Update 2018-07-23: This document has been superseded by a new version that encompases more federation systems.
This is a self-assessment of the South African Identity Federation’s compliance with the REFEDS Security Incident Response Trust Framework for Federated Identity (Sirtfi) version 1.01. Such an assessment is necessary because the Federation uses a hub-and-spoke architecture, and thus some Federation components are in scope for identity- and service- providers own Sirtfi assessments. For this reason, SAFIRE’s own assessment includes more detail than it normally requires of Federation Participants (who need only provide the expression of compliance).