How to Apply for Certification
Certification is currently available for the Open Trusted Technology Provider™ Standard (O-TTPS) Version 1.1.1 and the technically equivalent ISO/IEC 20243:2018.
When an Organization is considering applying for certification, they need to consider which tier of the O-TTPS Certification Program they will choose: The Third-Party Assessed tier or the Self-Assessed tier. The Third-Party Assessed tier requires the applicant to use an O-TTPS Recognized Assessor to assess evidence of conformance that is supplied by the applicant. For the Self-Assessed tier, the applicant completes the assessment independently and is not required to use an O-TTPS Recognized Assessor, though may choose to utilize the assistance of a third-party assessor in determining conformance.
If you are an organization that wants to become an certified Open Trusted Technology Provider™ you need to take the following steps:
Preparation
-
Prepare for Certification by reading the following documents:
- O-TTPS (Standard)
- O-TTPS Management Guide
- Certification Policy
- Conformance Requirements
- Conformance Statement
- Organizational Contacts Form
- Certification Agreement
- Certification Trademark License Agreement (TMLA)
- Implementation Selection Criteria Application (ISCA) Document – required for Third-Party Assessed only
- Certification Package Document – required for Third-Party Assessed only
For the Self-Assessed Certification Tier
- Log in to your account at The Open Group here. If you do not have an account create one here.
- Complete the online Application for Certification to register your intent to certify. Once submitted, you will receive an email confirmation with your Certification ID (CID). You will need this throughout your certification.
- Complete the online Organizational Contacts Form that designates the various individuals within the Organization who are the points of contact for certification by providing their name and email for the following contact roles:
- Authorized Signatory - the person who has overall responsibility for the certification activity for your Organization and who is authorized to enter into legal commitments on behalf of the Organization.
- Primary Certification Contact - the individual who is the primary contact for all certification activity and issues across your Organization.
- Alternate Certification Contact (optional) - a person who is an alternate to the Primary Certification Contact and who has the same rights and responsibilities for certification.
- Organization Finance Contact - your Organization's primary contact for payment or invoicing issues related to certification.
- Organization Marketing Contact (optional) - the individual to contact for any certification related marketing issues.
- Complete the online Legal Documentation form. Download and sign the Certification Agreement and Trademark License Agreement (Digital signatures are accepted). Upload the signed documents to the Legal Documentation form to be submitted.
- Complete the online Conformance Statement, which includes declaring your Scope of Certification. You will be required to complete the Self-Assessed Assessment Summary for any attributes you claim.
- Pay the fee at The Open Group Shop. If your organization requires an invoice, you can request on during the checkout process.
- Once all previous steps are completed, the Certification Authority will review the entire applicant submission and notify the Organization in writing of the outcome of the certification process.
- If successful the Certification Authority will issue the Certification certificate and update the Certification Registry.
To check the status of an application in progress enter your Certification ID on the Application Dashboard online form.
If you have any questions regarding the certification process you can reach out to the Certification Authority here.
For the Third-Party Assessment Tier
Registration
- Log in to your account at The Open Group here. If you do not have an account create one here.
- Complete the online Application for Certification to register your intent to certify. Once submitted, you will receive an email confirmation with your Certification ID (CID). You will need this throughout your certification.
- Complete the online Organizational Contacts Form that designates the various individuals within the Organization who are the points of contact for certification by providing their name and email for the following contact roles:
- Authorized Signatory - the person who has overall responsibility for the certification activity for your Organization and who is authorized to enter into legal commitments on behalf of the Organization.
- Primary Certification Contact - the individual who is the primary contact for all certification activity and issues across your Organization.
- Alternate Certification Contact (optional) - a person who is an alternate to the Primary Certification Contact and who has the same rights and responsibilities for certification.
- Organization Finance Contact - your Organization's primary contact for payment or invoicing issues related to certification.
- Organization Marketing Contact (optional) - the individual to contact for any certification related marketing issues.
- Complete the online Legal Documentation form. Download and sign the Certification Agreement and Trademark License Agreement (Digital signatures are accepted). Upload the signed documents to the Legal Documentation form to be submitted.
Completing the Conformance Statement and ISCA
The objective of this activity is to identify a subset of products within the Scope of Certification that is representative of the full Scope of Certification and the O-TTPS processes utilized within the Scope. All Selected Representative Products will be assessed by an O-TTPS Recognized Assessor for conformance to the O-TTPS Conformance Requirements.
- Download the Implementation Selection Criteria Application (ISCA) Document. Complete the document per the instructions within the document and upload to the online Conformance Statement.
- Complete the online Conformance Statement, which includes declaring your Scope of Certification. As stated before this is where you will upload the Implementation Selection Criteria Application (ISCA) Document.
- Pay the fee at The Open Group Shop. If your organization requires an invoice, you can request on during the checkout process.
Certification Authority Review
- The Certification Authority must approve both the Conformance Statement, which includes the Scope of Certification, and the ISCA Document, which includes the Selected Representative Products, before you can move forward in the Assessment process. Once approved you may move onto the next step.
Assessment
- If you have not already done so, you need to choose an O-TTPS Recognized Assessor company from the register of O-TTPS Recognized Assessors to perform your Assessment.
- Inform the Certification Authority which O-TTPS Recognized Assessor company has been engaged.
- You need to download the Certification Package Document and then incorporate – from the completed and approved ISCA Document - the declared Scope information from Section 2 and the tables from Appendix A.
- Assemble the Certification Package, which includes the completed Certification Package Document along with the Evidence of Conformance. The Certification Package Document contains a table for each requirement. You must supply pointers to the evidence that demonstrates conformance to each requirement for every Selected Representative Product.
- Once the Certification Package has been assembled, you submit it to the O-TTPS Recognized Assessor you have chosen.
- The Assessor assesses the Certification Package Document and the Evidence of Conformance it references. Applying the Assessment Procedures, the Assessor determines whether the evidence provided demonstrates the Organization's conformity to the Conformance Requirements for each of the Selected Representative Products.
- Once the Assessor has completed the Assessment and finished the Assessment Report, which is included in the Certification Package Document, a representative of your Organization and the Assessor both need to sign the Assessment Report.
- The Assessor submits the updated Certification Package Document, including the Assessment Report, to the Certification Authority.
Completion of Certification
- The Certification Authority reviews the completed Certification Package Document including the Assessment Report for completeness and consistency across applications. Once the Assessment Report is approved you may move onto the next step.
- The Certification Authority will notify the Organization in writing of the outcome of the certification process.
- If successful the Certification Authority will issue the Certification certificate and update the Certification Registry.
To check the status of an application in progress enter your Certification ID on the Application Dashboard online form.
If you have any questions regarding the certification process you can reach out to the Certification Authority here.