Second Security, Stability, and Resiliency Review: Difference between revisions

Jessica (talk | contribs)
No edit summary
Jessica (talk | contribs)
No edit summary
Line 134: Line 134:
|-
|-
| Rejected b/c the Board cannot approve the recommendation in full
| Rejected b/c the Board cannot approve the recommendation in full
| 8.1: ICANN Org should commission a negotiating team that includes abuse and security experts to represent the interests of noncontracted parties during renegotiation of agreements with contracted parties
| 8.1: ICANN Org should commission a negotiating team that includes abuse and security experts to represent the interests of noncontracted parties during the renegotiation of agreements with contracted parties
| That's not how ICANN's contracts work. Although the community has expressed concerns regarding how agreements are negotiated & renegotiated, ICANN org represents the global public interest in its contract negotiations, and not a particular group of stakeholders. Also impossible under the current [[Registry Agreement]] and [[Registrar Accreditation Agreement]]<br />
| That's not how ICANN's contracts work. Although the community has expressed concerns regarding how agreements are negotiated & renegotiated, ICANN org represents the global public interest in its contract negotiations, and not a particular group of stakeholders. Also impossible under the current [[Registry Agreement]] and [[Registrar Accreditation Agreement]]<br />
| Rejected
| Rejected
Line 290: Line 290:


In December 2021, ICANN org submitted its first series of clarifying questions to the implementation shepherds listserv.<ref name="decemail">[https://mm.icann.org/pipermail/ssr2-implementation-shepherds/2021-December/000017.html Email to SSR2 Implementation Shepherds: 'Pending/Likely to Be Approved' Recommendations - Clarifying Questions], December 7, 2021</ref> The questions dealt with the recommendations in the "Pending - Likely to be Approved" category, and sought clarification based on the scorecard assessments and board rationales for those recommendations.<ref>[https://mm.icann.org/pipermail/ssr2-implementation-shepherds/attachments/20211207/489d314e/SSR2ISESQuestions-Group1-Likelytobeapproved-Final-0001.pdf SSR2 Questions - Group 1: Pending/Likely to be Approved], December 7, 2021 (PDF)</ref> ICANN org hoped to receive answers to these questions by January 14, 2022<ref name="decemail" />
In December 2021, ICANN org submitted its first series of clarifying questions to the implementation shepherds listserv.<ref name="decemail">[https://mm.icann.org/pipermail/ssr2-implementation-shepherds/2021-December/000017.html Email to SSR2 Implementation Shepherds: 'Pending/Likely to Be Approved' Recommendations - Clarifying Questions], December 7, 2021</ref> The questions dealt with the recommendations in the "Pending - Likely to be Approved" category, and sought clarification based on the scorecard assessments and board rationales for those recommendations.<ref>[https://mm.icann.org/pipermail/ssr2-implementation-shepherds/attachments/20211207/489d314e/SSR2ISESQuestions-Group1-Likelytobeapproved-Final-0001.pdf SSR2 Questions - Group 1: Pending/Likely to be Approved], December 7, 2021 (PDF)</ref> ICANN org hoped to receive answers to these questions by January 14, 2022<ref name="decemail" />
==Implementation==
By April 2023, the [[ICANN Board]] had deemed 11 of the 23 recommendations complete based on whether the recommendation was fully or partially implemented, the level of community input and involvement, and whether more work was needed. Recommendations 3.2 and 3.3 on budgeting and transparency were complete based on the existing transparency and public comment framework for the organization's planning and budgeting cycle. Recommendation 4.1 on risk management was implemented with ICANN Org’s risk management policies, plans, and programs. Recommendations 7.1, 7.2, and 7.3 on business continuity and disaster recovery plans were considered implemented with ICANN org's existing approach and policies. Recommendation 9.1 was complete as its success measures align with [[Contractual Compliance]]’s existing work. To implement Recommendation 16.1, which required cross-referencing ICANN org to streamline information and improve access to privacy and data stewardship, ICANN org reviewed www.icann.org for updates and internal alignments needed. 
Recommendation 24.1 was complete with the inclusion of provisions in ICANN org's agreements with [[EBERO]] service providers allowing for annual EBERO readiness exercises. Recommendation 24.2 was completed when ICANN Org linked to the Common Transition Process Manual on ICANN org’s EBERO webpage.<ref>[https://www.icann.org/en/system/files/files/specific-reviews-q1-2023-report-31mar23-en.pdf Q1 2023 Specific Reviews Report, ICANN Files]</ref>


==References==
==References==