Published on Digi-Sign, The Certificate Corporation (http://www2.digi-sign.com)

Home > Digi-CAST™ Consulting Services

Digi-CAST™ Consulting Services

By webmaster
Created Jun 10 2010 - 13:41
Owning & Operating a Trust Centre

Digi-CAST™ is the method we use to give advice, provide consulting, design PKI [1] and related security systems and install these systems using professional services. The Digi-CAST™ team of professionals will be the people you speak too.

Who Uses Digi-CAST™

  • Any organisation seeking PKI advice/support

  • Governments & System Integrators on large PKI projects

  • Organisations wanting to own and operate a Trust Centre

  • Members of the ARP Network [2], to support their customers

Digi-CAST™ Methodology

The C-A-S-T methodology was pioneered by Digi-Sign in 2004 after many years of developing and deploying CAs around the world and follows such information security standards as ISO 27001, 93/1999/EC [3], ETSI 101 456, HIPAA, Sarbanes Oxley, SB 1386, Gramm-Leach Bliley, EAL, ETSI, CWA, ICAO for MRTD and many others.

Digi-CAST™ Overview

The Digi-CAST™ methodology has four distinctly separate components that are modified to meet your specific needs:

  • Digi-CAST1™ - project evaluation
    • Consultation, Assessment, Security & Technical
  • Digi-CAST2™ - planning & delivery
    • Certificate Authority Solutions & Team
  • Digi-CAST3™ - compliance & certification
    • Compliance, Audit, Standards & Training
  • Digi-CAST4™ - ongoing compliance
    • Continued Assessment & Security & Testing
Digi-CAST™ Components

The following list outlines the components of each CAST methodology:

  • Digi-CAST1™
    • Personnel & 'skills pool' interviews
    • Operations & environment overview
    • Compliance assessment & requirements
    • S.W.O.T. analysis
    • Technical specifications & planning
    • Costing, budgeting, CAST2 preparation
    • Documentation
  • Digi-CAST2™
    • Project planning
    • Laboratory testing
    • Compliance & training documentation
    • Standards & certification
    • Delivery & installation
    • Testing & piloting
    • Documentation
  • Digi-CAST3™
    • Specialist document preparation
    • Specialist personnel training
    • Third-party penetration testing
    • Compliance pre-audit
    • Initial certification & accreditation
    • Standards updates
    • Compliance revisions
  • Digi-CAST4™
    • SLA enforcement
    • Knowledge transfer & feedback
    • Compliance advice & support
    • Patching, upgrading, testing
    • Documentation verification
    • Annual audit assistance
    • Compliance escalation

Trust Centre Options

PDF

You can reduce the financial burden of owning your own Trust Centre by becoming a member of the ARP Network [2]. As an ARP member you can reduce the overall costs [4] whilst still owning a complete Digi-CA™ [1] system infrastructure. Your personnel will operate, manage and administer it whilst also managing the sales and marketing of the Trust Centre, in co-operation with Digi-Sign.

Digi-CAST™ for Government

Most government related or national PKI projects require a Trust Centre [5]. For any computer room or data centre to become a Trust Centre, it must comply with certain standards [6]. Some of these also require that the Trust Centre be certified [7].

Source URL: http://www2.digi-sign.com/digi-cast

Links:
[1] http://www2.digi-sign.com/digi-ca
[2] http://www2.digi-sign.com/arp
[3] http://www2.digi-sign.com/compliance/ec/1999+93+ce
[4] http://www2.digi-sign.com/product/digi-ca
[5] http://www2.digi-sign.com/digi-trust/certificate+services+provider
[6] http://www2.digi-sign.com/compliance/list+standards
[7] http://www2.digi-sign.com/compliance