Presentation is loading. Please wait.

Presentation is loading. Please wait.

©2005 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved. July 27, 2005 PKI Audits and Assessments “Another.

Published byRalph Sims Modified over 8 years ago

Similar presentations

Presentation on theme: "©2005 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved. July 27, 2005 PKI Audits and Assessments “Another."— Presentation transcript:

1 ©2005 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved. July 27, 2005 PKI Audits and Assessments “Another Bump on the Road” Noel Nazario, IRM Manager KPMG

2 ©2005 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved. July 27, 2005 Agenda Background PKI “Audit” Activities PKI and other Audit Activities What’s Next Discussion

3 ©2005 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved. July 27, 2005 Background Qualifications –Noel Nazario is a manager in KPMG’s Washington DC, Information Risk Management Practice. He is the auditor for the U.S. Federal Bridge Certification Authority and several other agency PKI systems. Occasionally, he offers solicited and unsolicited input to the U.S. Federal PKI Certificate Policy Working Group, the FPKI Policy Authority, and the Federal Identity Credentialing Committee (FICC). Mr. Nazario is a NIST Alumni and has been involved in the development of PKI technology and management since the early 1990s. Who’s the Bump? Coping

4 ©2005 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved. July 27, 2005 PKI “Audit” Activities X9.79 - Framework for Developing Public Key Policy and Practices in the Financial Services Industry CA Control Objectives ABA PKI Assessment Guidelines AICPA/CICA Web Trust for CA FBCA Compliance Assessments Shared Service Provider Compliance

5 ©2005 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved. July 27, 2005 PKI and other “Audit” Activities Certification & Accreditation (C&A) per OMB A-130 Federal Information Security Management Act (FISMA) Financial Audits

6 ©2005 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved. July 27, 2005 What’s Next? HSPD 12 Self Certifications Bridge to Bridge Cross Certifications Federation Compliance Registration Compliance Commoditization

7 ©2005 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved. July 27, 2005 Discussion Q? A? Noel Nazario – NNazario@KPMG.com 202-255-3071NNazario@KPMG.com

Download ppt "©2005 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved. July 27, 2005 PKI Audits and Assessments “Another."

Similar presentations

Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.

Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Program Managers Forum

Program Managers Forum
The Federation for Identity and Cross-Credentialing Systems (FiXs) www.FiXs.org FiXs ® - Federated and Secure Identity Management in Operation Implementing.

The Federation for Identity and Cross-Credentialing Systems (FiXs) FiXs ® - Federated and Secure Identity Management in Operation Implementing.
Ongoing Efforts to Build The US Federal PKI Bridge

Ongoing Efforts to Build The US Federal PKI Bridge
Certificate Interoperability S&I Framework Initiative Final Report August 17, 2011.

Certificate Interoperability S&I Framework Initiative Final Report August 17, 2011.
15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.
0 © 2009 KPMG LLP, a UK limited liability partnership, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network of independent member firms.

0 © 2009 KPMG LLP, a UK limited liability partnership, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network of independent member firms.
1 WebTrust for Certification Authorities (CAs) Overview October 2011 WebTrust for Certification Authorities (CAs) Overview October 2011 Presentation based.

1 WebTrust for Certification Authorities (CAs) Overview October 2011 WebTrust for Certification Authorities (CAs) Overview October 2011 Presentation based.
“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)

“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)
Auditing of a Certification Authority Patrick Cain, CISA, CISM The Cooper-Cain Group, Inc.

Auditing of a Certification Authority Patrick Cain, CISA, CISM The Cooper-Cain Group, Inc.
Public Private Partnerships: What’s in it for my Government? 14 July 2011 Malcolm Butterfield.

Public Private Partnerships: What’s in it for my Government? 14 July 2011 Malcolm Butterfield.
1 When the Auditor Comes Knocking … What to Prepare and What to Expect from your CA auditor.

1 When the Auditor Comes Knocking … What to Prepare and What to Expect from your CA auditor.
KPMG’s Abilities in Motion Network USBLN Annual Conference October 2012 kpmg.com.

KPMG’s Abilities in Motion Network USBLN Annual Conference October 2012 kpmg.com.
Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.

Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org JRA3 2 nd EU Review Input David Groep NIKHEF.

INFSO-RI Enabling Grids for E-sciencE JRA3 2 nd EU Review Input David Groep NIKHEF.
©2005 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved. July 27, 2005 PKI Audits and Assessments: An insider’s.

©2005 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved. July 27, 2005 PKI Audits and Assessments: An insider’s.
NLRB: Information Security & FISMA Daniel Wood, Chief IT Security February 19, 2004.

NLRB: Information Security & FISMA Daniel Wood, Chief IT Security February 19, 2004.
Advantages of IT Security Prof. Uldis Sukovskis, CISA Riga Information Technology Institute Secure information exchange in Electronic media Baltic IT&T.

Advantages of IT Security Prof. Uldis Sukovskis, CISA Riga Information Technology Institute Secure information exchange in Electronic media Baltic IT&T.
The U.S. Federal PKI and the Federal Bridge Certification Authority

The U.S. Federal PKI and the Federal Bridge Certification Authority

Similar presentations

Ads by Google