comments

Digital Day 2018 will take place in Brussels on 10th April 2018. This one-day event will bring together high-level stakeholders in the fields of digital technology and telecommunication. The event is co-organised by the European Commission and the Bulgarian Presidency of the Council of the European Union.

Digital Day 2018 will aim to reach joint commitments related to the digital future of Europe in order to encourage investment in European digital technologies and infrastructures. A digitally strong EU will contribute to a competitive and socially secure society, better public services and security.

To achieve these goals, Digital Day 2018 will present sessions on the following priorities:

  • EU Artificial Intelligence Initiative
  • 5G connectivity and corridors for connected automated mobility
  • Public blockchain infrastructure

The event will also follow-up on the agreements reached during Digital Day 2017 in Rome. Last year’s event concluded agreements and actions related to High-Performance Computing (HPC), digital transformation of jobs and skills, digitisation of industry, and connected automated mobility.


The European Commission promotes the Digital Single Market

By | Sin categoría | No Comments

The European Commission published an article on the state-of-the-art of the Digital Single Market reproduced below:

The Digital Single Market is a strategy of the European Commission to ensure access to online activities for individuals and businesses under conditions of fair competition, consumer and data protection, removing geo-blocking and copyright issues.

A Digital Single Market (DSM) is one in which the free movement of persons, services and capital is ensured and where the individuals and businesses can seamlessly access and exercise online activities under conditions of fair competition, and a high level of consumer and personal data protection, irrespective of their nationality or place of residence.

On 10 May 2017, the Commission published a mid-term review of the Digital Single Market Strategy. It evaluates and presents the progress in implementing the Strategy since 2015 and where further actions are needed.

The European Commission has identified the completion of the Digital Single Market (DSM) as one of its 10 political priorities. Vice-President Andrus Ansip leads the project team “A Connected Digital Single Market”.

Ongoing Digital Single Market Public consultations help to define the objectives for the implementation.

The Digital Single Market strategy

The Digital Single Market strategy was adopted on the 6 May 2015. It includes 16 specific initiatives which have been delivered by the Commission till January 2017. Legislative proposals are now discussed by the co-legislator, the European Parliament and the Council.

A Digital Single Market creates opportunities for new startups and allow existing companies in a market of over 500 million people. Completing a Digital Single Market can contribute EUR 415 billion per year to Europe’s economy, create jobs and transform our public services.

Also, it offers opportunities for citizens, provided they are equipped with the right digital skills. Enhanced use of digital technologies improve citizens’ access to information and culture and improve their job opportunities. It can promote modern open government.

The Pillars

The Digital Single Market Strategy is built on three pillars:

  1. Access: better access for consumers and businesses to digital goods and services across Europe;
  2. Environment: creating the right conditions and a level playing field for digital networks and innovative services to flourish;
  3. Economy & Society: maximising the growth potential of the digital economy.

Digital Single Market’s achievements

The Digital Single Market mid term review factsheet shows the main achievements of the Digital Single Market srategy implementation.

Download the full pdf version of the factsheet in EnglishFrenchGerman.

See the Commission priority on the Digital Single Market.

The mid-term review of the Digital Single Market Strategy

The Digital Single Market strategy has delivered the main legislative proposals set as priority, specifically in the topics of e-commerce, copyrightaudiovisual and media servicestelecoms review, ePrivacy, harmonisation of digital rights, affordable parcel delivery, harmonised VAT rules.

In order to ensure a fair, open and secure digital environment, the Commission has identified three main emerging challenges:

  1. to ensure that online platforms can continue to bring benefit to our economy and society,
  2. to develop the European Data Economy to its full potential, and
  3. to protect the Europe’s assets by tackling cybersecurity challenges.

In addition, the review explores a number of important policy areas critical for unlocking the true value of the data economy:

The mid-term review focuses also on the investments needed in digital infrastructures and services, not forgetting the global dimension of the European Digital Single Market.