Versions Compared

Old Version 56

changes.mady.by.user Drummond Reed

Saved on

compared with

New Version Current

changes.mady.by.user Drummond Reed

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This page represents the proposed structure of the ToIP Governance Metamodel. The purpose of the metamodel is the home page for the ToIP Governance Metamodel Specification. Please see the Governance Metamodel Companion Guide for a "user's guide" to this specification.  The purpose of this ToIP specification is to provide an overall template for ToIP-compatible governance compatible governance frameworks from which the GSWG will then develop layer-specific templates are derived.  Each layer-specific template will be an instance of the metamodel that adds MUST comply with this specification.  They SHOULD add details such as:

Notation and Keywords

All terms appearing in bold on this page are listed in either the ToIP Core Glossary (based on the ToIP Core terms wiki) or the ToIP Governance Glossary (based on the GSWG terms wiki.) For more information see the Terms Wiki page of the Concepts and Terminology WG.

The The balance of this page defines the proposed metamodel and the requirements for each component. In these requirements, the key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED",   "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as defined in RFC 2119.

All terms appearing in First Letter Caps on this page MUST be added to the ToIP Glossary tagged for inclusion in the ToIP Governance Glossary. (Note: the Concepts and Terminology WG has been briefed on this dependency.) The following terms have specific definitions used in this document:

Info
titleNEW
  • Requirements include any combination of Policies, Rules, and Specifications. Unless otherwise stated, all Requirements MUST be expressed as defined in RFC 2119
  • Machine-Testable Requirements are Requirements with which compliance can be verified using an automated test suite and appropriate scripting or testing software.
  • Human-Auditable Requirements are Requirements with which compliance can only be verified by an audit of people, processes, and procedures.
  • Policies are Human-Readable Requirements. For Policies, the full range of RFC 2119 keywords apply, i.e., "SHOULD", "MAY", and "RECOMMENDED" all have weight from an auditing perspective. An implementer MUST explain why a SHOULD or RECOMMENDED was not implemented and SHOULD explain why a MAY was implemented.
  • Rules are Machine-Readable Requirements that can be processed by a Rules Engine. They are expressed in a structured rules language as specified by the GF.
  • Specifications are documents containing any combination of Machine-Testable Requirements and Human-Auditable Requirements needed to produce technical interoperability.

Table of Contents

Primary Document

The Primary Document is the "home page" for the governance framework (GF). It:

  1. MUST have a DID (Decentralized Identifier) that serves as an identifier of the entire GF.
  2. MUST have a unique DID URL (defined in the DID spec) to identify each specific version of the Primary Document.
  3. MUST contain authoritative references to all other documents included in the GF, called the Controlled Documents.
  4. MUST include Policies in the Revisions section stating how the Controlled Documents are governed by the Governance Authority.

Introduction

This section is a non-normative general introduction to the GF whose purpose is to orient first-time readers as to the overall context of the GF. It:

described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

Table of Contents

Primary Document

The primary document is the "home page" for the governance framework (GF). It:

  1. MUST have a DID (decentralized identifier) that serves as an identifier of the entire GF.
  2. MUST have a unique DID URL (as defined in the W3C Decentralized Identifiers 1.0 specification) to identify each specific version of the primary document.
  3. MUST contain authoritative references to all other documents included in the GF, called controlled documents.

Introduction

This section is a non-normative general introduction to the GF whose purpose is to orient first-time readers as to the overall context of the GF. It:

  1. SHOULD reference any external websites, white papers, or other helpful background materials.
  2. SHOULD reference the ToIP Foundation, the ToIP stack, and the specific version of the ToIP governance template upon which the GF is based (if any).
  3. MAY include an "Acknowledgements" section citing contributors to the GF.

Terminology and Notation

This section asserts the terminology conventions used in the GF. It:

  1. MUST explicitly specify the use of the ToIP Governance Requirements Glossary (see below).
  2. MUST reference the GF Glossary controlled document for all other terms (see the Controlled Documents section).
  3. MAY specify that terms specific to one controlled document are defined in that controlled document.
  4. MUST specify that all RFC 2119 keywords used with their RFC 2119 meanings are CAPITALIZED.
  5. SHOULD specify any other formatting, layout, or notation conventions used in the primary document and/or controlled documents.


ToIP Governance Requirements Glossary

requirement

In the context of a governance framework (GF), a requirement states a condition that an actor (human or machine) must meet in order to be in conformance. In ToIP-compliant GFs, all requirements MUST be expressed using RFC 2119 keywords.

mandatory

A requirement expressed using one of the following RFC 2119 keywords: "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT".

recommendation

A requirement expressed using one of the following RFC 2119 keywords: "SHOULD", "SHOULD NOT", "RECOMMENDED".

option

A requirement expressed using one of the following RFC 2119 keywords: "MAY", "OPTIONAL".

human-auditable requirement

A requirement expressed in a human language that can only be fulfilled by a human actor performing a set of processes and practices against which conformance can only be tested by an auditor of some kind. In a ToIP-compliant governance framework, human-auditable requirements are expressed as policies.

machine-testable requirement

​​A requirement written in a machine-readable format such that conformance of a software actor implementing the requirement can be tested by an automated test suite or rules engine. In a ToIP-compliant governance framework, machine-readable requirements are expressed as rules in a rules-based language.

policy

A human-auditable requirement that specifies some set of processes and practices that an actor must follow in order to be in conformance with the requirement.

process

A specified set of actions that an actor must take in order to be in conformance with a policy. A process may consist of a set of practices.

practice

A specified activity that an actor must perform as part of a process.

rule

A machine-testable requirement written in a machine-readable language that can be processed by a rules engine.

specification

A document or set of documents containing any combination of human-auditable requirements and machine-testable requirements needed to produce interoperability amongst implementers. Specifications may be included in (as controlled documents) or referenced from a governance framework.

Localization

This section covers the policies governing languages and translations for the GF. It:

  1. MUST specify the official language or languages for the GF.
  2. SHOULD use an IETF BCP 47 language tag to identify each official language.
  3. SHOULD specify and provide links to all official translations of the GF.
  4. SHOULD specify the policies and/or rules governing the production of translations.

Governing Authority

This section asserts the legal authority for governance of the GF.

  1. For the governing authority (or each interdependent governing authority), this section:
    1. MUST state the full legal identity including jurisdiction(s).
    2. MUST state the DID.
    3. SHOULD include the Legal Entity Identifier (LEI) of the governing authority as defined by the Global Legal Entity Foundation (GLEIF).
    4. MUST provide contact information for official communication with the governing authority.
    5. SHOULD provide contact information for official persons acting on behalf of the governing authority.
  2. For the GF itself, this section:
    1. SHOULD provide the URL for a publicly-accessible website dedicated to the GF ("GF website").
  3. The GF website SHOULD include:
    1. HTML versions of all documents in the GF.
    2. PDF versions of all documents in the GF.
    3. Highlighted links to the Governance Requirements controlled document(s) that specify how the governing authority itself is governed.
    4. If applicable, a primary trust mark displayed prominently on the home page and in the header of every other page.

Administering Authority

This section is only REQUIRED if the administering authority for the GF is different from the governing authority. It:

  1. MUST state the full legal identity of the administering authority.
    1. SHOULD provide the Legal Entity Identifier (LEI) of the administering authority as defined by the Global Legal Entity Foundation (GLEIF).
  2. MUST provide contact information for official communication with the administering authority.
    1. SHOULD provide contact information for official contacts acting on behalf of the administering authority.
  3. MUST clearly define the role of the administering authority i.e., what administrative authority the governing authority delegates to the administering authority and what decisions and processes remain the responsibility of the governing authority
  4. SHOULD have a reference to the ToIP Foundation, the ToIP Stack, and the specific version of the ToIP Governance Template from which it was derived.
  5. MAY include an Acknowledgements section to acknowledge the contributors to the GF.

Purpose

This is a short, clear statement of the overall purpose ("mission") of the GF. It:

  1. SHOULD be as short and concise as possible—ideally one sentence, or only a few sentencesat most one paragraph.

Scope

This is a statement of what is in and out of scope of for the GF. It:

  1. SHOULD clearly state the primary Governed Actors in the Trust Communitygoverned roles in the trust community.

  2. SHOULD state any other relevant stakeholders.

  3. SHOULD state the primary types of interactions or transactions these Governed Actors will be engaging in. , transactions, or processes in which the actors serving these roles will be engaged.
  4. SHOULD state what kind of artifacts will be governed.
  5. SHOULD, if applicable, clearly state who and what are is out of scope.

Objectives

This section states the high-level outcomes desired by the Trust Community the trust community through its adoption of the Governance FrameworkGF. It:

  1. SHOULD specify tangible, achievable results (e.g. SMART criteria and Fit-for-purpose Purpose criteria).
  2. SHOULD specify the intended overall outcomes to be produced by conformance with the Requirements in the GF.
  3. MUST only contain outcomes over which the GF has the authority and mechanisms to achieve within its Scopescope.
  4. MUST be consistent with its Principlesthe principles of the GF (below).

Principles

This section states the Principles principles by which all members of the Trust Community have agreed the trust community agree to abide. It:

  1. SHOULD serve as a guide to the development of any Requirements based on each Principle ("Principles guide Policies policies, rules, and other requirements in the GF ("principles guide policies").
  2. SHOULD, if applicable, refer to previously existing Principles—whether principles (whether defined by other ToIP GFs or by other sources—whenever possiblesources).
  3. SHOULD be referenced (along with any other relevant parts of the GF) in any Legal Agreement between Members and the Governance Authority so as to help clarify intent.
  4. MUST NOT include requirements using RFC 2119 terms (e.g., using capitalized RFC 2119 keywords) for which either human or machine conformance can be directly tested — those should MUST be stated as Requirements policies or rules elsewhere in the GF.

General Requirements

This section contains Requirements that requirements that apply to the GF as a whole and not just in the context of a particular Controlled Document controlled document. It:

  1. SHOULD include the Policies that requirements that:
    1. Apply generally  Generally apply to governance of the entire Trust Community;entire trust community.
    2. Apply to the structure of the GF , (e.g., what Controlled Documents must be specified by whom and applied to whomwho is responsible for which controlled documents).
    3. Guide the development of more specific Policies within the Controlled Documents requirements within the controlled documents.
  2. SHOULD NOT include Policies that requirements that apply only within the context of a specific category addressed by one of the Controlled Documentsthe controlled documents.
  3. MUST include Responsible Use Policies any responsible use policies that apply generally to infrastructure governed by the GF.
  4. MUST include any Regulatory Compliance Policies that regulatory compliance policies that are not specified within particular Controlled Documents controlled documents.
  5. SHOULD include a Code of Conduct (if not included in the legal documents) that applies to all trust community members.

Revisions

This section contains the specific Policies governing requirements governing revisions to the GF. It does not include Governance Policies for the Governance Authority or interdependent Governance Authorities (those are defined in Controlled Documents in the Governance category). It: It:

  1. MUST include requirements specifying:
    1. How
  2. MUST state the full legal identity and contact information for the primary Governance Authority or interdependent Governance Authorities.
  3. MUST include Policies specifying how
    1. any revisions to the GF
    are identified,
    1. will be developed, reviewed, and approved.
    2. How any new versions will be uniquely identified with a DID URL.
  4. SHOULD include at least one public review period for any publicly-available GF that will be available to the public.
  5. SHOULD NOT include any other types of requirements that pertain to governance of the governing authorit(ies). Those should be defined in controlled documents in the Governance Requirements category.

Extensions

This section applies to GFs that permit extensions via the incorporation of other GFs extension GFs (a common feature especially of some ecosystem GFs). It:

  1. MUST state whether the GF can be extended.
  2. MUST specify the requirements an Extension Governance Framework extension GF must meet in order to be approved.
  3. MUST specify the process for an Extension Governance Framework to by which an extension GF can be approved.
  4. MUST define an authoritative mechanism requirements for registration, activation, and activation deactivation of an approved Extension Governance Framework extension GF.
  5. MUST define the requirements for notification of the Trust Community about an approved Extension Governance Frameworkof trust community members about activation or deactivation of an approved extension GF.

Schedule of Controlled Documents 

This is a listing of all Controlled Documents in If controlled documents are included as part of the GF, this section MUST contain an authoritative list of all controlled documents in the GF. It:

  1. MUST include authoritative references to all Controlled Documents all controlled documents in the GF.
  2. MUST identify the exact version of each Controlled Document with each controlled document with a unique, permanent DID or DID URL.
  3. SHOULD include a Web link to each Controlled Document in the Web version of the GFeach controlled documents on the GF website.
  4. SHOULD include a brief description of the purpose and scope of each Controlled Document to each controlled document to make it easy for readers to navigate the GF.

Controlled Documents

Each Controlled Document Each controlled document covers a specific area of the GF. The following sections are categories of Controlled Documents where of controlled documents where each category MAY include zero or more Controlled Documentscontain more than one document. Most (but not all) categories are OPTIONAL.

Glossary

The Glossary This category provides a common basis for terminology. It:

  1. SHOULD be a single Controlled Document (even if it is organized by categories or other heuristics)single controlled document for each applicable language.
  2. SHOULD provide a common reference for all possibly ambiguous terms used throughout the GF.
  3. SHOULD reference the ToIP Glossary—or tagged subset(s) of the ToIP Glossary—for all terms defined therethe ToIP Core Glossary, other relevant ToIP glossary or GF-specific glossary for all relevant terms.
  4. SHOULD conform to standard requirements for  for a glossary, i.e., list all terms alphabetically (by language) for easy reference.
  5. MAY tag terms by category or usage.
  6. MAY specify that terms specific to one Controlled Document are defined in that Controlled Document.

Anchor
risk-assessment
risk-assessment
Risk Assessment

This category includes links to an ISO 27005 (or compatible) risk assessment for managing risk. Controlled Documents in  Controlled documents in this category:

  • SHOULD identify key risks that MAY negatively affect the achievement of the GF's purpose and objectives and objectives within its scope.
  • SHOULD include a Risk Assessment process output that provides an assessment of risk assessment of each key risk that the GF is designed to address and mitigate.
  • SHOULD assess which Roles and Processes roles and processes specified in the GF are vulnerable to each risk and how they are affectedwhat impacts could result.
  • MAY SHOULD include a Risk Treatment Plan (RTP) for risk treatment plan specifying how identified risks are to be treated (e.g. mitigated, avoided, accepted or transferred); however, all risks that are to be mitigated by directives in the GF SHOULD be identified.

Trust Assurance and Certification

This category specifies Policies for Governed Actors be trust criteria for governed parties be held accountable against Requirements of requirements of the GF. Controlled Documents in documents in this category:

  1. SHOULD include a Trust Assurance Framework document that trust assurance framework that defines a scheme in which Roles which governed parties assert compliance with the Policies of policies of the GF and the mechanisms of assurance over those assertions.
  2. SHOULD (if applicable) define the roles of Auditors auditors and Auditor Accreditors auditor accreditors and the directives policies governing their actions.
  3. SHOULD (if applicable) define the roles of Certification Authorities of certifying parties and the Policies governing policies governing their actions and relationships with the Governance Authority, Auditors, and Auditor Accreditorsthe governing authority, auditors and auditor accreditors.
  4. SHOULD (if applicable) include Policies supporting requirements supporting the development, licensure, and usage of one or more Trust Marks trust marks.

Governance Requirements

These are the Requirements for the requirements for governing the GF as a whole. Controlled Documents in  Controlled documents in this category:

  1. MUST specify the primary Governance Authority or all interdependent Governance Authorities (if any).MUST include Controlled Documents that specify Governance Policies for the primary Governance Authority or all interdependent Governance Authorities (governance requirements (e.g., Charter, Bylaws, Operating Rules, etc.)and so on) for:
    1. The governing authority (or all interdependent governing authorities).
    2. The administering authority, if applicable. 
  2. SHOULD address any policies required for antitrust Policies, intellectual property rights (IPR) Policies, confidentiality Policies, responsible use, or other requirements for regulatory compliance policies under which the Trust Community Members agree to operatethat apply to the trust community members.
  3. SHOULD include any Policies governing requirements governing enforcement of the GF and how Dispute Resolution dispute resolution will be handled.

Business Requirements

These are the Polices and/or Rules governing requirements governing the business model(s) and business rules to be followed by the Trust Community. Controlled Documents in trust communityControlled documents in this category:

  1. SHOULD clearly explain the any exchange(s) of value within the Trust Community for which the GF is designedbetween trust community members governed by the GF.
  2. SHOULD define the Policies policies and/or Rules governing rules governing how and when these exchanges of value take place.
  3. SHOULD define the Requirements for requirements for the use of any Rules Engines decision support systems.
  4. SHOULD define how all Trust Community Members trust community members will be held accountable for their actions in these exchanges.
  5. SHOULD define how the Governance Authority and the governing authority, administering authority, and the GF are sustainable under these Rules requirements.

Technical Requirements

These are the Requirements governing technical the requirements governing technical interoperability. Controlled Documents in  Controlled documents in this category:

  1. MUST specify how Members of the Trust Community how trust community members will interoperate technically using the ToIP Technology Stack by reference to ToIP Standard Specifications (TSS).
  2. SHOULD (if necessary) reference one or more specific ToIP Interoperability Profiles (TIPs).
  3. the ToIP technology stack by reference to any relevant ToIP specifications and recommendations.
  4. SHOULD include any additional specifications and/or specification profiles that are specific to the technical interoperability within this trust community.
  5. SHOULD include references one or more glossaries (see Glossary section) as needed.
  6. SHOULD reference any test suites or other testing requirementsSHOULD specify any Specifications that are specific to this Trust Community.

Information Trust Requirements

These are the Requirements governing information security, privacy, availability, confidentiality and processing integrity as these terms are defined by the the requirements in the five categories of trust service criteria defined by the American Institute of Certified Public Accountants (AICPA) Assurance Services Executive Committee (ASEC). These can be addressed by implementing internal controls as defined by the Committee on the Sponsoring Organizations of the Treadway Commission - (COSO) Guidance on Internal Control - Integrated FrameworkControlled Documents in documents in this category:

  1. MUST specify how Members of the Trust Community will ensure the following categories of Information Trustthe baseline requirements for governed parties with regard to:
    1. Information security
    2. Information privacyavailability
    3. Information availabilityprocessing integrity
    4. Information confidentiality
    5. Information processing integrityprivacy
  2. SHOULD specify the relevant Information Trust Policies by information trust policies by reference to:
    1. ToIP Standard Specifications (TSS) specifications and recommendations.
    2. Other regulatory or industry standards.
    3. GF-specific Policies policies.
    4. GF-compliant decision support systems.
    5. Trust Community Membercommunity member-specific Policies policies.
    6. GF-compliant Rules Engines

Inclusion, Equitability, and Accessibility Requirements

These are the Policies governing the requirements governing how the GF enables fair and equal access to all. Controlled Documents in documents in this category:

  1. MUST specify how Members of the Trust Community how trust community members will enable and promote inclusion, equitability, and accessibility by reference to:
    1. ToIP Standard Specifications (TSS) specifications and recommendations.
    2. Other regulatory or industry standards/guidelines.
    3. GF-specific Policies policies.Member-specific Policies
    4. GF-compliant decision support systems.GF-compliant Rules Engines
    5. Trust community member-specific policies.
  2. SHOULD specifically address how the GF is designed to help bridge (or eliminate) the digital divide.

Legal Agreements

This category includes any legal agreements or contracts included specified in the GF. Controlled Documents in  Controlled documents in this category:

  1. MUST include all specified legal agreements or contracts between Members and/or the Governance Authoritybetween trust community members.
  2. SHOULD reference the Glossary GF glossary document(s) for all terms not defined withininternally to the legal agreement.
  3. MUST clearly state the Governed Actors to governed parties to whom these legal agreements apply.
  4. MUST define or reference all relevant accountability and enforcement mechanisms.
  5. SHOULD reference any other relevant Requirements requirements in the balance of the GF.

...