Why can’t ISCC approve a 3rd party Service Provider? 

Since there is no official guidance on the process of Service Provider approval, it can be anticipated that 14 different VSs will apply different standards. Furthermore, prerequisites of utmost importance, such as governance structure, IT security and GDPR are not yet defined by the EC. Therefore, ISCC does not see itself in a position to approve 3rd party Service Provider at this point in time.