First SSAC Organizational Review: Difference between revisions
No edit summary |
No edit summary |
||
Line 49: | Line 49: | ||
After receipt of the IE's final report, the SSAC membership engaged in a self-assessment exercise, resulting in a report to the RWG in June 2009<ref name="wgdraft">[https://www.icann.org/en/system/files/files/ssac-review-wg-draft-report-18sep09-en.pdf SSAC1 - Draft Report of the RWG], September 18, 2009</ref> During [[ICANN 35]] in Sydney, the RWG discussed the final report from JAS as well as the SSAC self-assessment report, and began to formulate proposals for the implementation of improvements recommended in each report.<ref name="wgdraft" /> | After receipt of the IE's final report, the SSAC membership engaged in a self-assessment exercise, resulting in a report to the RWG in June 2009<ref name="wgdraft">[https://www.icann.org/en/system/files/files/ssac-review-wg-draft-report-18sep09-en.pdf SSAC1 - Draft Report of the RWG], September 18, 2009</ref> During [[ICANN 35]] in Sydney, the RWG discussed the final report from JAS as well as the SSAC self-assessment report, and began to formulate proposals for the implementation of improvements recommended in each report.<ref name="wgdraft" /> | ||
In its draft report, the RWG collated the IE's recommendations, the SSAC's response, and the working group's consensus opinion on each recommendation from the IE's final report, as well as the additional recommendations from the SSAC Self-Assessment: | |||
{| class="wikitable" | |||
|- | |||
! Rec. Number(s) | |||
! Recommendation(s) | |||
! SSAC Position | |||
! RWG Conclusion | |||
|- | |||
| IE 1-4 | |||
| 1. Maintain a technical advisory body2. SSAC maintain its identity as an AC to the board3. Do not combine SSAC and RSSAC4. SSAC members should not be required to sign confidentiality agreements or duty of loyalty agreements | |||
| Agree | |||
| Agree | |||
|- | |||
| IE 5 | |||
| Amend SSAC charter to prevent dealings with confidential or proprietary information unless directly guided to do so by the Board | |||
| Disagree - this information is often useful to analyze safety and security issues | |||
| Disagree with recommendation - "SSAC has a legitimate right to ask for access to confidential or proprietary information that is needed to fill its mandate, requests that need to be motivated by appropriate reasons. | |||
|- | |||
| IE 6 | |||
| Amend SSAC charter to exclude involvement with or review of ICANN internal operations except as directed by the Board | |||
| Disagree - "Where contracts or normal employment practices (e.g. the name of an employee who made an error) prohibit disclosure, SSAC should not have special access, but review and access to information on operational function such as root system provisioning and root server operations, these functions should be within SSACís purview." | |||
| SSAC is entitled to advise when it considers that ICANN's internal operations threaten the safety and stability of the DNS. ICANN's internal operations, including IANA functions, should report any security issues, as well as report annually on measures adopted to prevent threats that may be caused by ICANN's operations. Board can share these reports with SSAC as they deem appropriate. | |||
|- | |||
| IE 7 | |||
| Correct the perception of SSAC "independence" through improvements in formality, transparency, and increased Board interaction | |||
| Disagrees that there are perceptions of independence | |||
| No specific measures to be implemented on this recommendation - many subsequent recommendations propose changes to the SSAC's processes & communication | |||
|- | |||
| IE 8 | |||
| Amend SSAC charter to require that the SSAC Chair and the SSAC Board Liaison be different people | |||
| Disagrees with either requiring or prohibiting one person to wear two hats | |||
| Disagrees with recommendation & agrees with SSAC's comment | |||
|- | |||
| IE 9 | |||
| ICANN reimburse expenses for SSAC Chair to travel to meetings when relevant | |||
| Agree | |||
| Agree | |||
|- | |||
| IE 10 | |||
| ICANN Board to investigate the possibility of paying a stipend or honorarium to SSAC chair or members | |||
| Agree | |||
| Agree | |||
|- | |||
| IE 11 | |||
| Amend SSAC charter to specifically include non-technical threats to the security & stability of the DNS | |||
| Disagree - SSAC considers such risks now, but should focus on objective facts | |||
| Disagree - SSAC has shown that it can evaluate the technical impacts of non-technical developments - no need to amend charter | |||
|- | |||
| IE 12 | |||
| SSAC to maintain focus on developing and sharing knowledge of new and evolving risks; specifically avoid tactical involvement in response or mitigation | |||
| Agree | |||
| Agree - no specific implementation steps needed | |||
|- | |||
| IE 13 | |||
| SSAC leadership should improve sensitivity to political and business issues:* provide a "heads-up" when uncomfortable situations might reasonably ensue to avoide "blind-siding" individuals and orgs* recognize that, as an advisory body, SSAC's goal is to provide the best advice possible; there is, however, no requirement for anyone to follow that advice* recognize that ICANN has complex business and contractual relationships that may preclude following SSAC's advice* maintain the value of SSAC's brand by continuing to conduct itself with the utmost professionalism and integrity | |||
| Agree, so long as the proffered advice is understood to be limited to:* avoid blind-siding individuals* recognize that there is no requirement for anyone to follow SSAC advice* SSAC's guidance may conflict with contractual obligations* SSAC must continue to conduct itself with the highest level of professionalism and integrity | |||
| Agrees with the comment formulated by SSAC, and does not consider additional action to be necessary | |||
|- | |||
| IE 14 | |||
| Amend SSAC charter to give guidance to focus on policy and strategic matters, and to avoid tactical operational issues | |||
| Disagree - current charter is adequate on this subject | |||
| Disagree - agrees with SSAC that the current charter makes this distinction | |||
|- | |||
| IE 15 | |||
| In conjunction with the ICANN Board, staff, and public consultation, SSAC should undertake an annual planning process to review the previous year, determine SSAC's research and publication agenda, define membership outreach strategy, and list resource requirements for the coming year. Submit plan to Board for approval | |||
| Agrees with the need for planning, but "it should not be constrained to annual cycles" | |||
| Agrees that SSAC needs to create a lightweight planning process | |||
|- | |||
| IE 16 | |||
| SSAC should keep and publish meeting minutes on its website in a timely fashion | |||
| Agree | |||
| Agree | |||
|- | |||
| IE 17 | |||
| SSAC should endeavor to keep their website current to include work in progress and planned future work | |||
| Agree | |||
| Agree | |||
|- | |||
| IE 18 | |||
| As part of the first annual plan, SSAC should revisit task area one in its charter with ICANN staff (Task area one was: "Develop a security framework for Internet naming and address allocation services that defines the key focus areas, and identifies where the responsibilities for each area lie") | |||
| Task area one should be removed from the charter | |||
| Agree with SSAC's determination to remove task area one | |||
|- | |||
| IE 19-22 | |||
| 19. SSAC should find the best experts globally, without regard to geographic proximity; there should be no artificial geographic quotas in SSAC membership20. Membership terms of three years, renewable by the Board at the recommendation of the SSAC Chair21. No limit on the number of terms an SSAC member may serve22. Stagger SSAC member terms so that approx. 1/3 of the membership is up for renewal each year | |||
| Agree | |||
| Agree | |||
|- | |||
| IE 23 | |||
| SSAC Board Liaison should serve a maximum of three consecutive one-year terms | |||
| Disagree - | |||
| WG believes all Board Liaisons should serve three-year terms, with a maximum of three consecutive terms | |||
|- | |||
| IE 24 | |||
| Article XI of the ICANN Bylaws should be amended to include a mechanism to remove an advisory committee chair or member by a simple majority vote of the Board | |||
| Disagree - the combination of an approval process for candidate members, three-year terms, and renewal at the discretion of the Board and SSAC Chair is adequte. "Any appearance that the board can punish a member of SSAC for leading an unpopular study would undermine credibility." | |||
| WG agrees that protective measures should be put in place to remove a disruptive or under-performing advisory committee chair or member | |||
|- | |||
| IE 25 | |||
| SSAC to implement a policy explicitly stating that the SSAC brand is only to be used on approved work product | |||
| Focus on "branding" is inconsistent with objective fact-finding and advice | |||
| WG considers that SSAC members should specify, whenever appropriate, whether they are speaking on their own behalf, or citing positions taken by the SSAC in work products. | |||
|- | |||
| IE 26-27 | |||
| 26. The SSAC Chair should select, implement, and enforce the regular use of a transparent decision making and documentation strategy fitting of the membership and culture of the SSAC27. The SSAC should formally approve and release all work products pursuant to the chosen decision making and documentation strategy | |||
| Disagree - the formality of quorum, voting, Robertís Rules, recusal, dissent and approval are unnecessary because SSAC is not representational | |||
| Agree - the WG notes that SSAC's position was formulated in response to the draft final report, which contained an excessively formal approach to decision making and documentation processes. The final report proposes improvements that appear consistent with the culture of the SSAC | |||
|- | |||
| IE 28 | |||
| SSAC should formall and visibly adopt a confidentiality policy. Other policies could be used by mutual agreement | |||
| Agree | |||
| Agree | |||
|- | |||
| IE 29 | |||
| Utilize these recommended mechanisms, including the annual planning process, to regularly evaluate SSAC performance against objectives and resource utilization | |||
| Disagree - evaluating performance against objectives is "appropriate for employees, but not volunteer experts often outside the domain-name business" | |||
| WG recommends that the SSAC produce a lightweight, yearly report of activities to the Board; report published as appropriate | |||
|- | |||
| IE 30 | |||
| SSAC should publish simple conflict disclosure forms for each SSAC member on its website. Candidate SSAC members will be required to provide a complete disclosure to the Board prior to appointment to the SSAC, and update disclosures as necessary | |||
| Agree, but SSAC doesn't like signing things and prefers an informal process | |||
| WG agrees with the recommendation and agrees with SSAC's proposed implementation approach | |||
|- | |||
| IE 31-33 | |||
| 31. SSAC work product should include a "Dissents" section, with anonymous or named dissents listed, and "no dissent" if there is full consensus32. SSAC work product should include a "Recusals" section, with anonymous or named recusal listed, and "no recusals" if there were none33. SSAC should develop and publish a conflicts of interest policy based on the ICANN Board policy | |||
| Agree | |||
| Agree | |||
|- | |||
| SSAC 1 | |||
| The SSAC charter should be reconsidered as part of the review process | |||
| | |||
| WG agrees and notes that the standard ToR for organizational reviews presently calls for this | |||
|- | |||
| SSAC 2 | |||
| A membership committee should review individual contributions regarding renewal of terms | |||
| | |||
| WG agrees with this proposal, which is an operational measure aimed to implement IE Recommendations 20 and 21 | |||
|- | |||
| SSAC 3 | |||
| SSAC should (continue to) choose what studies to pursue | |||
| | |||
| SSAC should continue to choose what studies it pursues, being sensitive to the concerns of and issues identified by the ICANN community. The ICANN Board may also task the SSAC | |||
|- | |||
| SSAC 4 | |||
| SSAC should consider which reports to ask ICANN to translate into other languages | |||
| | |||
| WG agrees with this proposal | |||
|- | |||
| SSAC 5 | |||
| SSAC should consider (staffing) a continuous process of feedback from the ICANN community on its work | |||
| | |||
| WG agrees with this proposal | |||
|- | |||
| SSAC 6 | |||
| SSAC should conduct a dedicated meeting annually | |||
| | |||
| WG sees merit in the SSAC developing such a proposal to ICANN | |||
|- | |||
| SSAC 7 | |||
| ICANN's regional liaisons should provide periodic briefings to SSAC members | |||
| | |||
| WG agrees in principle - professional background of liaisons to be considered when defining briefing content | |||
|- | |||
| SSAC 8 | |||
| SSAC should consider maintaining public comments on its documents | |||
| | |||
| WG agrees in principle - but SSAC should not allow public comment periods to delay the delivery of reports | |||
|- | |||
| SSAC 9 | |||
| SSAC Executive Committee minutes should be made available to SSAC members | |||
| | |||
| WG agrees | |||
|} | |||
==References== | ==References== |