...
- Define a unique name for your collaboration (recommend DNS)
- Identify a governance body to make policy decisions
- We strongly suggest (although this is out of scope here)
- Identifying your primary assets
- Completing a risk assessment
- Defining your rules of participation and the escalation procedure in case of non-compliance
- Any additional legal and regulatory compliance
- Define the purpose of your collaboration → this will be used for your AUP
- Define the following 6 policies and seek endorsement from the governance body
- Ensure that the policies are presented to and accepted by the relevant audiences
- Publish your policies at a suitable location
| Document | AARC Template | Examples |
|---|---|---|
| Membership Management Policy | WIP | |
| AUP | WISE AUP | |
| Privacy Policy | X Y Z | |
| AAOPS | Attribute Authority Operational Security | |
| Security Operational Baseline | Security Operational Baseline | |
| Incident response procedure | X Y Z |
...