September 29, 2015 UXC Meeting Page

From IDESG Wiki
Jump to navigation Jump to search

USER EXPERIENCE COMMITTEE MEETING NOTES - draft


Attendees:

  • Mary Hodder
  • David Temoshok
  • Ellen Nadeau
  • Noreen Whysel
  • Linda Braun, Global Inventures


Meeting Notes

  • Mary Hodder led the call. Notes taken by Linda Braun
  • Meeting was called to order at 12:08 p.m. EDT
  • Minutes for September 8, 2015 and September 15, 2015 approved.


Minutes

  • SALS review with David Temoshok
    • FMO sent out latest Requirements and Supplemental Guidance. UXC has been using the UXC guidelines metrics page.
    • At the plenary on Friday, September 25, there was a BOF on the self-assessment program. David went into the detail about how the assessment process and reporting is planned and will be put into place. David suggested at this meeting that he show the SALS documentation. The purpose of the BOF was to lower the level of abstraction for the SALS program. Idea was to go through the work done by the TFTM and to show the SALS initial documentation. The documentation is the package that we want to offer along with the IDEF V1.0 that everyone has been working on. The package will be given to all committees for feedback. The Tampa session presented different recommendations in terms of fees for the listing service, whether membership was going to be required, can partial compliance with the requirements be reported or is it full conformance based. TFTM made recommendations to management council and board as to how the program would be structured. TFTM wasn’t trying to make all the rules for the program; they were making recommendations. The sets of recommendations had not yet been sent to the committees.
    • IDESG won’t be validating the self-assessment information, so there is only a listing service at this time (which provides information), not trust mark at this point. IDESG has gone through IDEF, Supplemental Guidance and have gone through the self-assessment as well.There is a fair amount of commitment from those organizations. The IDESG is not validating the self-assessment information.
    • The committees have put together requirements set up guidelines; all the pieces get pull together and are offered to any entity can go through process and self-reporting process. At that point, there isn’t a trust mark – the trust frame work piece – because we are early in the process. Trust mark and trust frame work will come in V2.0.
    • IDESG will not be using trust mark or trust list at this time. Because the self-assessment itself will be publically posted on the website we should expect the self-assessment information is pretty reliable. Because IDESG is not validating that information, at this stage, it is informational. We will reserve trust mark, trust list, trust framework to V2.0
    • Even though we are not invoking trust mark at this time, anyone who goes through the process – the information they provide is still a fairly revealing. Applicants will be taking this process very seriously.
    • Feedback to TFTM – certification process will hopefully mitigate embellished information organizations submit online i.e., LinkedIn personal profiles are often embellished by individuals. Hopefully, v2 will mitigate this issue. InCommon Federation (higher education) has an assessment program like the one IDESG is building. Their bronze tier is self-attestation. Silver tier includes third party validation. InCommon experience, self-assessment and self-attestation, states a third party assessment would provide greater scrutiny on their own self-assessment and attestations. We hope that the organizations that use the self-assessment IDESG process will take this very seriously. With a third-party feedback, the respondents feel more comfortable.
    • Initial Program Document – focus on service providers – those who will be performing identity services in the identity ecosystem. Includes: SALS Program Overview; SALS Application Package; SALS Data Handling Policy; SALS Data Types and Categorization and SALS Terms of Use.
    • Path A: Conformance Confirmation for those that can fully attest; reconfirm annual and re-assess and confirm every three years. Path B: Status Reporting – assessed entity can attest to full conformance with some, but not all applicable baseline requirements. Submit status report – reports on the status of implementation of baseline requirements where full conformance is not achieved. Submit status reports at least annually to update implementation status.
    • SALS IDESG Self-Assessment Matrix: The matrix shows the entries that the applicants would provide in performing the assessment. Column 1, of the spreadsheet is the number of the baseline requirements. Column 2 is the presentation of the baseline statement. Column 3 is a link to the supplemental guidance that was just approved. Next columns are checkbox for assessors. FULL COMPLIANCE, IMPLEMENTATION UNDERWAY, UNDER CONSTRUCTION, NOT APPLICABLE (CHANGED IN TAMPA: NOT UNDER CONSIDERATION OR NOT APPLICABLE),COMMENTS/ADDITIONAL INFORMATION. This matrix will be submitted back to the IDESG as a PDF file.
    • TFTM tried to make the content correct. UXC could help with language.
    • UXC has our requirements, supplemental guidance and dictionary. UXC is still trying to figure out how to link together the terms used in supplemental to dictionary. We have User Experience Guidelines and Metrics page on the wiki. Meant to help a respondent self-assess. If there are additional UXC metrics pages that UXC wants TFTM to link to, David said they could do that. TFTM would put those links in the comments/additional information column. Third party assessment not included for V1, but definitely needed.
    • Mary asked David to send a draft copy of the draft documents/forms and the presentation so UXC can see how their information could fit in.
  • Next regularly meeting, October 6, 2015.


Adjourn

  • Meeting was adjourned at 1:03 p.m. EDT