Electronic Certification Accreditation Council (ECAC) registered its first Security Auditor namely M/s Risk Associates Pvt. Ltd on 2nd April, 2018 in a ceremony held in ECAC HQS Islamabad. Chairman ECAC Brig (Retd) Viqar Rashid Khan, ECAC Members Dr. Saad Naeem Zafar & Mr. Ahsan Saeed Zaidi along with ECAC Executives attended the ceremony. Chairman ECAC awarded the first Registration Certificate to CEO M/s Risk Associates Pvt. Ltd. Dr. Aftab Rizvi.
The Electronic Certification Accreditation Council (ECAC) was set up under the Electronic Transactions Ordinance (ETO) 2002 in 2004. The primary functions of the council is to grant and renew accreditation certificates to certification service providers, their cryptography services and security procedures; monitor and ensure compliance by accredited certification service providers with the terms of their accreditation and revoke or suspend accreditation in the manner and on the grounds as may be specified in regulations; monitor compliance of accredited certification service providers with the provisions of this Ordinance; establish and manage the repository; carry out research and studies in relation to cryptography services and to obtain public opinion in connection therewith; recognize or accredit foreign certification service providers; encourage uniformity of standards and practices. In order to perform the above-mentioned functions, ECAC floated an Expression of Interest (EOI) to register Auditors and Audit Companies that can be engaged by the Electronic Certification Service Providers to conduct Information Security Audit of Digital Certificate Service Providers facilities under the Electronic Certification Accreditation Council Regulations, Information Security Auditors Registration Regulations (ISAR), 2008 (S.R.O. 496(I)/2008). In response to floated EOI, M/s Risk Associates Pvt. Ltd submitted their application that subsequently was successfully accepted thus making them first IT Security Auditor to be registered with the Council. It is to mention here that the mandate of ECAC in accordance with Electronic Transaction Order (ETO 2002) is to regulate and accredit all entities involved in electronic transactions and the Council is also in its final stages of formally granting Accreditation to M/s NIFT Pvt. Ltd which is currently performing Financial Electronic Transactions across Pakistan.
Speaking on the occasion, Brig (Retd) Viqar Rashid Khan (Chairman ECAC) emphasized on the enormous potential of growth ECAC as an organization. He also thanked and congratulated CEO of M/s Risk Associates Pvt. Ltd being the First Registered Security Auditor with ECAC.
Council was of the opinion that the appropriate authorities and regulators such as FBR, SECP, SBP, PTA etc. should encourage enforcement of ETO 2002 in order to make Electronic Transactions more secure and reliable in the larger interest of General Public. Chairman ECAC briefed about the future plans of ECAC where the focus will be on implementing Electronic Transaction Ordinance (ETO) in its true spirits while playing, Insha’Allah, a proactive role in achieving ‘Digital Pakistan’ — a vision of Govt. of Pakistan.