Four operator roles have been established (requester, approver, generator and certificate manager), one service coordinator (service manager) and three associated figures (physical security manager, logical security manager and archivist). The function performed by each of the roles is explained below:

Requester: person responsible for entering the data of the certificate requests in the certificate request application. It should be noted that when a request is entered through EACAT this role disappears and is reserved for extraordinary cases (new entities or entities not registered in EACAT or technical problems that prevent use of the platform.)

– Approver: person in charge of reviewing the data of the requests entered by the petitioner and approving (validating) or denying (returning to the petitioner) the request accordingly. In the case of requests entered by the EACAT, this will not be a task of reviewing the work of the petitioner, which does not exist, but it will be necessary to check that there are no obvious errors, evidence from the entities requesting certificates, etc.

Generator: person in charge of generating the certificates once the requests have been approved

Certificate Manager: person in charge of enabling and revoking digital certificates during their life cycle (suspension is only by telephone). It should be noted that when a request is received through EACAT this role disappears and is reserved for emergency cases (when it is not possible to use EACAT).

Service Manager: The service manager is responsible for the coordination and proper functioning of the Registration Entity, in case of applications arriving on paper or signed PDF, receives the documentation, validates the identity and authority of the applicant, verifies the documentation, notifies the subscriber of the start of the processing, opens the files, archives the documentation and notifies the petitioner of the start of the process. In addition, he acts as a liaison between the organization and CATCert.

Physical security manager: the functions of the physical security manager consist of coordinating, controlling and reviewing the set of measures contained in the security policy and the security rules and procedures related to physical aspects. That is, everything that refers to access control to the operations room, fire detection and extinguishing, protection of information and material at a physical level, etc. This role is included in the person responsible for the T-CAT Registration Entity.

Logical Security Manager: The functions of the logical security manager consist of coordinating, controlling and reviewing the set of measures contained in the security policy and the security rules and procedures related to the logical aspects of the Registry Entity. That is, everything that refers to IT security (network access control, software installation policies, equipment configuration, etc.). This role is included in the Registry Entity Manager T-CAT.

Archivist: the archivist or the person designated by him/her will be responsible for organizing, classifying, describing and ensuring the safeguarding of the documentation generated as a result of the issuance and management of certificates in accordance with the document management system of his/her organization, or in his/her absence, according to the guidelines established by the CATCert archivist. This role is included in the Head of the Registration Entity T-CAT.