(1) Criteria on the Facilities Used for the Business

1. Management of the entries into and exits from the certification business facility room.
2. Prevention of unauthorized access to the facilities.
3. Prevention of the use of the facilities by unauthorized personnel.
4. Encryption devices
5. Prevention of natural disasters

(2) User Identification Procedures

1. User applications, etc.
2. Methods for verifying authenticity of users, etc.

(3) Other Operational Procedures

1. Explanations to the applicants
2. Information that is required to be included in an application, etc.
3. Generation of the user signature codes and user identification codes
4. Matters related to electronic certificates
5. Prevention of confusion with other business
6. Records of the attribute information
7. Provision of information to the relying parties
8. Matters related to the revocation of electronic certificates.
9. Rules on the implementation of certification business.
10. Abandonment of certification business.
11. Information disclosure.
12. Organizational structure and systems for service implementation.
13. Approval system for controlling the operation of facilities.
14. Prevention of the leakage of issuer signature codes.

(4) Records and Documents

1. Records and documents related to user applications.
2. Records and documents related to revoked electronic certificates.
3. Records and documents related to the organizational management of the Certification Business Operator*.
4. Records and documents related to the facilities and safety measures.

Note/ * Certification Business Operator: Certification Service Provider; CSP