O-TTPS Certification Program

Overview

The primary objective of the Open Trusted Technology Provider Standard (O-TTPS) Certification Program is to provide confidence to customers of commercial off-the-shelf (COTS) information and communication technology (ICT) that the risks associated with the threats currently addressed in the O-TTPS Standard - the risks of maliciously tainted and counterfeit products - are mitigated by an certified Open Trusted Technology Provider™.

Demonstration of conformance through this independent, voluntary O-TTPS Certification Program provides formal recognition of an Organization’s conformance to this industry standard.

The O-TTPS Certification Program utilizes third party assessors for the conformance assessments. Organizations who apply for O-TTPS Certification must choose an assessor company from those listed on the O-TTPS Recognized Assessor Register. The only third party assessor companies eligible to participate in the O-TTPS Certification Program are those listed on the O-TTPS Recognized Assessor Register.

Recognized Assessor companies must meet certain criteria as a third-party assessor organization and the individual assessors used must meet an additional set of criteria and have passed the O-TTPS Assessor Exam before they can be assigned to an O-TTPS Assessment. The Open Group operates this recognition program, grants O-TTPS Recognized Assessor certificates to those qualifying organizations, and lists them on the public O-TTPS Recognized Assessor Register.

How to Apply to be a Recognized Assessor

If you represent an organization that wants to perform O-TTPS assessments, you need to take the following steps:

1. Read the:
   • Certification Policy
   • Conformance Requirements
   • Recognized Assessor Agreement
   • Recognized Assessor TMLA
   • Assessment Procedures
2. Download, print, sign, and return the Recognized Assessor Agreement and the Recognized Assessor TMLA to The Open Group legal department for their review and countersignature.
3. Contact the O-TTPS Certification Authority to confirm your organization in the program.
4. Pay the Recognized Assessor fees.
5. Provide the Certification Authority with a list of your qualified assessors, which are those individuals who meet the criteria in Section 3.3 of the Recognized Assessor Agreement. Your organization must have at least one qualified assessor in order to be recognized.
6. The Certification Authority will confirm completion of the legal agreement and payment of fees, then add your organization to the Recognized Assessor Register.
7. Once recognized, your organization will then be able to perform O-TTPS assessments using assessors who meet the individual assessor qualifications. Your organization will also be able to promote itself as an O-TTPS Recognized Assessor and use the Recognized Assessor logo in accordance with the terms of the TMLA.

Individual Assessors

In order for an individual assessor to participate in an O-TTPS Assessment, the person must:

• Be employed or contracted by an O-TTPS Recognized Assessor company.
• Meet the assessor criteria for individuals, as defined in Section 3.3 of the O-TTPS Recognized Assessor Agreement. These criteria include:
  • Assessment experience
  • Knowledge of supply chain management and of the O-TTPS
  • Passing the O-TTPS Assessor Examination, which covers knowledge and understanding of the contents of all of the O-TTPS documentation, especially the O-TTPS Standard and the O-TTPS Assessment Procedures.

If you are an individual who wants to perform O-TTPS assessments on behalf of an O-TTPS Recognized Assessor company, you should:

• Review the O-TTPS Standard, the O-TTPS Assessment Procedures, the O-TTPS Recognized Assessor Agreement, and other O-TTPS program documentation.
• See the Assessor Examination page for information on the exam.