Draft Details
The present document specifies general policy requirements relating to Trust Service Providers (TSPs) that are
independent of the type of TSP. It defines policy requirements on the operation and management practices of TSPs.
Other specifications refine and extend these requirements as applicable to particular forms of TSP. The present
document does not specify how the requirements identified can be assessed by an independent party, including
requirements for information to be made available to such independent assessors, or requirements on such assessors.
The present document aims to support the requirements on NIS2 Directive [i.13] and addresses the general requirements
for security management and cybersecurity of trust services (qualified and non-qualified).
NOTE: See ETSI EN 319 403-1 [i.2] for details about requirements for conformity assessment bodies assessing
Trust Service Providers.
You may comment on any clause of this document. Simply enter the clause number, make your comment and your proposed changed text for each clause, subclause, paragraph, table or figure.
All comments are checked by a moderator before they are made public on the site. This is to ensure that improper language or marketing is not placed on the site – we will not judge or modify technical content. Similarly, we will not correct your grammar or spelling