Section 105.200  Certification of a Qualified Security Procedure for Electronic Records and Signature

a)         In order to obtain certification of a qualified security procedure in conformance with the CPS and CP, an applicant must make a request in writing to the Department of Central Management Services, Illinois Digital Certificate Authority, 201 W. Adams St., Springfield IL 62704-1874.  

b)         The applicant must document procedures, policies and practices that delineate full and complete identification of security procedures. The documentation shall be submitted for review to CMS.

c)         An applicant's security procedure certified by CMS shall:

1)         adopt secure policies and procedures as designated by FIPS (see Section 105.20(a)(3)); and

2)         meet the criteria for acceptance of electronic signatures and records and the criteria for recognition of qualified security procedures as delineated in Section 105.210.

d)         An applicant may request reconsideration of a decision to deny certification of a security procedure, but the request must be submitted no later than 30 days after the decision was issued.  All requests for reconsideration must be submitted to CMS in writing.  A person who is adversely affected by a CMS decision resolving a request for reconsideration may appeal that decision as provided under Section 105.60.