A certification practice statement (CPS) defines the measures taken to secure CA operations and the management of CA-issued certificates. You can consider a CPS to be an agreement between the organization managing the CA and the people relying on the certificates issued by the CA.
By reviewing a CA’s CPS—a public document that should be readily available to all participants—a relying party can determine whether the certificates issued by that CA meet its security requirements. The CPS can contain the following information:
How the CA will enforce the measures necessary to validate the certificate’s subject, as required by the certificate policy
The liability of the organization in the event that an act of fraud ...