Versions Compared

Old Version 95

changes.mady.by.user Drummond Reed

Saved on

compared with

New Version 96

changes.mady.by.user Drummond Reed

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: wordsmithing to accompany the mental model Companion Guide

...

This section is a non-normative general introduction to the GF whose purpose is to orient first-time readers as to the overall context of the GF. It:

  1. SHOULD reference any external websites, white papers, or other helpful background materials.
  2. SHOULD reference have a reference to the ToIP Foundation, the ToIP Stack, and the specific version of the ToIP Governance Template from which it was derivedTemplate upon which the GF is based.
  3. MAY include an "Acknowledgements" section to acknowledge the thanking contributors to the GF.

Terminology and Notation

This section asserts the terminology conventions used in the GF. It:

  1. MUST explicitly specify the use of the ToIP Governance Requirements Glossary (see below).
  2. MUST reference the Glossary for all other terms (see the Controlled Documents section).
  3. SHOULD specify that all RFC 2119 keywords used with their RFC 2119 meanings are capitalized.
  4. SHOULD specify any other formatting, layout, or layout notation conventions used in the Primary Document or Controlled Documents.

...

Info
titleToIP Governance Requirements Glossary
  • Requirements include any combination of Machine-Testable Requirements and Human-Auditable Requirements. Unless otherwise stated, all Requirements MUST be expressed as defined in RFC 2119
    • Mandates are Mandatories are Requirements that use a MUST, MUST NOT, SHALL, SHALL NOT or REQUIRED keyword.
    • Recommendations are Requirements that use a SHOULD, SHOULD NOT, or RECOMMENDED keyword.
    • Options are Requirements that use a MAY or OPTIONAL keyword.
  • Machine-Testable Requirements are those with which compliance can be verified using an automated test suite and appropriate scripting or testing software.
    • Rules are Machine-Testable Requirements that are written in a Machine-Readable language and can be processed by a Rules Engine. They are expressed in a structured rules language as specified by the GF.
  • Human-Auditable Requirements are those with which compliance can only be verified by a human audit of Policies, Processes, and Practices.
    • Policies are Human-Auditable Requirements written using standard conformance terminology. For Policies used in ToIP Governance Frameworks, the standard terminology is  RFC 2119 keywords. Note that all RFC 2119 keywords have weight from an auditing perspective. An implementer MUST explain why a SHOULD or RECOMMENDED requirement was not implemented and SHOULD explain why a MAY requirement was implemented.
    • Processes are Human-Auditable Requirements that specify actions and methods to achieve Policy objectives.
    • Practices are activities within Processes to achieve Process requirements.
  • Specifications are documents containing any combination of Machine-Testable Requirements and Human-Auditable Requirements needed to produce technical interoperability.

...

This section asserts the legal authority for governance of the GF. It:

  1. For the Governing Authority or each interdependent Governing Authority, this section:
    1. MUST state the full legal identity including Jurisdiction(s).
    2. MUST state the DID.
    3. SHOULD provide an LEI.
    4. MUST provide contact information for
    the Governing Authorit(ies) as Legal Entit(ies)
    1. official communication to the Legal Entity.
    2. SHOULD provide contact information for official contacts.persons acting on behalf of the Legal Entity.
  2. For the GF itself, this section:
    1. SHOULD provide the URL for a publicly-accessible Governance Framework Website dedicated to the GF (GF Website)
    at a URL dedicated to the GF website
    1. .
  3. The GF Website SHOULD include in the GF Website:
      If applicable, a primary Trust Mark for the GF and displayed prominently on the home page.
    1. HTML versions of all documents in the GF.
    2. PDF versions of all documents in the GF.
    3. Highlighted links to the Governance Requirements section that specify how the Governing Authority itself is governed.
    4. If applicable, a primary Trust Mark for the GF and displayed prominently on the home page.

Administering Authority

If the Administering Authority for the GF is different from the Governing Authority, include this section. It:

...