Accreditations

Certification authority users require assurance that their provider consistently meets high standards for security. QuoVadis maintains an array of independent audits and accreditations pertinent to the jurisdictions and industries of our multinational clients, including certification as a Qualified CSP under ETSI standards.

	ZertES Qualified Certification Services Provider ZertES is granted by the Swiss Accreditation Service (SAS) and the Swiss Federal Office of Communications (BAKOM) based on an audit by KPMG. It is based on Swiss law and on ETSI standards for Qualified Certification Service Providers (CSP) and Time Stamping Authorities. It requires an annual audit.

	EU Qualified Trust Service Provider QuoVadis is a Qualified TSP accredited by Agentschap Telecom in the Netherlands following a certification by BSI against the requirements of the ETSI EN 319 411-1 and ETSI EN 319 411-2 standards to issue Qualified Certificates for Electronic Signature and Electronic Seal. The certification requires an annual audit of QuoVadis.

	WebTrust for Certification Authorities WebTrust for CAs is the dominant commercial standard to assess the adequacy and effectiveness of controls deployed by a Certification Authority. Developed by the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA), and now managed by Chartered Professional Accountants of Canada, WebTrust for CAs requires an annual audit.

	WebTrust for Extended Validation WebTrust for Extended Validation is used to assess a CA’s controls against the CA/B Forum “Guidelines for the Issuance and Management of EV Certificates.” Only suitably accredited CAs may issue EV SSL. WebTrust for EV requires an annual audit.

	WebTrust for Baseline Requirements WebTrust for Baseline Requirements is used to assess a CA’s controls against the CA/B Forum “Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates”. WebTrust for BR requires an annual audit.

	WebTrust for Code Signing WebTrust for Code Signing is used to assess a CA’s controls against the Code Signing Working Group’s Minimum Requirements for the Issuance and Management of Publicly-Trusted Code Signing Certificates. WebTrust for Code Signing requires an annual audit.

	ISO/IEC 27001 QuoVadis Trustlink BV and QuoVadis Trustlink BVBA are certified by QMS for compliance with ISO/IEC 27001 "Information Security Management Systems Requirements Specification" (formerly known as BS7799-2). ISO/IEC 27001 is an internationally-recognised certificate for evaluating how securely an organisation manages and stores its information and data. The certification is for the issuance of Dutch e-Recognition/eHerkenning products and requires an annual audit of QuoVadis.

	Netherlands PKIoverheid QuoVadis is a Trust Service Provider for PKIoverheid, the PKI designed for trustworthy communication within and with the Dutch Government. QuoVadis is certified by BSI for compliance against the requirements of the ETSI EN 319 411-1 and ETSI EN 319 411-2 standards to issue Qualified Certificates for Electronic Signature, Electronic Seal, and Website Authentication under the Staat der Nederlanden Root.

	EUgridPMA The EUGridPMA coordinates the trust fabric for e-Science Grid authentication in Europe. QuoVadis operates a managed CA for EuroGridPMA members that is accredited to meet the Authentication Profile of the International Grid Trust Federation (IGTF). Other IGTF members include APGridPMA for the Asia-Pacific region and TAGPMA for the Americas.

	Belgium Qualified Certification Services Provider QuoVadis is Supervised as an issuer of Qualified Certificates by the Belgian FPS Economy - Quality and Safety.