Certification Bodies SCESm 0071 and SCESp 0127

KPMG’s Certification Bodies SCESm 0071 and SCESp 0127 are officially accredited by the Swiss government’s Accreditation Body SAS based on the norms ISO/IEC 17021-1 and ISO/IEC 17065 to perform formal certification audits in various management system and product domains.

We focus on digitalization, information governance and process quality. In addition, we are specialized in software engineering and ICT-infrastructure security certification assessment services. These areas are faced with three basic challenges that threaten the clients’ business success:

Comply with customer requirements and government regulations and standards
Protect the organization through embedding quality and instituting best practices
Grow the organization, extend customer reach and satisfaction, thereby increase revenue
Security protection in ICT implementations and software programming due to very complex online platform systems and applications

Management systems allow organizations to meet these challenges by installing best practices and validating, through certifications, that they are properly established in the company.

KPMG operates two accredited certification bodies in Switzerland:

SCESm 0071: Certification body for management system certifications in Switzerland, accredited by SAS
SCESp 0127: Certification body for product certifications in Switzerland, accredited by SAS

Reto P. Grubenmann

Director, Head of Certification & Attestation

KPMG Switzerland

Certification Body SCESm 0071 (Switzerland)

Relevant standards and norms

ZertES (SR 943.03)
VZertES (SR 943.032)
TAV (SR 943.032.1)
ETSI EN 319 401
ETSI EN 319 411-1
ETSI EN 319 411-2
ETSI EN 319 412-1
ETSI EN 319 412-2
ETSI EN 319 412-5
ISO/IEC 9596-8
IETF RFC 3739
IETF RFC 5280
IETF RFC 6960
IETF RFC 3647

KPMG Switzerland Certification - Swiss Accreditation SCESm 0071

Relevant standards and norms

ZertES (SR 943.03)
VZertES (SR 943.032)
TAV (SR 943.032.1)
ETSI EN 319 401
ETSI EN 319 411-1
ETSI EN 319 411-2
ETSI EN 319 412-1
ETSI EN 319 412-3
ETSI EN 319 412-5
ISO/IEC 9596-8
IETF RFC 3739
IETF RFC 5280
IETF RFC 6960
IETF RFC 3647

Relevant standards and norms

ZertES (SR 943.03)
VZertES (SR 943.032)
TAV (SR 943.032.1)
ETSI EN 319 401
ETSI EN 319 421
ETSI EN 319 422
IETF RFC 3161
IETF RFC 5816

Relevant standards and norms

ZertES (SR 943.03)
VZertES (SR 943.032)
TAV (SR 943.032.1)
ETSI EN 319 401
EN 419 241-1
ETSI TS 119 431-1
FIPS PUB 140-2
ISO/IEC 15408
ISO/IEC 19790
EN 419 211-2
EN 419 211-3
EN 419 211-4
EN 419 211-5
EN 419 211-6
EN 419 232-5
EN 419 241-2

Relevant standards and norms

ZertES (SR 943.03)
VZertES (SR 943.032)
TAV (SR 943.032.1)
ETSI EN 319 401
ETSI TS 119 641
ISO/IEC 30107-1
ISO/IEC 30107-3

KPMG Switzerland Certification - ETSI TS 119 461

Relevant standards and norms

SR 816.11 (EPDV)
SR 816.111 (EPDV-EDI)
EPDV-EDI (TOZ) Appendix 2
EPDV-EDI (TOZ) Appendix 3
EPDV-EDI (TOZ) Appendix 5
Referred to ISO/IEC 27001
Referred to ISO/IEC 27701
IAF MD-1

KPMG Switzerland Certification - EPDG-TOZ

Electronic Patient Records & Certifications

Relevant standards and norms

SR 235.1 (DSG)
SR 235.11 (DSV)
SR 235.13 (VDSZ)

incl. KVV Art. 59a electronic and physical data access system for MCD / SwissDRG certifications
(incl. ordinance of health insurance)

KPMG Switzerland Certification - DSG, VDSG, VDSZ SR 235.13

Relevant standards and norms

ISO/IEC 27001
ISO 27799

KPMG Switzerland Certification - IAF Member of Multilaterial Recognition Arrangement

KPMG Switzerland Certification - ISO/IEC 27001

Relevant standards and norms

ISO/IEC 20000-1

Relevant standards and norms

ISO/IEC 27017
ISO/IEC 27018

Accreditation ongoing

Relevant standards and norms

BS 10008
Referred to BIP 0008-1
Referred to BIP 0008-2
Referred to BIP 0008-3

Relevant standards and norms

Network and certificate systems security requirements
Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates
Guidelines for the Issuance and Management of Extended Validation Certificates
Baseline Requirements for the Issuance and Management of Publicly-Trusted Code Signing Certificates

KPMG Switzerland Certification - WebTrust Extended Validation

Relevant standards and norms

Principles and Criteria for Certification Authorities
Principles and Criteria for Certification Authorities – SSL Baseline with network Security
Principles and Criteria for Certification Authorities – Extended Validation SSL

Certification Body SCESp 0127 (Switzerland)

Relevant standards and norms

SR 816.1 (EPDG)
SR 816.111 (EPDV-EDI)
EPDV-EDI (IDP) Appendix 8

Based on the security protection profile (PP) according to Common Criteria (CC) Version 3.1 revision 4, Trust Level EAL 2 (structured tested)

and with the following relevant standards:

ISO/IEC 29115 based on level of assurance LoA3
ISO/IEC 24760-2 with dedicated selected control objectives
ISO/IEC 27001 mit dedizierter Auswahl von Kontrollzielen
OASIS SAML V2.0 Post/Artifact Bindings with Back-Channel
OASIS WS-Trust V1.3

KPMG Switzerland Certification - Swiss Accreditation SCESp 0127

KPMG Switzerland Certification - EPDG-IdP

Further Attestations

Relevant standards and norms

ISAE 3000 Type 1, Type 2 (SOC 2)
ISAE 3402 Type 1, Type 2 (SOC 2)

Relevant standards and norms

OR 958ff, GeBüV

Based on the “Verordnung über die Führung und Aufbewahrung der Geschäftsbücher», incl. OR Art. 958f

Further information

Certifications Services Overview

Download PDF

Downloadopens in a new tab

Compliance & Methodology

Download factsheet

Downloadopens in a new tab

Meet our expert

Reto P. Grubenmann

Director, Head of Certification & Attestation

KPMG Switzerland

How can we support your business?

Please send me an email or request a proposal.

Request for Proposal

Certification Bodies SCESm 0071 and SCESp 0127

Reto P. Grubenmann

Certification Body SCESm 0071 (Switzerland)

Relevant standards and norms

Relevant standards and norms

Relevant standards and norms

Relevant standards and norms

Relevant standards and norms

Relevant standards and norms

Relevant standards and norms

Relevant standards and norms

Relevant standards and norms

Relevant standards and norms

Relevant standards and norms

Relevant standards and norms

Relevant standards and norms

Certification Body SCESp 0127 (Switzerland)

Relevant standards and norms

Further Attestations

Relevant standards and norms

Relevant standards and norms

Further information

Certifications Services Overview

Compliance & Methodology

Meet our expert

Reto P. Grubenmann

Contact

Company

Careers

Certification Bodies SCESm 0071 and SCESp 0127

Reto P. Grubenmann

Certification Body SCESm 0071 (Switzerland)

Qualified Electronic Signatures

Regulated Electronic Seals

Qualified Electronic Timestamps

Remote Signing Infrastructures (Server Signing)

Remote Identification

Electronic Patient Record System (EPD) for health communities and EPD Platform Providers as well as for health contributors - IT-infrastructure and software architecture for EPD platform providers (PP)

Data Privacy and Data protection Management Systems (DSMS)

Information Security Management System (ISMS)

IT Service Management (ITSM)

Cloud Security: Data Privacy and data protection in a cloud-environment

Evidential weight and legal admissibility of electronic information (Electronic Records Management System, ERMS)

CA/Browser Forum

WEBTRUST CPA (Canada)

Certification Body SCESp 0127 (Switzerland)

Identity Provider (IDP) for the identity issuance within the health EPD market

Further Attestations

International Standard on Assurance, ISAE 3402 and ISAE 3000

GeBüV, OR 958 f

Further information

Certifications Services Overview

Compliance & Methodology

Meet our expert

Reto P. Grubenmann