You are here

Approval Processes

The tScheme approval process

Any organisation which is a legal entity can apply for tScheme approval. The whole process, from start to finish, can take as little as three months. Organisations which have already achieved ISO 27001 or ISO 9000 certification, or are regulated by the Financial Conduct Authority, may already have systems and procedures in place which make approval more straightforward.

These are the main steps involved in obtaining approval for your scheme.

  • Select your tScheme Profile – tScheme Profiles are available for PKI (Public Key Infrastructure) and non-PKI technologies. More about tScheme Profiles.
  • Select an assessor – tScheme assessors are 100% independent and UKAS accredited. More about approved assessors.
  • Agree outline specification of service – This provides a high-level description of the service with the assessor to be submitted for approval, and lists the relevant Approval Profiles for the type of service approval sought.
  • Register with tScheme – This includes a contract that binds your organisation to an agreed timetable for assessment and approval, and to the tScheme Code of Conduct. Agree to pay a Registration fee of up to £5,000(+VAT) per annum, but which will be offset against any Approval Fee due within 12 months once the Grant of Approval has been achieved.
  • Work with your assessor – Your assessor will guide you through the approval process and make sure you have the systems and procedures in place to comply with the requirements of your selected Profiles.
  • Final audit and report – When systems are in place, your assessor will conduct an audit and produce a report, which is submitted to tScheme as evidence that your service meets the requirements.
  • tScheme review – The assessor’s report is reviewed by our independent Approvals Committee, which reports to the tScheme board. The Committee is formed from experts across our membership — practitioners who are responsible for the development and maintenance of the technical aspects of tScheme.
  • Approval – If our independent Approvals Committee is satisfied with the assessor’s report, they will grant approval of your service and, if appropriate, notify whichever Trust scheme you are seeking to be part of. You can then display the tScheme approval mark on your website or other materials in relation to the Trust Scheme concerned. More about tScheme approval Trust marks.

Maintaining quality

As part of our quality commitment, regular re-assessment audits are carried out by tScheme-recognised assessors. In case of justified complaint, the contract between tScheme and the service provider provides for appropriate remedy and sanctions. This could mean a notice for immediate correction, suspension of approval rights pending correction, or, in severe circumstances, termination of approval rights. Any trust service providers found to be in breach of their obligations also have rights of appeal against any decisions.

The approval journey

Why tScheme approval?

It’s the mark which says your service meets the highest standards of trust.


Getting tScheme approval

Approval usually takes at least three months, but it can be quicker.


Schemes and Profiles

Providing guidelines and criteria for organisations to develop their trust services.