CAcert Internal Audit Planning

Introduction

The following tables contain all planned audit activities for a year. Additional or ad hoc audit activities might be planned and integrated into the audit plan later on. The Tables are ordered by year in reverse order (most recent first). The Status of the non-conformities and recommendations are listed on the tracking page.

Audits 2016

{0} planned - {o} running - {g} finished - {-} aborted - <!> delayed - (./) no access restrictions

Status

Area

Objective

Planned start

Finished

Involved Parties

Audit Object

{g} (./) finished

New Roots & Escrow Project

Audit over Test Root Creation

March 2016

2016-03-12

Critical Admins, Access Engineers

Root Resign (session2016.1)

{g} finished

Physical security of roots and data

Data centre audit

March 2016

2016-03-12

Critical Admins, Access Engineers

Data Centre (session2016.2)

Audits 2015

{0} planned - {o} running - {g} finished - {-} aborted - <!> delayed - (./) no access restrictions

Status

Area

Objective

Planned start

Finished

Involved Parties

Audit Object

{g} (./) finished

Assurance

Compliance of online form with Assurance Policy

February 2015

2015-04-06

WebDB (session2015.1)

{o} running

System / Database

Data integrity of Assurance Database

August 2015

Arbitration, Software

Assurance Database (session2015.2)

{g} (./) finished

Critical

Audit over Test Root Resign

2015-08-23

2015-08-23

Software Team, Critical Admins

Test Root Resign (session2015.4)

{g} (./) finished

New Roots & Escrow Project

Audit over Test Root Creation

as soon as possible

2015-08-23

NRE Project Team

Test Root Creation (session2015.3)

{o} running

Support

Support Work

December 2015

Arbitration, Support

Review of efficiency and success of arbitration ruling a20141024.1 since 2015-09-07 (session2015.5)

Audits 2014

{0} planned - {o} running - {g} finished - {-} aborted - <!> delayed - (./) no access restrictions

Status

Area

Objective

Planned start

Finished

Involved Parties

Audit Object

{g} (./) finished

Arbitrated Background Check

Compliance to internal rules and regulations

February 2014

2015-08-26

Arbitration

session2014.1 Audit over ABC (a20140124.1)

<!> {o} running

Arbitration

Deletion of an Assurer account

April 2014

Arbitration

session2014.2

{-} aborted

Assurances

Keeping CAP forms available

May 2014

August 2015

Arbitration, Assurer

It is almost impossible to select and get CAP Forms without further information from the database, this audit is terminated and shifted to a later point in time.

<!> {o} running

Committee

Treasure, Secretary, Board Meetings

June 2014

Committee

Work of the Committee session2014.3

<!> {0} delayed

Software Development

Bug Tracking to deployment

July 2014

Software Team, Critical Admins, Arbitration

Emergency Patch #1070 (a20120614.1)

{-} aborted

Critical

Critical infrastructure and team

October 2014

Critical Admins, Access Engineers

N/A

{-} aborted

Assurer Training Event

Training, Co-Audit

November 2014

Education Team, AO, Co-Auditors

N/A

Older Audits

Finding of older audits are documented on Audit/Directives.


Audit/Plan (last edited 2016-05-10 12:45:22 by BenediktHeintel)