This is the list of things that need still to be done for Phase 1 of the Audit:
Task |
Who |
Status |
Blocking |
Since |
Comment |
NL Data Center |
machines available |
Audit Continuation, DRC-C |
20061225 |
NL data center has the security needed. m-sc to advise. Project Cachaca accepted by Board |
|
Systems admin team rebuild |
started |
Audit Continuation, DRC-C |
20061225 |
dual control cannot be done without many sysadms. Project Cachaca accepted by Board m-sc to advise. |
|
Pat |
wip |
CPS, CCS |
200606.. |
recently restarted with new project leader |
|
wip |
DRC-A.1 |
2006-11 |
Is the key to the audit criteria |
||
CAcert and/or Audit |
wip |
next milestone |
20071226 |
Ongoing requirement from NLnet. Next from Audit is 20080321 or thereabouts |
|
wip |
200606.. |
policy group now asking for comments, AP forms the foundation for the Assurance Handbook and should handle all the critical things demanded by criteria and CPS |
|||
wip |
. |
2006-06... |
Needs to include/refer to the definition of all the Assurance points, processes |
||
Review of WoT Exceptions - OA, SuperA, TTP, MinorA, TVerify, ... |
Auditor |
waiting for AP => DRAFT |
DRC-C |
|
Some of these are being wound-down so may be scrapped by time Audit gets to them |
policy group / AO |
early wip |
R/L/O |
200701.. |
||
Management Assertion |
New Board |
meeting |
should adapt, approve, sign, send |
20060814 |
See Funding MoUs for some agreements |
WebTrust criteria |
Auditor |
Deferred |
|
|
Working on DRC only for now, although Board has requested a comment on switching |
ordered roughly in order of importance, and bold signifies urgent
wip=Work in Progress, DRAFT, POLICY are explained in PoP
R/L/O=RisksLiabilitiesObligations, See DRC A.6
Draft Polices are listed at PolicyDrafts
Completed Items
Task |
Who |
Since |
Complete |
20071226 |
20080320 |
||
Assurers Training & Testing Programme |
200703.. |
20080301 |
|
Review of R/L/O |
20060921 |
20080211 |
|
PoP approved to POLICY under its own rules |
policygroup |
20080204 |
|
CAcert Community Agreement approved to POLICY |
policygroup |
20070918 |
|
Review of Minutes/Decisions of old board |
Advisory |
20060508 |
20070601 |
Minutes of SGM 2007-05-25 |
Advisory |
20070525 |
200706xx |
Management / Audit handed over residual oversight |
Board |
20070525 |
Board Meeting 2007.09.19 |
Policy on Policy approved to DRAFT |
Board |
200612.. |
m20070929.4 |
NRP-DAL approved to POLICY |
Board |
200703.. |
m20070918.1 |
CAcert Community Agreement (was RUA) approved to DRAFT |
Board |
20070830 |
m20070918.4 |
Principles approved in principle |
Board |
200707.. |
m20070918.5 |
Board |
20060524 |
m20070918.3 |
|
Board |
20070905 |
m20070919.x |
|
Present new POLICYs to AGM for ratification |
Members |
20061117 |
c20071117.x |
DecisionNumbers describes the last column