EU Member States Trusted Lists Scheme Type Community Rules: specific statement for Norway

Services included in the “Trusted List of supervised Certification Service Providers issuing Qualified Certificate” are assessed for compliance with the provisions laid down in Law of 15 June 2001 no. 81 and the applicable regulation:

The Norwegian Communications Authority (Nkom) is the supervisory body according to the Electronic Signatures Act, section 17. A CSP shall notify of its operation immediately upon the start of issuing qualified certificates, and may not issue qualified certificates before such notification of registration has been sent to Nkom. Changes in information already registered and new information to be registered shall be reported to Nkom without undue delay.

Supervision will occur once there is a need for supervision, or there is reason to believe that the CSP does not comply with the legislation. Nkom may demand the information and documents to be needed to carry out its task, and may carry out on-site visit. Nkom may require an IT audit to be carried out at the premises of CSPs, and may appoint an auditor to carry out the audit. Nkom may also deprive a CSP of the right to use the designation “qualified certificate” if the CSP seriously or repeatedly fails to comply with the rules laid down in the Act.

The Trusted List of Norway is established, maintained and published by Nkom and is available in two formats: