QuestionsQuestions (ICTO MEMORANDUM CIRCULAR NO. 2014-001)
The Circular prescribes the policies and procedures governing the accreditation of government agencies as Government Registration Authorities under the National Certification Scheme for Digital Signatures as mandated under Executive Order No. 810, Series of 2009.
The National Computer Center (NCC), as part of the ICT Office, acts as the Government Certification Authority (GovCA).
A GovRA is a government agency designated by the Certification Authority (CA) to perform administrative tasks such as end-user registration for digital certificates or signatures.
The accreditation is valid for three (3) years, unless suspended or revoked sooner, and is subject to mandatory annual assessment of compliance.
The essential documents include a certified copy of the charter/legal documents creating the agency, a Disaster Recovery and Business Continuity Plan, and a GovRA Operations Manual.
Personnel must submit application forms, clear police, NBI and court clearances, undergo background checks, attend mandatory orientation on relevant laws, be computer literate, sign non-disclosure agreements, and receive appropriate training including on laws like the Electronic Commerce Act, Data Privacy Act, and Cybercrime Prevention Act.
Applicants must appear personally and present a Taxpayer Identification Number (TIN), a UMID-compliant card or any two valid IDs such as a Passport, Driver's License, NBI Clearance, Police Clearance, Voter's ID, and others. They must also provide a recent photo, contact information, proof of physical address, and consent for information verification.
Personal information must be collected for legitimate purposes, processed fairly, kept accurate and up to date, adequate and not excessive, retained only as long as necessary, and safeguarded to protect data subject rights in compliance with R.A. 10173 (Data Privacy Act).
Republic Act No. 8792 (Electronic Commerce Act of 2000), Republic Act No. 8484 (Access Devices Regulation Act of 1998), Republic Act No. 7394 (Consumer Act of the Philippines), and their Implementing Rules and Regulations govern the use and issuance of digital certificates.
Failure to comply with the requirements laid down in the Circular, failure to address negative findings during assessment, or any non-adherence to policies and standards may lead to suspension or revocation of the GovRA accreditation.