The Application of Third Party Certification Programme in Malaysia

BSI Management Systems Malaysia the wholly owner subsidiary of BSI Management System (MS) which is an operational organisation within the British Standards Institution (BSI) Group offering more than 20 accredited certification activities in Third Party Systems Assessments. BSI MS has clients in countries all over the world.

BSI Management Systems is one of the world’s largest certification bodies, with over 60,000 certified locations around the world. We provide management systems assessment, certification and training services to clients for recognised international and national / industry standards, including ISO 9001, ISO 14001, OHSAS 18001, ISO 27001, ISO 20000, ISO 13485, ISO 22000, TS 16949, TL 9000 as well as many more industry specific standards such as the BRC standards, CE Marking, CMDCAS, KITEMARK, and also a provision of RSPO Certification Body.

Established in Jan 2005, the aim of BSI Management Systems Malaysia is to assist its clients to maximize business advantage and reduce their risks through helping them to improve their operational effectiveness, reduce costs, increase customer focus and satisfaction and continually improve.

BSI, which is a global brand, is also a founder and leading member of European and International Standards Organisation.

Since its foundation in 1901 as the Engineering Standards Committee, BSI Group has grown into a leading global independent business services organization. BSI Group is a Royal Charter organisation and the world’s oldest National Standards Body. Today BSI is made up of 3 groups: Bristish Standards, Management Systems and Product Services, with services aimed at raising standards in more than 110 countries worldwide including Asia Pacific – Greater China, Hong Kong, Taiwan, Japan, Korea, India, Singapore, Malaysia, Thailand.

BSI's other offices in – Brazil, Canada, Dubai, France, Iran, Mexico, Poland, Russia, South Africa, Spain, Turkey, UK, USA and etc..

BSI maintains its independence and impartiality through the Royal Charter and an organisation and management system which is monitored by external accreditation bodies worldwide as being in conformance with international standards including ISO/IEC 17021:2006. However, in order to ensure its impartiality, BSI MS does not provide consultancy services.

BSI operates to a Code of Conduct, and makes its services accessible to all applicants limited only by BSI’s scope of accreditation or notification and willingness for clients to comply with the relevant conditions of contract.

Assessment and Certification
BSI MS is a leading global provider of management systems assessment and certification solutions across a broad range of business areas and standards, including:

Quality
The framework for effectively managing your business. ISO 9001:2000

Information Security
Protect sensitive company information with ISO/IEC 27001:2005 (BS 7799)

Food Safety
Ensure safe food with ISO 22000:2005

Automotive
Driving excellence in the automotive supply chain. ISO/TS 16949:2002

SA 8000 Social Accountability
Demonstrating responsible business

Medical Devices
ISO 13485:2003, CMDCAS, US FDA 510k Review

Complaints/Satisfaction
Ensure customer care equals customer loyalty with ISO 10002:2004 and CMSAS 86:2000

GreenHouse Gas Emissions Verification
Ensuring the accuracy of environmental information GHGEV

CCA Contact Centre Management
Best practice framework for contact centres

Market Research
Best practice for market researchers ISO 20252:2006

Environment
Manage environmental impacts with ISO 14001:2004

IT Services
Effectively manage IT Services with ISO/IEC 20000:2005 (BS 15000)

Telecommunications
Enhance performance with TL 9000

Business ContinuityManagement
Minimizing disruptions - Maximising recovery BS 25999

Occupational Health & Safety
Promote a safe working environment with OHSAS 18001:2007

Aerospace
Reaching new heights in the aerospace industry AS9100, AS9110, AS9120

Oil & Gas
Fuelling best practice in the oil and gas industries ISO 29001

Integrated Management
Growing together - an integrated approach to management systems.PAS 99

BRC Global Standard - Consumable Products/Food/Packaging
Consumer Products along with the BRC Food and Packaging standards

HACCP
Managing Food Safety Risks

MSC Trustgate.com Sdn Bhd is a licensed Certification Authority (CA) in Malaysia since 1999. It provides complete security solutions and leading trust services that are needed by individuals, enterprises, government, and e-commerce service providers using digital certificates, digital signatures, encryption and decryption.

Trustgate operates within the Multimedia Super Corridor. It was incorporated in 1999 to meet the growing need for secure open network communications and become the catalyst for the growth of e-commerce, both locally and across the ASEAN region. At present, MSC Trustgate has 12 million in paid up capital.

Trustgate is licensed under the Digital Signature Act 1997 (DSA), a Malaysia law that sets a global precedent for the mandate of a CA. As a CA, Trustgate’s core business is to provide digital certification services, including digital certificates, cryptographic products, and software development.

It is committed to provide the finest Public Key Infrastructure (PKI) to assist all types of companies and institutions conducting their business over the Internet. The state of the art back-end infrastructure that costs RM 14 million is one of the best in the region.

Product and services offered by Trustgate:

1. SSL Certificate for Internet, Intranet and Server Security
Trusgate offers two SSL Certificates for server security due to increasing phishing and spoofing attacks on the Internet to make sure customers are trusting that they are dealing with trusted parties when they conduct business online. The two certificates are Global Server ID and Secure Server ID. Global Server ID adopts today's strongest encryption commercially available for secure communications via Server Gated Cryptography (SGC) technology. Secure Site SSL Certificates protect the transfer of sensitive data on Web sites, intranets, and extranets using a minimum of 40-bit and up to 256-bit encryption. It includes VeriSign Secured Seal.



2. Managed PKI for Enterprise Trust Services
Managed Public Key Infrastructure (MPKI) service is a fully integrated enterprise platform designed to secure intranet, extranet, and Internet applications by combining maximum flexibility, performance, and scalability with high availability and security. The service allow enterprise to quickly and cost-effectively establish a robust PKI and Certification Authority (CA) system with complete control over security policies, PKI hierarchies, authentication models, and certificate lifecycle management.

Linked to Trustgate’s robust, high-availability certificate processing services, the service enables faster deployment and lower operating costs while providing an open platform that integrates with off-the-shelf solutions.


3. Digital ID for Secure Transactions, Documents & E-mails
Digital ID is used to sign & encrypt transactions. Digital ID is an electronic credentials that uses private key and public key to facilitate the following operations:

-Authentication – you are who you claim you are
-Privacy – your confidential data remains private
-Authorization – control user access rights to important data
-Integrity – be sure data is not altered behind your back
-Non-repudiation – have the evidence in the event of a dispute



4. MyTRUST for Mobile Signature
With MyTRUST
SIM card can be turned into a Mobile Digital Identity for secure mobile banking and other financial services. Mobile digital signature provides non-repudiation on transactions under the Digital Signature Act, 1997. It runs on Wireless PKI platform and Mobile Operator infrastructure. PKI-enabled SIM cards are preloaded with MyTrust application and a digital certificate from a licensed Certification Authority. Users are able to digitally sign any transaction with ease and convenience via their mobile phone.


MyTRUST for Government


MyTRUST for Banks


MyTRUST for Enterprise




5. MyKad PKI (MyKey)
MyKey, is the MyKad PKI solution that works with your physically MyKad, allowing you to authenticate yourself online and to digitally sign documents or transactions and is accepted by the Malaysian government


6. SSL VPN for Remote Access Services
SSL VPN solution provides secure remote access based on the web security standard SSL (Secure Socket Layer). This award winning SSL VPN can be configured to access multiple intranet sites with single sign-on. Using a standard browsers and an Internet connection, people can get access to their intranet, e-mail and business system from wherever you are and whatever device you choose.SSL VPN solution provides an advanced policy management component to authenticate users and type of device they are using. The security feature may be extended to including two-form authentication with the choice of tokens, downloaded Java applets, challenge-respond or static password stored in your device, or one-time password sent via SMS.


7. Verisign Certified Training
MSC Trustgate has been appointed as Asia's first VeriSign Authorised Training Centre. Under this partnership, MSC Trustgate.com and APIIT (Asia Pacific Institute of Information Technology) jointly facilitate the delivery of VeriSign’s high-end Security and E-Commerce programmes.Other security courses available include Watermarking and Wireless hacking, sniffing, penetration testing through tools. All IT professionals who are involved in designing, evaluating, or implementing Internet security are encouraged