For [[DisasterRecovery]] and for other purposes, the first thing is to identify the processes.

 1. Assurance (Org and exceptions)
 1. Issuance of certificates
 1. Member accounts
   * creation of news ones
   * checking of email and domain addresses
   * general support / helpdesk
   * revocation
 1. Disputes Resolution
   * Arbitration
   * (Board)
 1. CRL/OCSP distribution
 1. Policy
 1. Association
   * Board
   * Members
   * meetings - board and AGM
   * membership secretary
 1. Auditing
   * internal
   * (external but cannot be included in the list)
 1. Education Campus
   * Training
   * CATS (CAcert Automated Testing System)
 1. Communications and Documentation
   * email handling
   * maillists
   * blog
   * wiki
   * svn
 1. HR Human Resources
   * recruitment of new people
   * training (EDU)
   * testing (EDU)
   * background checks
 1. Software Development
   * breaches
   * emergency patches
 1. System Administration