Versions Compared

Old Version 25

changes.mady.by.user Scott Perry

Saved on

compared with

New Version 26

changes.mady.by.user Drummond Reed

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This section contains the Policies that apply generally across the entire GF. It:

  1. MUST include a Policy clearly explaining Governance of the GF—specifically how any revisions to the GF are developed and approved.
  2. SHOULD include requirements that apply generally to governance of the entire Trust Community and that guide the development of more specific policies within the Controlled Documents.
  3. SHOULD NOT include any requirements that apply in a specific context addressed by one of the Controlled Documents.
  4. SHOULD be listed within categories making it helpful to understanding their context and intent.

...

The Governance section covers the overall policies for how the GF itself is governed . Itand revised. It does not include Governance Policies for the Governance Authority or interdependent Governance Authorities (those are defined in Controlled Documents in the Governance Rules category). It:

  1. MUST state the full legal identity and contact information for the Governance Authoritythe primary Governance Authority or interdependent Governance Authorities.
  2. MUST refer to a Core Policy clearly explaining include policies specifying overall Governance of the GF—specifically how any revisions to the GF are developed and approved.
  3. MUST include references to any separate Controlled Documents that constitute Governance documents for the Governance Authority (e.g., Charter, Bylaws, Operating Rules, etc.)
  4. SHOULD explain if there are interdependent Governance Authorities and provide a reference to an authoritative listing of such Governance Authorities and their responsibilities.
  5. in the Governance Rules category.

Schedule of Controlled Documents

...

Each Controlled Document covers a specific specialized area of the GF. Each of the following are categories of Controlled Documents where each category MAY include zero or more Controlled Documents.

...

  1. SHOULD identify key risks that MAY negatively affect the achievement of the GF's purpose within its scope
  2. SHOULD include a Risk Assessment process output that provides an assessment of each key risk that the GF is designed to address and mitigate.
  3. SHOULD assess which Roles and Processes are vulnerable to each risk and how they are affected.
  4. SHOULD include a Risk Treatment Plan (RTP) for how identified risks are treated (e.g. mitigated, avoided, accepted or transferred).
  5. SHOULD include a Trust Assurance Framework that defines how Roles MUST assert compliance with the Policies of the GF and the mechanisms of assurance over those assertions.
  6. SHOULD (if applicable) define the roles of Auditors and Auditor Accreditors and the policies governing their actions.
  7. SHOULD (if applicable) define the roles of Certification Authorities and the Policies governing their actions and relationships with the Governance Authority, Auditors, and Auditor Accreditors.

...

These are the Rules for governing the GF as a whole. Controlled Documents in this category:

  1. MUST specify the primary Governance Authority or all interdependent Governance Authorities (if any).
  2. MUST include Controlled Documents that constitute:specify governance policies for the primary Governance Authority operations or all interdependent Governance Authorities (e.g., Charter, Bylaws, Operating Rules, etc.)Each interdependent Governance Authority (e.g., Charter, Rules of Order, etc.)
  3. MUST refer to the Core Policy and (if applicable) detail sub specify the Policies under which Governance Framework documents can be revised.
  4. SHOULD address any intellectual property rights (IPR) and confidentiality policies under which the stakeholders agree to operate.
  5. SHOULD clearly state how such documents work together to define Governance for all components of the GF.

...