technological advances that impact on the reliance of the original record.
PART X- COMPLIANCE AUDITS
30. Registration of auditors
(1) A person shall not audit a certification service provider, repository provider
or a date and time stamp provider for compliance with the Act or these
Regulations unless that person is qualified to be an auditor and is registered with
the Controller.
(2) An application to register as a compliance auditor shall be made to the
Controller in Form 7 in Schedule 1 and shall
(a)
set out the name of the applicant, and in the case of –
(b)
(i)
an individual, the identification number of that person;
(ii)
a juristic person, the registration number of that person;
set out the name and address of the contact person if different from
the applicant;
(c)
describe the expertise and experience of the applicant, including any
qualifications and international recognition as a security professional or
certification as a public accountant;
(d)
include a statement demonstrating adequate knowledge of digital
signature technology practices;
include a statement demonstrating complete knowledge of the
requirements of the Act and these Regulations;
(f)
include any other information relevant to the Controller in
considering the application.
(3) The Controller may request further information, which shall be provided by
the applicant as specified by the Controller.
(4) The Controller shall within thirty days after receipt of the application under
this regulation register or reject the applicant.
(5) Where the Controller rejects an application for registration as a compliance