A signing set is a container for software items (for example, code, executables, hash values), optional supporting files (for example, test documents), and a signing service. The signing service must be appropriate to the item in the signing set. For example, a signing set for an Android app would need a signing service for Android.
Your service manager works with DigiCert to set up the signing services that your workgroups need. The Secure App Service administration GUI also lets the service manger set a flag on a signing service to require review and approval. The "approval required" flag routes the signing set to the service manager or a test house for review and approval before it is passed to the CA for signing.