https://wiki.idesg.org/index.php?action=history&feed=atom&title=September_25%2C_2014_Meeting_PageSeptember 25, 2014 Meeting Page - Revision history2026-04-16T14:37:25ZRevision history for this page on the wikiMediaWiki 1.38.4https://wiki.idesg.org/index.php?title=September_25,_2014_Meeting_Page&diff=7065&oldid=prevOmaerz: 3 revisions imported: Initial Upload of old pages from IDESG Wiki2018-06-28T04:04:06Z<p>3 revisions imported: Initial Upload of old pages from IDESG Wiki</p>
<p><b>New page</b></p><div>==SECURITY COMMITTEE / FUNCTIONAL MODEL MEETING NOTES==<br />
Meeting Date: September 25, 2014<br />
<br /><br />
<br /><br />
'''Attendees'''<br /><br />
*Aaron Guzman<br />
*Adam Madlin<br />
*Adam Migus<br />
*Ann Racuya-Robbins<br />
*Bev Corwin<br />
*Christopher Spottiswoode<br />
*David Temoshok<br />
*Hans Vargas<br />
*Linda Braun<br />
*Martin Smith<br />
*Miguel Ballesteros<br />
*Mike Garcia<br />
*Paul Knight (OASIS)<br />
*Robert Faron<br />
*Ryan Galluzzo<br />
*Sal D’Agostino<br />
*Suzanne Lightman<br />
<br /><br />
'''Meeting Notes'''<br />
*Notes taken by Adam Migus<br />
#Roll call; Quorum determination<br />
#IPR policy reminder - https://www.idecosystem.org/system/files/filedepot/103/IDESG%20IPR%20Policy.pdf <br />
# Administrative<br />
#* Hans (Last Name?) would like to become a member of the Security Committee<br />
# Priorities and Work<br />
#* Requirements is our highest priority<br />
#** At the Plenary we agreed upon a process to create, consolidate and collect feedback on them within the timeframe proposed by IDESG leadership.<br />
#* the next version of the Functional Model seems to be the work that most committee members are interested in working on.<br />
# Functional Model<br />
#* Madman congratulated everyone now that version 1 has been approved by the Plenary<br />
#** we had a brief discussion about how the document will be maintained going forward<br />
#** the security committee will be responsible for the maintenance<br />
#* Now that it’s out we would like to publicize it.<br />
#** Madman will look into how the IDESG can announce it on the website and social media like Twitter<br />
#** Mike said that the NPO plans to publish a post plenary blog and it will talk about the FM approval; he said they'd be happy to cross-reference posts, do retweets or otherwise promote IDESG sourced materials<br />
# Requirements<br />
#* Martin commented that Trust Framework Providers ought to be included in the FM because they need to be accounted for in the requirements<br />
#** Ryan replied that we cover that by way of having governance and accountability in the FM<br />
#** Madman added that the first version of the requirements should focus on the participants of the ecosystem then we can look at the requirements for other layers like governance<br />
#* Ryan walked through the process we agreed upon at the Plenary:<br />
#** Collection period<br />
#** Consolidation period<br />
#** create a questionnaire to be given to the pilots and other would-be implementers<br />
#** A process document that outlines the above to explain how we did what we did.<br />
#* the questionnaire will be designed to get feedback on reasonability, completeness, relation to reality and general feedback such as "would you be willing to self-attest."<br />
#* Sal drew the distinction between the pilots and government agencies vs. the smaller firms without the specialized knowledge and robust controls; we need something that helps with both<br />
#* Adam brought up the broader baseline discussion and the need for clarity about what that means and how it relates to self-attestation<br />
<br /><br />
'''Actions'''<br />
* Madman to add Hans as a member of the security committee<br />
* Madman to seek clarity on the baseline definition from IDESG leadership<br />
<br /><br />
{{FMWGNavBar}}</div>Omaerz