bug 1131: Updated Policies based on new versions send by Policy Officer
[cacert-devel.git] / www / policy / OrganisationAssurancePolicy_Germany.html
1 <!DOCTYPE html>
2 <html>
3 <head>
4 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" lang="en">
5 <title>CACert Organisation Assurance Program sub-policy for Germany</title>
6 <style type="text/css">
7 <!--
8 .comment {
9 color : steelblue;
10 }
11 -->
12 </style>
13
14 </head>
15 <body>
16
17 <h1> Organisation Assurance - sub-policy for German organisations</h1>
18 <div class="comment">
19 <table width="100%">
20 <tbody>
21 <tr>
22 <td rowspan="2">
23 Name: Organisation Assurance - sub-policy Germany <a style="color: steelblue" href="https://svn.cacert.org/CAcert/Policies/ControlledDocumentList.html">COD11.DE</a>
24 <br>
25 Creation Date : 2007-10-22
26 <br>
27 Editor: Jens Paul
28 <br>
29 Status: POLICY <a href="https://wiki.cacert.org/PolicyDecisions#p20140731">p20140731</a>
30 <br>
31 Licence: <a style="color: steelblue" href="https://wiki.cacert.org/Policy#Licence" title="this document is Copyright © CAcert Inc., licensed openly under CC-by-sa with all disputes resolved under DRP. More at wiki.cacert.org/Policy">CC-by-sa+DRP</a>
32
33 </td>
34 <td align="right" valign="top">
35 <a href="https://www.cacert.org/policy/PolicyOnPolicy.php">
36 <img src="images/cacert-policy.png" alt="PoP Status - POLICY" style="border-style: none;" height="31" width="88">
37 </a>
38 </td>
39 </tr>
40 </tbody>
41 </table>
42 </div>
43
44 <h2 id="g0.1">Preliminaries</h2>
45 This sub-policy describes how Organisation Assurers ("OAs") conduct assurances on German organisations.
46 It fits within the overall web-of-trust or assurance process and the Organisation Assurance Policy (OAP) of CAcert.
47 <br>
48
49 <br>
50
51 <br>
52
53 <h2 id="g0.2">Purpose</h2>
54 This is a subsidiary policy to the OAP.
55 <br>
56
57 <br>
58 a. This sub-policy is applicable for the assurance of German organisations only.
59 <br>
60 b. This sub-policy is an implementation of the OAP.
61 <br>
62 c. In the below, where the Assurance Officer (AO) is referred to, this includes his local delegate.
63 <br>
64
65 <br>
66
67 <br>
68
69 <h2 id="g0.3">Organisation Assurers</h2>
70
71 <h2 id="g0.4">Requirements for the Organisation Assurer</h2>
72 In addition to the requirements defined in the OAP, an OA must meet the following requirements for assuring German organisations:
73 <br>
74 a. Knowledge on common legal forms of organisations in Germany.
75 <br>
76 b. Must pass an additional test on local knowledge even if he is already an OA.
77 <br>
78 c. Should help the AO to define local requirements.
79 <br>
80
81 <br>
82
83 <br>
84
85 <h2 id="g0.5">Process</h2>
86
87 <h2 id="g0.6">Organisations</h2>
88 Acceptable organisations under this sub-policy must be:
89 <br>
90
91 <br>
92 a. Organisations created under the rules of the German jurisdiction.
93 <br>
94 b. Organisations must not be revoked by a competent authority with direct oversight over the organisation.
95 <br>
96
97 <br>
98
99 <h2 id="g0.7">Documents</h2>
100 The organisation has to provide documents to prove the essential standard of Organisation Assurance as defined in the policy:
101 <br>
102 a. The primary mechanism to prove existence is to get an official extract from the official register, either via an online interface
103 or via physical means (organisation is asked to carry the costs)
104 <br>
105 b. Where not available, an official document will be required from the company, subject to such checks as defined by the AO.
106 <br>
107 c. If copies of official extracts from the official register are provided, they must be officially certified
108 <br>
109 d. Extracts from the official register should not be older than 4 weeks.
110 <br>
111 e. The AO maintains a list of which specific documents and tests can be acceptable for the certain types
112 of organisations.
113 <br>
114 f. The OA can ask for additional documents if needed to validate required information for the assurance action.
115 <br>
116
117 <br>
118
119 <h2 id="g0.8">COAP</h2>
120 <p>
121 In addition to the checks defined in the policy, the COAP form for German organisations requires:
122 <br>
123 a. The OA must keep all documentation for 10 years.
124 <br>
125 b. Signatures from organisation officials must meet the following requirements
126 <br>
127 &nbsp;&nbsp;&nbsp; i.&nbsp;&nbsp; as legally specified for the type of organisation
128 <br>
129 &nbsp;&nbsp;&nbsp; ii.&nbsp; as specified in the official documents (f.e. the excerpt from the register)
130 <br>
131 &nbsp;&nbsp;&nbsp; iii. as delegated within the organisation (proof of delegation needed)
132 </p>
133
134
135 </body>
136 </html>