Understand the opportunity to create a governance framework for dual-stack interoperability.
Agenda Items and Notes (including all relevant links)
Time
Agenda Item
Lead
Notes
5 min
Start recording
Welcome & antitrust notice
Introduction of new members
Agenda review
Chairs
Antitrust Policy Notice:Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
New Members:
5 mins
Review of action items from previous meeting
Chairs
5 mins
Announcements
TF Leads
News or events of interest to Governance Stack WG members
polled the auidence before presentation & no one had any awareness of protocol
polled afterwards indicated everyone then saw value in it
Will assemble notes from EIC conference
@Scott presented at the Digital World Conference presented by Information Systems Audit and Control Association (ISACA)
Information systems auditors
Conference had about 1000 attendees
Discussed the journey to get decentralized identity and and verifiable credentials, and talking about audit and accreditation, and the roles that auditors would play
No awareness in the profession of Self-Sovereign Identition (SSI) but believes that's going to change
Had 60 attendees which is pretty good for the last slot of the conference
Schellman colleague presented on auditing blockchains
Schellman now has a formal relationship with Digital Governance Council of Canada
Auditing digital identity standard just released
Potential for other governments outside of Canada to use if it for mutual recognition
Tim Bouma and group are working on getting ISO standard certification
There's a separation of governance from operations & autrhority
It's been easier to sell Governance, verifiable credentials and digital identity when it's presetned as an extension to existing systems, not something completely new
For Decentralized Identification Ecosystem Stakeholders concerned about potential barriers to entry, our new managed service enables your Governance, Risk and Compliance Team to create agile, structured, Lego-like policies and processes to jumpstart adoption.
Furthermore, members can extend it for their needs and share it with their ecosystems, creating growth. And unlike a folder of static PDFs, everyone can benefit from upstream changes, continuously reducing the gap between policies and processes.
Continuous Governance:Stay in sync. Jumpstart adoption.
22:14
Designed to keep governance frameworks, organizational policies, procedures and ecosystems in-sync where the gaps represent risk
Most organizations use MS Word and Excel which is fine if timeliness is good enough
For example, in many jurisdictions demonstrating that you're trying to adhere to privacy laws is good enough
As Timothy Ruff said: "The problem is the solution."
24:05:
As-Is Happy Path writing policies & procedures
Typically a smooth process for those using Word & Excel
25:05
As-Is Not Happy Path
Non-coformance means there's a gap between policies & procedures
Greater the gap, greater the risk
Root cause may be human error executing process, the process itself, the policy governing the process, a change to the framework or, needing a new framework
At this point Word & Excel are not your friends anymore
26:24
Use Case:
Problem: Policies & procedures use the Term/Role Contract Lawyer which is ambiguous with Commercial Lawyer
Solution:
Create a new Term/Role for Commercial Lawyer,
Update Contract Lawyer
Update related policies and procedures
Word & Excel
Use Find/Replace to search through all documents Find all the documents, maybe spreadsheets that may use "Role" because there's no assurance Contract Lawyer was a valid entry. It's unstructured data.
Wholesale changes required. It's like a rewrite.
5 mins
Any other business
5 mins
Review decisions/action items
Planning for next meeting
Chairs
Screenshots/Diagrams (numbered for reference in notes above)
