...
https://aaf.edu.au/wp-content/uploads/2015/04/AAF_example_org_report.pdf
aaf.edu.au/wp-content/uploads/2015/04/AAF_example_sum_report.pdf
- Assurance: understand requirements, aware of identity proofing
- Technical: attribute filtering, high availability configuration, deployment, responsibility for operation, monitoring, version of IdP software, version of Java JDK
- User Interface: help desk, recover passwords, terms of use
- Security: old versions, vulnerabilities, SHA1 in metadata, web server and server configuration, open ports
ISO 27k
relevant: annex 9 ISO 27k1 and chapter 9 ISO 27k2
...