Closed Bug 1507862 Opened Last year Closed 11 months ago

Government of Spain (ACCV): Late Audit Statement


(NSS :: CA Certificate Compliance, task)

Not set


(Not tracked)



(Reporter: wayne, Assigned: jamador)


(Whiteboard: [ca-compliance])

The following audit statements for ACCV were received 6 months after the end of the audit period, in violation of Mozilla Root Store Policy section 3.1.3:

Please explain why this happened, and what steps are being taken to prevent it from happening again.
With their permission, I am adding the CCADB case comments from ACCV:

Created By: José Amador García (11/8/2018 4:03 AM)
Due to a change in the Public Sector Contracts Act (enter into force
march 2018) that has modified several regulatory aspects in selection
and tender procedures, ACCV has not been able to carry out the
contracting of the Audits in the same way as in previous years.
Once we check the impossibility of making the contract in the same way,
we had to go to a modality that required much more time and additional
administrative procedures.
As a result, ACCV finally was able to hire WT and BR / WT audits, but
with a delay longer than expected.

To avoid this situation ACCV has prepared a public tendering process for
the next three years, thus preventing the problem in the near future.
ACCV has foreseen that the contracting process can start again in a
simple way after the initial three years.

We greatly regret the breach, being the first problem of times that we
have since our first report in 2006.
If you need some additional information, please let us know.

Thank you very much.
Wayne: Could you clarify how Mozilla is handling this? Is Mozilla satisfied by the root cause analysis and the steps to mitigate, or is there other information to share?
Flags: needinfo?(wthayer)
Mozilla is satisfied with the response and I created this bug for tracking. Resolving.
Closed: 11 months ago
Flags: needinfo?(wthayer)
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.