...
- Identify key actors in Blueprint Architecture (Membership Manager, Proxy Operator, etc)
- Identify Policies Required for Compliance with Snctfi
- Identify Example Policies from other infrastructures to serve as inspiration
- Produce a training module to enable Research Communities to have a basic starter pack for policies
- Introduce the concept of frameworks and policies, why are they important
- Introduce Snctfi
- Encourage RC actors to make policy decisions (e.g. log retention, minimum assurance etc)
- Translate those decisions into policy templates
- Q & A
- Place templates on the AARC Website and produce an AARC Guideline document that links to each piece
Assumptions
- RCs/Infrastructures may not have a security focussed person, could just be a PI. Definitely can't assume CSIRT body
- Those using this policy pack are following the AARC blueprint
...
Action | Status | Who |
---|---|---|
Reword "Research Community" to Infrastructure | Hannah | |
IR Procedure Template | Hannah | |
AUP Template | Ian | |
Membership Management Template | Uros | |
CoCov2 Privacy Policy Template | Hannah | |
Check whether CoCov2 can be our "policy" | Uros | |
Send an update to Irina | Hannah | |
Consider DPIA | Uros | |
Put on AARC Website in a modular format | ... | |
Ask David about RAF and Assurance Profiles | Uros |