SIST-TS CEN/TS 17489-5:2025

SLOVENSKI STANDARD
01-oktober-2025
Osebna identifikacija - Varni in interoperabilni evropski izvorni dokumenti - 5. del:
Postopki vzpostavitve in vodenja zaupanja
Personal identification - Secure and interoperable European breeder documents - Part 5:
Trust establishment and management processes
Persönliche Identifikation - Sichere und interoperable Europäische Ausgangsdokumente
- Teil 5: Vertrauensbildung und Verwaltungsprozesse
Ta slovenski standard je istoveten z: CEN/TS 17489-5:2025
ICS:
35.240.15 Identifikacijske kartice. Čipne Identification cards. Chip
kartice. Biometrija cards. Biometrics
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

CEN/TS 17489-5
TECHNICAL SPECIFICATION
SPÉCIFICATION TECHNIQUE
August 2025
TECHNISCHE SPEZIFIKATION
ICS 35.240.15
English Version
Personal identification - Secure and interoperable
European breeder documents - Part 5: Trust establishment
and management processes
Persönliche Identifikation - Sichere und interoperable
Europäische Ausgangsdokumente - Teil 5:
Vertrauensbildung und Verwaltungsprozesse
This Technical Specification (CEN/TS) was approved by CEN on 4 August 2025 for provisional application.

The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to
submit their comments, particularly on the question whether the CEN/TS can be converted into a European Standard.

CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS
available promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in
parallel to the CEN/TS) until the final decision about the possible conversion of the CEN/TS into an EN is reached.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway,
Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and
United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2025 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN/TS 17489-5:2025 E
worldwide for CEN national Members.

Contents Page
European foreword . 3
Introduction . 4
1 Scope . 6
1.1 Objective . 6
1.2 Human dimension of identity management . 6
1.3 Security dimension of identity management . 6
1.4 Legal identity . 7
2 Normative references . 8
3 Terms and definitions . 8
4 Symbols and abbreviated terms . 10
5 Methodology . 10
5.1 Introduction . 10
5.2 Procedure . 11
5.3 Classification. 11
5.3.1 Categories of criteria adoption . 11
5.3.2 Categories of implementation status . 11
5.4 Reporting . 11
5.4.1 Objective . 11
5.4.2 Declaration of Implementation (DOI) . 12
5.4.3 Ranking . 12
Annex A (informative) Checklist “Declaration of Implementation . 14
A.1 General recommendations on issuance and operational procedures . 14
A.1.1 Logistical aspects . 14
A.1.2 Human resources . 18
A.1.3 Technical controls and system migration . 24
A.1.4 Distribution of secure public keys and systems access . 31
A.1.5 Civil registration (Newly born) . 33
A.1.6 Civil registration (other) . 49
A.1.7 Content update of data-entries . 52
A.1.8 Reissuance of birth certificates . 58
A.1.9 Issuance process . 60
A.1.10 Coding; Transcribing of eastern / western names and character sets . 62
A.1.11 Validity of document . 63
A.1.12 Vetting of data . 64
A.1.13 Note . 66
Bibliography . 67
European foreword
This document (CEN/TS 17489-5:2025) has been prepared by Technical Committee CEN/TC 224
“Personal identification and related personal devices with secure element, systems, operations and
privacy in a multi sectorial environment”, the secretariat of which is held by AFNOR.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN shall not be held responsible for identifying any or all such patent rights.
Any feedback and questions on this document should be directed to the users’ national standards body.
A complete listing of these bodies can be found on the CEN website.
According to the CEN/CENELEC Internal Regulations, the national standards organisations of the
following countries are bound to announce this Technical Specification: Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland,
Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of
North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and the
United Kingdom.
Introduction
A legally recognized identity enables citizens to exercise their rights and access state and other services.
This includes the right to travel and access to travel documents such as passports, as well as access to
education, healthcare, social services, and bank accounts. In order to establish legally recognized
identities of citizens, states implement identity management (IdM) systems.
Breeder documents are legal documents which certify a vital event of a person and are essential
components of these IdM systems. According to the United Nations terminology [10] vital events include
live birth, death, foetal death, marriage (which includes partnership), divorce, adoption, legitimation,
recognition of parenthood, annulment of marriage, or legal separation. These vital events of a person are
recorded in the civil register (if used) of the state, during a process which is called registration, and a
corresponding breeder document is issued to the citizen.
The Organization for Security and Co-operation in Europe (OSCE) points out the importance of a breeder
document (denoted as primary documents) framework [8]:
“While there are several layers of identity management that produce different types of identity
documents, frameworks for issuing primary identity documents are the critical components of the entire
identity management system. They provide a framework for the legal establishment of one’s identity and
identity documents on the basis of which other types of identity documents may be issued.”
While there are standardized frameworks for identity documents such as travel documents including
passports, a standardized framework for secure and interoperable breeder documents is missing.
For machine readable travel documents (MRTDs) including passports, the International Civil Aviation
Organization (ICAO) has published the Doc 9303 standard [4] which has been prepared in collaboration
with the standardization group ISO/IEC JTC 1/SC 17/WG 3. The international adoption and
implementation of this document establishes a certain security level for travel documents and enables
interoperability, e.g. by means of the standardized layout and character set used for travel documents.
The lack of breeder document standardization leads to interoperability as well as security issues. The
layout of breeder documents differs between states and often even between the municipalities of a state.
Breeder documents typically do not support machine readable technologies, and therefore their data is
be manually entered for subsequent processing which is error prone and time consuming. The non-
standardized layout can hinder a verifier to identify the required breeder document data and a
translation of the breeder document is potentially required. This translation potentially uses a
transliteration of names, i.e. a conversion of the names from one alphabet to another, and this can lead to
different spellings of the name of the same person, e.g. if diacritical marks are used in the original breeder
document, but not used in the translated document.
For instance, the International Commission on Civil Status (ICCS) [6] has addressed these interoperability
issues in several conventions and recommendations that specify a data set and a character set to be used
as well as identifiers for the different data fields of a breeder document.
Breeder documents are typically used as an identity evidence in identity proofing scenarios for issuing
travel documents. Due to the established security level of travel documents and the typically lower
security level of breeder documents fraudsters aim at obtaining authentic travel documents on the basis
of false identities based e.g. on non-genuine or forged breeder documents instead of forging or
counterfeiting travel documents. Therefore, fraudsters use:
— counterfeit breeder documents, i.e. unauthorized reproductions of genuine documents;
— forged breeder documents, i.e. genuine breeder document that have been altered;
— genuine breeder documents of another person; i.e. they impersonate the legitimate holder of the
breeder documents. As breeder documents such as birth certificates usually do not include
information that links the breeder document to its legitimate holder, strong organisational methods
are required to establish this link, in particular in the case of first-time registration;
— forged data and identity evidence documents to obtain breeder documents with false data
representations.
Breeder documents are considered the weakest link in the issuance process of travel documents, see the
ICAO guidelines [5] for best practices on how breeder documents are used in this process. For this reason
the European Union (EU) has funded projects to investigate solutions for strengthening the security of
breeder documents: The FIDELITY project [3] suggests among others a standardized birth certificate
design, the support of physical security features and an online verification of the birth certificate. The
ORIGINS project [9] analysed the issuance of breeder documents used for passport delivery, identified
loopholes in this process, and proposed security measures and processes to enhance the security of
breeder documents. These enhancements include the standardization of breeder documents and the
harmonization of the related processes. In addition, the European Commission has issued an action plan
to strengthen the European response to travel document fraud [2] which recommends a minimum
security level for breeder documents to prevent counterfeiting and forging.
The breeder document framework in CEN/TS 17489 (all parts) takes the results of these EU projects [3],
[9] into considerations as well as the ICCS conventions and recommendations [6].

1 Scope
1.1 Objective
This document is intended for the use of breeder document issuing authorities both policymakers and
technical, for having uniform formats that conform to printed as well as digital requirements of CEN
member and associated states (including EU member states).
The objectives are:
a) provision of a common set of formats of breeder documents – printed and digital to be implemented
by CEN member and associated states (including EU member states), with the extended objective of
their acceptance internationally;
b) the focus is on having common recognizable formats as well as prevention of identity fraud,
particularly related to the use of breeder documents to obtain national and international ID
documents, such as passports, and residence permits.
1.2 Human dimension of identity management
Each country’s identity management system also provides a framework for observing and protecting
many of the human rights embodied in international declarations and conventions. Depending on the
provisions in place, the system can ensure that citizens can exercise a wide range of rights, such as rights
to property, privacy, freedom of movement and free choice of place of residence, as well as access to social
services such as education, healthcare and social security. In states with more advanced technological
infrastructure, population registration provides the basis for the establishment of a number of citizen-
oriented computerized services, also known as e-services and e-government. Identity management is also
central to prevention of discrimination in exercising guaranteed rights.
The identity management infrastructure provides the backbone for a functioning and viable state by
securing civil, population and tax registers, as well other systems such as healthcare benefits, voter lists
and the issuance of travel and identity documents based on verifiable identities. Such flaws may become
visible during elections, where shortcomings in voter lists can affect confidence in the election process.
In essence, a secure identity management system can be seen as the foundation, a root level, that is able
to then feed into and help numerous other branches of key state services function effectively and
accurately (OSCE, 2017, p.13) [27].
1.3 Security dimension of identity management
One of the key elements of a secure environment for cross-border travel is that the travel documents used
by visitors meet international standards in terms of security of the document itself and security in that
the document reflects the genuine identity of its holder. Similarly, the systems for issuing travel
documents need to be linked to identity management systems to streamline decision-making processes,
preferably through modernized systems that reflect developments in document security technology. As
entries in registers or officially issued identification documents provide access to specific services,
criminal networks are constantly looking for possible gaps in identity management systems to obtain
genuine documents under fabricated or stolen identities. Documents obtained as result of gaps in identity
management have enabled criminals to target business entities and cause significant financial losses
through the use of genuine documents issued to non-existent identities (OSCE, 2017, p.14) [27].
Both legal and illegal immigration breeder docs are regularly used to determine an identity if no MRTD
or eMRTD is presented. An identity which will be printed on an eRP, Foreigners ppt, Refugees travel doc
etc. unless other supportive evidence of identity is provided.
Organized crime has not overlooked this and fraudulently obtained or falsified travel documents are
regularly presented to hide the true identity.
Since a significant portion of the world’s population cannot reliably prove their identity, they rely on
verbally presented identities and/or supportive breeder documents when registering in another country.
Asylum applicants who have entered the Schengen area illegally or who apply at the external border often
do not present internationally approved travel documents. Despite this lack of reliable personal
information an identity is created for the asylum application and pending an approved application this
identity will be printed on a residence permit. Consequently, ICAO 9303 approved travel documents are
issued to identities relying on breeder documents or verbal presentation only.
1.4 Legal identity
Breeder documents are extremely important for the determination of legal identity and are part of a
country’s civil registration, vital statistics and identity management system. An overview is presented
below and details are found in the United Nations Legal Identity Agenda [33] Comprehensive details are
to be found in – Principles and recommendations of a Vital Statistics System. This document is widely
endorsed by all member states of the United Nations and its review and updates are managed by the
United Nations Statistics Division Department of Economic and Social Affairs, United Nations, New York.
General definitions pertaining to civil registration, breeder documents and related systems are also found
in this document, as well as the Dictionary for civil registration and identification (Harbitz and Kentala,
2015) [24].
Some of the definitions are reproduced below.
For European states, the guiding principles are set out by the International Commission on Civil Status,
or ICCS (French: Commission internationale de l'état civil, or CIEC), an intergovernmental organization
and the first organization created after World War II in order to work for European integration.
Provisionally established in Amsterdam, Netherlands, on September 29 and 30, 1948, it predates both
the Council of Europe (planned since 1946 but officially founded only in 1949) and the European Union.
The organization is seated in Strasbourg, France, and has 7 members and 10 former members. The official
language of the Commission is French.
The European Union (EU) currently does not have a common basis for birth and death registration and
these are as per the laws of the individual member states. The EU however makes a reference to the
Convention of the Rights of the Child (CRC) articles 7 and 8 with respect to birth registration.
The UN General Assembly adopted the Convention and opened it for signature on 20 November 1989
(the 30th anniversary of its Declaration of the Rights of the Child) [29]. It came into force on 2 September
1990, after it was ratified by the required number of nations. Currently, 196 countries are party to it,
including every member of the United Nations except the United States. It therefore includes all member
states of the European Union.
The relevant articles of the CRC state that:
Article 7
1. The child shall be registered immediately after birth and shall have the right from birth to a name, the
right to acquire a nationality and. as far as possible, the right to know and be cared for by his or her parents.
2. States Parties shall ensure the implementation of these rights in accordance with their national law and
their obligations under the relevant international instruments in this field, in particular where the child
would otherwise be stateless.
Article 8
1. States Parties undertake to respect the right of the child to preserve his or her identity, including
nationality, name and family relations as recognized by law without unlawful interference.
2. Where a child is illegally deprived of some or all of the elements of his or her identity, States Parties shall
provide appropriate assistance and protection, with a view to re-establishing speedily his or her identity.
Another body of relevance is the EVS (European association of civil registrars - Europäischer Verband
der Standesbeamtinnen und Standesbeamten) founded in 2000 and is a network organization which
focuses exclusively on the exchange of information and best practices related to the fields of civil
registration, family law, identity management and civil justice, between legal, judicial and administrative
authorities.
It is acknowledged that birth and death registration (as well as marriage and divorce) is highly
decentralized in most of the member-states. There may even be differences in the local rules and
processes.
2 Normative references
There is no normative reference in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https://www.iso.org/obp/
— IEC Electropedia: available at https://www.electropedia.org/
3.1
vital event
life event of a human entity at a certain point in time
Note 1 to entry: A vital event refers to e.g. the live birth, death, foetal death, marriage, divorce, adoption, legitimation,
recognition of parenthood, annulment of marriage, or legal separation.
3.2
civil registration
continuous, permanent, compulsory and universal recording of the occurrence and characteristics of vital
events pertaining to the population as provided through decree or regulation in accordance with the legal
requirements of a country
Note 1 to entry: Civil registration is carried out primarily for the purpose of establishing the legal documents
required by law. These records are also a main source of vital statistics. Complete coverage, accuracy and timeliness
of civil registration are essential to ensure the quality of vital statistics
[SOURCE: (UNSTATS, 2018) [32]]
3.3
delayed civil registration
late registration is the registration of a vital event after the prescribed time period but within a specified
grace period
Note 1 to entry: The registration of a vital event after the prescribed period determined in existing laws, rules or
regulations (including any grace period, if specified). Since the grace period is usually considered to be one year
following the vital event, delayed registration is usually considered to be the registration of a vital event one year
or more after the vital event has occurred. See Late civil registration.
3.4
late civil registration
registration of a vital event after the legally specified time period but within a specified grace period
Note 1 to entry: The grace period is usually considered to be one year following the vital event. See delayed
registration.
3.5
foundling
child found abandoned in the territory of a state
Note 1 to entry: Defined and treated as in the UNHCR Guidelines on Statelessness
[SOURCE: (UNHCR, 2012, chap.VI) [28]]
3.6
live birth
complete expulsion or extraction from its mother of a product of conception, irrespective of the duration
of pregnancy, which, after such separation, breathes or shows any other evidence of life, such as beating
of the heart, pulsation of the umbilical cord or definite movement of voluntary muscles, whether or not
the umbilical cord has been cut or the placenta is attached
Note 1 to entry: each product of such a birth is considered live born (all live-born infants should be registered and
counted as such, irrespective of gestational age or whether alive or dead at the time of registration, and if they die
at any time following birth, they should also be registered and counted as deaths)
[SOURCE: (United Nations, 2018, chap.1 A)]
3.7
death
permanent disappearance of all evidence of life at any time after live birth has taken place (postnatal
cessation of vital functions without capability of resuscitation)
Note 1 to entry: This definition excludes foetal deaths, which are defined separately
[SOURCE: (United Nations, 2018, chap.1 A)]
3.8
foetal death
death prior to the complete expulsion or extraction from its mother of a product of conception,
irrespective of the duration of pregnancy
Note 1 to entry: the death is indicated by the fact that after such separation the foetus does not breathe or show any
other evidence of life, such as beating of the heart, pulsation of the umbilical cord or definite movement of voluntary
muscles (note that this definition broadly includes all terminations of pregnancy other than live births, as defined
above)
[SOURCE: (United Nations, 2018, chap.1 A)]
3.9
sex
sex refers to characteristics of women and men that are biologically determined [WHO]
3.10
gender
gender is used to describe the characteristics of women and men that are socially constructed [WHO]
4 Symbols and abbreviated terms
For the purposes of this document, the following symbols and abbreviated terms apply.
CR Civil Registry
DB Database
DOB Date of birth
EU European Union
ICAO International Civil Aviation Organization
MRTD Machine readable travel document
NCR National Civil Registry
POB Place of birth
5 Methodology
5.1 Introduction
This part requires the implementing and operating bodies to undergo a formal and structured approach
in setting governance and policy on one hand, and monitoring of the execution on the other hand. The
checklist provided in Annex A is a non-exhaustive checklist provided as informative guidance.
Please note that Annex A provides general guidelines for establishing acceptable practices. These may be
viewed within the framework of each member state’s laws governing civil registration.
5.2 Procedure
The following procedure shall be implemented. It supports the stakeholders to cover the relevant topics,
track the decisions on objectives and implementation status. Additionally, it can serve in cross-agency /
cross-border discussion on the acceptance of data recorded by the implemented processes. Depending
on the level of government at which the civil registry is regulated, the relevant authority is responsible
for the process of completing the DOI.:
1) review the topics provided in Annex A for aspects that require additional regulation (White spots)
and add these to your individual checklist;
2) review the checklist and the referenced resources together with the stakeholders, and decide on the
individual elements being a compulsory requirement for your implementation, or not. Record your
reasoning respectively your justification of the decision;
3) if considered compulsory, discuss and define the specific implementation considering the referenced
resources. Should alternative standards or guidance be followed, clearly describe such process;
4) conduct a gap-analysis on your current implementation versus the defined requirements. Document
the current implementation status and the outlook. Clearly describe which deviations have been
made from the guiding standard or guideline and if this deviation is considered permanent, and if not
what the roadmap for closing the deviation is going to be;
5) compile an informational report suitable for cross-agency / cross-border information relative to the
implemented processes and the resulting data-quality.
5.3 Classification
5.3.1 Categories of criteria adoption
For the checklist in Annex A, three levels of adoption of the guidance are provided:
a) “O.I.”: Both the objective and the recommendation are endorsed. An endorsed recommendation
means, the defined implementation follows the measures outlined in the recommendation;
b) “O.X”: Adoption of the objective, only. The implementation follows a proprietary respectively a
deviating methodology;
c) “X.X.”: Objective not endorsed.
5.3.2 Categories of implementation status
For the checklist in Annex A, two levels of implementation of the criteria adoption are provided:
a) “Implemented”: The decided measures as defined on the basis of 5.3.1 are fully implemented;
b) “Pending”: The decided measures as defined on the basis of 5.3.1 are not, or not fully implemented.
5.4 Reporting
5.4.1 Objective
At the core of the reporting stands the intention to provide an abstracted tool of information towards
users and processors of the generated data under this standard. It is intended to provide key-input to
their risk-management and to facilitate interoperability on the level of governance, without imposing
strict governance rules on autonomous entities.
Two mechanisms are provided:
a) the Declaration of Implementation (DOI) is a more substantiated form of providing insight into the
implementation. This form allows for a better understanding how to regulate interagency
interactions;
b) ranking provides a general and comparable overview of the degree of implementation according to
the guidance provided within the checklist.
5.4.2 Declaration of Implementation (DOI)
The Declaration of Implementation (DOI) is the filled-in checklist in Annex A.
The elements requiring filling-in are:
a) authority decision on criteria: Selecting one option and marking with an ‘x';
b) justification note explaining the choice if selecting “O.X”, or “X.X”;
c) implementation status of the decided Authority decision: Selecting one option and marking with an
‘x” (not applicable if “X.X” was chosen, above);
d) if status “Pending” was chosen, add comment on a) the current implementation status and b) the
expected outlook.
5.4.3 Ranking
5.4.3.1 General
The checklist in Annex A provides 109 checklist items, with four relevant statuses. For each checklist item
a status is defined, and each status has an according number of points assigned. For the assignment of
points Table 1 shall be used and the results shall be filled into Table 2.
5.4.3.2 Assignment of points
Table 1— Assignment of points
Level Authority decision on Implementation status Points
criteria
1 “O.I.” “Implemented” 10 pts
2 “O.I.” “Pending” 2 pts
3 “O.X.” “Implemented 8 pts
4 “O.X.” “Pending 2 pts
5 “X.X.” n/a 0 pts
The points of each checklist item are summed-up with all other items under the same of the 14 categories.
The Rate [%] is calculated by ‘Accredited Points’ / ‘Max Points’ x 100.
Table 2— Declaration of Implementation
Category Max Points Accredited Rate [%]
Points
1 Logistics 80
2 Human Resources 120
3 Technical controls and system migration 130
4 Distribution of secure public keys and 50
systems access
5 Civil Registration (newly born) 310
6 Civil Registration (other) 70
7 Content update of data-entries 110
8 Reissuance of birth certificates 50
9 Issuance process 30
10 Coding; Transcribing of names and 30
character sets
11 Validity of document 10
12 Vetting of data 50
The report shared is based on the Category and the Rate % per Category.

Annex A
(informative)
Checklist “Declaration of Implementation
A.1 General recommendations on issuance and operational procedures
A.1.1 Logistical aspects
A.1.1.1 Procurement
a) Objective Authority decision on
criteria:
Only qualified security suppliers are invited to
closed tender procedures. □ O.I. □ O.X. □ X.X.
Justification:
Implementation Implementation status:
□ Implemented □ Pending
▪ Follow a two-step approach, where the
specifications are provided only to select
qualified and security cleared suppliers, and Comment:

▪ The suppliers are certified according to
ISO 14298 “Graphic technology –

Management of security printing processes”

[36], or INTERGRAF 15374 “Security
management system for suppliers to the
security printing industry” [35]
b) Objective Authority decision on
criteria:
Ensure protection of the organization’s assets that is
accessible by suppliers, especially with respect to: □ O.I. □ O.X. □ X.X.
- product and process specifications;
Justification:
- communication channels;
- contract relationship;
- auditing of the supplier to be capable of

performing as claimed in the process of
procurement
Implementation Implementation status:
□ Implemented □ Pending
▪ Follow the guidance in ISO/IEC 27002
“Information security, cybersecurity and
privacy protection — Information security
Comment:
controls”, Clause 15 “Supplier relationships”
[42]
A.1.1.2 Transport and distribution of blanks
a) Objective Authority decision on
criteria:
Blank documents and document components such as
inks, seals are distributed by secured measures, □ O.I. □ O.X. □ X.X.
assuring a high level of security against theft.
Justification:
Implementation Implementation status:
Follow: □ Implemented □ Pending
▪ ISO 14298 “Graphic technology –
Management of security printing processes”
Comment:
[36], or INTERGRAF 15374 “Security
management system for suppliers to the

security printing industry” [35], and

▪ EC C(2018)7767: Commission implementing

decision laying down the technical
specifications for the uniform format for
residence permits for third country nationals
and repealing decision C(2002)30691[34]
b) Objective Authority decision on
criteria:
Procedures ensure the detection of lost / stolen
security relevant materials based. These are □ O.I. □ O.X. □ X.X.
regularly reviewed.
Justification:
Implementation Implementation status:
□ Implemented □ Pending
▪ Follow ISO 14298 “Graphic technology –
Management of security printing processes”
[36], or INTERGRAF 15374 “Security
management system for suppliers to the
Comment:
security printing industry” [35]

c) Objective Authority decision on
criteria:
Contingency plans need to address procedures how
to handle lost consumables. These need to address □ O.I. □ O.X. □ X.X.
specifically both uniquely identifiable / trackable
consumables (i.e. numbered document blanks) and
Justification:
non-trackable consumables (inks).

Implementation Implementation status:
□ Implemented □ Pending
▪ Follow ISO 14298 “Graphic technology –
Management of security printing processes”
[36], or INTERGRAF 15374 “Security
management system for suppliers to the
Comment:
security printing industry” [35]

A.1.1.3 Storage
a) Objective Authority decision on
criteria:
Storage conditions need to be such that the materials
can be processed with no loss of its security □ O.I. □ O.X. □ X.X.
parameters.
Justification:
Implementation Implementation status:
□ Implemented □ Pending
▪ Follow ISO 14298 “Graphic technology –
Management of security printing processes”
[36], or INTERGRAF 15374 “Security
management system for suppliers to the
Comment:
security printing industry” [35]

b) Objective Authority decision on
criteria:
Storage prevents unauthorized access to
consumables. □ O.I. □ O.X. □ X.X.
Justification:
Implementation Implementation status:
□ Implemented □ Pending
▪ Follow ISO 14298 “Graphic technology –
Management of security printing processes”
[36], or INTERGRAF 15374 “Security
management system for suppliers to the
Comment:
security printing industry” [35]

c) Objective Authority decision on
criteria:
Processes ensure organisational security, regulating

access, audit trail and validation of stock. □ O.I. □ O.X. □ X.X.
Justification:
Implementation Implementation status:
□ Implemented □ Pending
▪ Follow ISO 14298 “Graphic technology –
Management of security printing processes”
[36], or INTERGRAF 15374 “Security
management system for suppliers to the
Comment:
security printing industry” [35]

A.1.2 Human resources
A.1.2.1 Roles and responsibilities
a) Objective Authority decision on
criteria:
Every member of the staff involved in the civil
registry process has a clearly defined role, □ O.I. □ O.X. □ X.X.
responsibilities, competences.
Justification:
Implementation Implementation status:
□ Implemented □ Pending
▪ Staff involved in any aspect of the civil registry
have a job description.
▪ The responsibilities and tasks are detailed
Comment:
with special focus on the related processes.

A.1.2.2 Training concepts
a) Objective Authority decision on
criteria:
An effective, controlled level of competence of the
staff is ensured at all times. □ O.I. □ O.X. □ X.X.
Justification:
Implementation Implementation status:
□ Implemented □ Pending
▪ Staff on all levels undergo a periodic training
and retraining, including
examination/certification, and
Comment:
▪ Implement guide: Department of Economic
and Social Affairs – Statistics Division (2014):
“Principles and Recommendations for a Vital

Statistics System”. New York, United Nations,

para. 631) [21]
b) Objective Authority decision on
criteria:
Training covers all relevant aspects in adequate
detail, including legal, policy, technical operations, □ O.I. □ O.X. □ X.X.
profiling / interview techniques, adequate document
examination, security impact of the work executed.
Justification:
Implementation Implementation status:
□ Implemented □ Pending
▪ Guide: Department of Economic and Social
Affairs – Statistics Division (2014): “Principles
and Recommendations for a Vital Statistics
System”. New York, United Nations, para. 632)
[21]: The training distinguishes between
Comment:
internal training, oriented towards civil

registrars, vital statisticians and other

technical and administrative personnel, and
external training, which is oriented towards

policy makers, local officials, medical and
health personnel and other impacted by and
impacting the quality and use of civil
registration and vital statistics
c) Objective Authority decision on
criteria:
Training includes interactive and pragmatic training
in accordance to a training plan. Training is not □ O.I. □ O.X. □ X.X.
dedicated to one single entity, but rather inter-
agency with the possibility of networking
Justification:
Implementation Implementation status:
□ Implemented □ Pending
▪ Guide: Department of Economic and Social
Affairs – Statistics Division (2014): “Principles
and Recommendations for a Vital Statistics
System”. New York, United Nations, para. 633)
[21]: “Seminars and workshops for personnel
Comment:
from within the systems should be scheduled

periodically to enable an exchange of views on
problems encountered in civil registration and

vital statistics operations. Participation at the

meetings should be as wide as possible and
should include personnel involved in data
processing, data retrieval and archiving and
persons from outside the systems to promote
the introduction of fresh ideas and
approaches”
A.1.2.3 Access control concept
a) Objective Authority decision on
criteria:
A hierarchical role model is defined, limiting the
number of persons with higher and/or complete □ O.I. □ O.X. □ X.X.
rights to a minimum.
Justification:
Implementation Implementation status:
□ Implemented □ Pending
▪ Define a User Access SOP, and
▪ Follow ISO/IEC 27001:2022, A.9, especially
A9.1.1 and A9.2.5[37]
Comment:
b) Objective Authority decision on
criteria:
Protective mechanisms and procedures disabling the
possibility for unlawful arbitrary issuance of □ O.I. □ O.X. □ X.X.
document
Justificati
...