They are: Administrator, Officer, Auditor, Operator and Controller. Each Relying Role will carry out personnel control to avert possible internal attack.

The Relying Roles of Administrator, Officer and Auditor must not play two different roles at the same time but they can play concurrently as Operator. No Relying Role can audit itself.

1. Installation, Setting and Maintenance of the CA System.
2. Establish and Maintain the CA public accounts.
3. Set Audit Parameters.
4. Create and backup CA key pairs.

1. Activate or deactivate certificate issuance.
2. Activate or deactivate certificate revocation.

1. To inspect, maintain and backup audit logs.
2. To enforce and oversee that internal audits of the CA operation are carried out in accordance with the CPS.

1. Daily operation and maintenance of the system.
2. System backup and recovery.
3. Update of Storage Media.
4. Hardware/Software Renewal apart from CA management system.
5. Internet and website maintenance: Set up system security, anti-virus and internet security detection and notification.

The CA personnel are strictly screened and selected. All individuals have been reviewed regarding their (1) personality (2) experience (3) professional ability and (4) identity background. No bad records are permitted in finance and law. Also, they must sign documents on responsibilities. Periodical qualifications audit will also be conducted each year. Those who fail the audit will be transferred to other jobs. The vacant post is to be replaced by more suitable persons.

All CA personnel acting in violation of the Certificate Policy and operating rules will be duly disciplined and punished. Legal actions might be taken against those who caused damages.

The CA backup both data and system programs. Backup of all data shall be carried out once a week while backup of changed data shall be carried out on same day.