Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Attendees:

Richard Wilsher
Nathan Faut
Rich Furr
Myisha Frazier-McElveen
Scott Shorter
Joe Stuntz
Helen Hill
Patrick Curry

Apologies:
Bill Braithwaite
Joni Brennan

Staff:
Anna Ticktin

NOTES:

1. ADMINISTRATIVE:

  • Roll Call
  • Motion for minutes approval: 22 Feb 2012

http://kantarainitiative.org/confluence/display/idassurance/IAWG+Meeting+Minutes+2012-02-22

2. SAC Restructuring - Richard Wilsher
(See attachment)

Rich Furr questions the "why" of what we are doing when we're trying to certify a service. How do we ensure moving forward that all SACs are met? How do we ensure upstream compliance? Who's responsible for that assurance?

RGW, currently you can't have a stand alone ID proofing solution and seek Kantara certification. With this proposed approach we can be more malleable to the marketplace.

It would be the responsibility of the Secretariat to ensure all mapping checks back 100% to the components of the OP-SAC. We could enhance or request that the language in their paperwork  address previous certifications. It's a huge resource demand to reassess all these individual components at each level.

Patrick suggests a modular approach or an over-arching approach as RGW is proposing which is agreed to be more complex.

Rich: when a full-service provider comes in, who is responsible for ensuring that the entire program's entirety of criteria are met?

Dual components can be "locked" and create a third service. Or you have a situation whereby a fuller service seeks certification but links a few additional previously certified components. In that case the assessor's review of those components would be accepted / mapped in the fuller certification review.

Rich maintains that the components of their CP must be reviewed individually each year.
Myisha summarizes that CSPs applying for certification must ensure that all criteria are met by all sub components.

Rich is concerned that integration does not break any other criteria when (scenario) company A combines with company B+C components.

Action Item 20120321-01 RGW will add text in the rules document to describe what the assessors must do to ensure that components are adequately integrated.
Action Item 20120321-02 Rich Furr will review RGW's responses to SAC comments.

These actions will be re-addressed on next week's call.

3. IAF Document Set Edits---Con'td http://kantarainitiative.org/confluence/display/idassurance/IAF+Document+Set+Edits

4. AOB

  • No labels