Security Framework for Qualified Trust Service Providers

This document proposes a security framework to achieve compliance with Article 19 of the eIDAS Regulation, to which both non-QTSP and QTSP are subject. Nevertheless, Article 19.1 states that the security measures “shall ensure that the level of security is commensurate to the degree of risk”. to achieve compliance with Article 19 (valid for both, QTSPs and non-QTSPs), this series of documents recommend that the level of security implemented by non-QTSP, expected to follow ‘best practices’ when operating with due diligence, is equivalent to the one of QTSP. For this reason, the security practices applied by QTSPs are also relevant to – and can also be followed by – non-QTSPs.


We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information