Electronic Communications and Transactions Act, 2002 (Act No. 25 of 2002)Accreditation RegulationsChapter IV : Suspension, revocation and termination27. Audits and evaluations |
(1) | An applicant for accreditation must appoint and be responsible for the payment of an auditor to audit the applicant and its authentication products and services resulting in and used to support an electronic signature. |
(2) | The auditor must take into consideration recent audits by independent auditors provided by the authentication service provider that are relevant to the intended audit in order to reduce audit costs. |
(3) | The authentication service provider must submit an audit report at the time of application for accreditation. |
(4) | If the applicant is a consortium of persons, each person must be audited. |