Building documentation to support your PKI
To securely operate a PKI all processes and procedures must be well documented, including:
Certificate Policy and Certification Practice Statement;
High and Low Level Documentation;
Operations manual (runbook) covering the procedures and step-by-step instructions on the operation of the PKI;
Disaster recovery plan to minimize the impact in case of failure and to enable all business services to run with minimal interruption;
Troubleshooting script to guide first line support team;
Guidance on the auditing required in order to retain trust in the PKI.