To Audit - To Audit Team
CAcert Internal Audit Planning
Contents
Introduction
The following tables contain all planned audit activities for a year. Additional or ad hoc audit activities might be planned and integrated into the audit plan later on. The Tables are ordered by year in reverse order (most recent first). The Status of the non-conformities and recommendations are listed on the tracking page.
Audits 2016
{0} planned - 
running - {g} finished - {-} aborted - 
delayed - 
no access restrictions
Status |
Area |
Objective |
Planned start |
Finished |
Involved Parties |
Audit Object |
{g} |
New Roots & Escrow Project |
Audit over Test Root Creation |
March 2016 |
2016-03-12 |
Critical Admins, Access Engineers |
Root Resign (session2016.1) |
{g} finished |
Physical security of roots and data |
Data centre audit |
March 2016 |
2016-03-12 |
Critical Admins, Access Engineers |
Data Centre (session2016.2) |
Audits 2015
{0} planned - running - {g} finished - {-} aborted - delayed - no access restrictions
Status |
Area |
Objective |
Planned start |
Finished |
Involved Parties |
Audit Object |
{g} |
Assurance |
Compliance of online form with Assurance Policy |
February 2015 |
2015-04-06 |
|
WebDB (session2015.1) |
|
System / Database |
Data integrity of Assurance Database |
August 2015 |
|
Arbitration, Software |
Assurance Database (session2015.2) |
{g} |
Critical |
Audit over Test Root Resign |
2015-08-23 |
2015-08-23 |
Software Team, Critical Admins |
Test Root Resign (session2015.4) |
{g} |
New Roots & Escrow Project |
Audit over Test Root Creation |
as soon as possible |
2015-08-23 |
NRE Project Team |
Test Root Creation (session2015.3) |
|
Support |
Support Work |
December 2015 |
|
Arbitration, Support |
Review of efficiency and success of arbitration ruling a20141024.1 since 2015-09-07 (session2015.5) |
Audits 2014
{0} planned - running - {g} finished - {-} aborted - delayed - no access restrictions
Status |
Area |
Objective |
Planned start |
Finished |
Involved Parties |
Audit Object |
{g} |
Arbitrated Background Check |
Compliance to internal rules and regulations |
February 2014 |
2015-08-26 |
Arbitration |
session2014.1 Audit over ABC (a20140124.1) |
|
Arbitration |
Deletion of an Assurer account |
April 2014 |
|
Arbitration |
|
{-} aborted |
Assurances |
Keeping CAP forms available |
May 2014 |
August 2015 |
Arbitration, Assurer |
It is almost impossible to select and get CAP Forms without further information from the database, this audit is terminated and shifted to a later point in time. |
|
Committee |
Treasure, Secretary, Board Meetings |
June 2014 |
|
Committee |
Work of the Committee session2014.3 |
|
Software Development |
Bug Tracking to deployment |
July 2014 |
|
Software Team, Critical Admins, Arbitration |
Emergency Patch #1070 (a20120614.1) |
{-} aborted |
Critical |
Critical infrastructure and team |
October 2014 |
|
Critical Admins, Access Engineers |
N/A |
{-} aborted |
Assurer Training Event |
Training, Co-Audit |
November 2014 |
|
Education Team, AO, Co-Auditors |
N/A |
Older Audits
Finding of older audits are documented on Audit/Directives.