Security Framework for Qualified Trust Service Providers

This document proposes a security framework to achieve compliance with Article 19 of the eIDAS Regulation, to which both non-QTSP and QTSP are subject. Nevertheless, Article 19.1 states that the security measures “shall ensure that the level of security is commensurate to the degree of risk”. to achieve compliance with Article 19 (valid for both, QTSPs and non-QTSPs), this series of documents recommend that the level of security implemented by non-QTSP, expected to follow ‘best practices’ when operating with due diligence, is equivalent to the one of QTSP. For this reason, the security practices applied by QTSPs are also relevant to – and can also be followed by – non-QTSPs.


This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies