ICANN Reviews
As a public service organization, ICANN's bylaws establish the scope and direction of the organization's mission, commitments, and core values.[1] The Bylaws specify review processes for ICANN and its stakeholder organizations.[2] The review processes are designed to ensure that ICANN is performing its mission in the best way possible.[3] Reviews aim to evaluate the health of the multistakeholder model, ICANN transparency and accountability, organizational effectiveness, and the security and stability of the DNS.[3]
ICANN Review Cycle[edit | edit source]
Specific and Organizational Reviews each follow process models that share a common set of themes and expectations. In each process, the review is planned by a team or work party. In the case of Organizational Reviews, there is then the intervening step of selecting and engaging an Independent Examiner. Then, the review is conducted. Organization Reviews move directly to implementation, while Specific Reviews submit findings and recommendations to the ICANN Board, which then acts on the recommendations. In each case, the implementation of recommendations is refined and improved, and the implemented improvements become standard procedure. The different action phases are laid out below:
Action Phase | Specific Reviews | Organizational Reviews |
---|---|---|
Phase 1 | Assemble a Review Team | Assemble a Working Party |
Phase 2 | Plan Review | Plan Review |
Phase 3 | Conduct Review | Engage Independent Examiner |
Phase 4 | Board Action | Conduct Review |
Phase 5 | Plan Implementation | Plan Implementation |
Phase 6 | Implement Improvements | Implement Improvements |
Phase 7 | New Standard Operating Procedure | New Standard Operating Procedure |
Specific Reviews[edit | edit source]
History[edit | edit source]
ICANN's operations are subject to periodic Specific Reviews, enumerated in Article 4.6 of the bylaws.[4] These reviews are the result of ICANN's 2009 Affirmation of Commitments (AoC) with the United States Department of Commerce. Prior to 2016, specific reviews were conducted to fulfill ICANN's promise to review its performance relative to the commitments contained in the AoC. the bylaws were amended in October 2016 to incorporate the commitments and the review process described in the AoC into the bylaws as Article 4.6.[5] The specific reviews address adherence to the following commitments:
- Accountability and Transparency (ATRT) - focused on ICANN operations[6]
- Security, Stability, & Resiliency (SSR) - focused on the DNS[7]
- Registration Directory Service (RDS/WHOIS) - focused on registration data and public access to registration information[8]
- Competition, Consumer Trust, and Consumer Choice (CCT) - ushered in as part of the New gTLD Program, this review is focused on the domain marketplace and the experience of registrants and other consumers[9]
Timing & Process[edit | edit source]
ATRT, SSR, and RDS/WHOIS reviews must take place periodically, and no more than five years after the last review team was convened[10] A CCT review is initiated one year after the launch of a New gTLD application round.[10]
Review teams typically include members, observers, and/or liaisons from stakeholder groups, supporting organizations and advisory committees.[10] The review process timeline runs between three to nearly five years, and involves multiple opportunities for participation, public comment, and deliberation among stakeholders.[11]
Organizational Reviews[edit | edit source]
Each supporting organization and advisory committee, as well as the Nominating Committee is periodically reviewed pursuant to Article 4.4 of the Bylaws.[12] The GAC is exempted from Article 4.4, although it is charged to implement and deploy its own review processes.[13]
History[edit | edit source]
Article 4.4 was first added to the ICANN Bylaws in December 2002, following the 2002 Evolution and Reform Process.[14]. As originally formulated, Article 4.4 posed two questions for review: "(i) whether that organization has a continuing purpose in the ICANN structure, and (ii) if so, whether any change in structure or operations is desirable to improve its effectiveness."[14] In October 2016, Article 4 was revised to include specific reviews, and at that time Article 4.4 was amended to include the third foundational question of organizational reviews: "(iii) whether that organization, council or committee is accountable to its constituencies, stakeholder groups, organizations and other stakeholders."[15] Article 4.4 has remained functionally unchanged since its revision in 2016.
Timing & Process[edit | edit source]
The bylaws state that organizational reviews should take place no more than five years from the submission of the final report of the last review to the ICANN Board. However, that requirement is flexible, and "based on feasibility as determined by the Board."[13]
An Independent Examiner is contracted to perform the fact finding, assessment, reporting, and recommendations of the review process. The examiner is selected through a competitive bid process.[16] The review timeline for organization reviews can stretch between three to five years.[12] Like specific reviews, the process has multiple stages of public comment, as well as interaction and comment between the organization being reviewed and the Independent Examiner.[16]
Board Review[edit | edit source]
During the initiation of the first round of organizational reviews, the ICANN Board determined that it would be good for the organization if it also participated in a review process under the organizational review model. The ICANN Board Review occurred between 2007 and 2010, but was not repeated.[17] The Structural Improvements Committee (now known as the Organizational Effectiveness Committee) was tasked with presenting a set of actions and improvements based on the report of the board review working group.[18] Other mechanisms exist for review of the board, as well as the review of board decisions, within the ICANN Bylaws.[19]
Technical Liaison Group Review[edit | edit source]
As with the Article 4-style ICANN Board review, the board determined during the first round of organizational reviews that it would be beneficial if the Technical Liaison Group engaged in an organizational review process.[20] The Technical Liaison Group Review was initiated by the board at ICANN 37 in Nairobi in March 2010,[21] and continued through 2011.[20] As with ICANN Board review, the experiment was not repeated.
Past Reviews[edit | edit source]
Specific Reviews[edit | edit source]
Review Type & Number | Status | Date Initiated | Date Completed | ICANNWiki Page | Documents |
---|---|---|---|---|---|
CCT #1 | Implementation Phase | October 1, 2015 | CCT1 | CCT1 Final Report - PDF | |
ATRT #1 | Complete | January 11, 2010 | January 29, 2013 | ATRT1 | ATRT1 Final Report - PDF ATRT1 Implementation Report - PDF |
ATRT #2 | Complete | October 5, 2012 | December 31, 2015 | ATRT2 | ATRT1 Final Report - PDF ATRT2 Implementation Report - PDF |
ATRT #3 | Implementation Phase | January 31, 2017 | ATRT3 | ATRT3 Final Report | |
RDS/WHOIS #1 | Complete | June 1, 2010 | December 31, 2015 | RDS1 | RDS1 Final Report (PDF) RDS1 Implementation Report (PDF) |
RDS/WHOIS #2 | Implementation Phase | October 28, 2016 | RDS2 | RDS2 Final Report (PDF) | |
SSR #1 | Complete | June 1, 2010 | December 31, 2015 | SSR1 | SSR1 Final Report (PDF) SSR1 Implementation Report (PDF) |
SSR #2 | Awaiting Board Action | June 30, 2016 | SSR2 | SSR2 Final Report (PDF) |
Organizational Reviews[edit | edit source]
Efforts to Improve & Streamline the Review Process[edit | edit source]
2014-15 Standardization Efforts[edit | edit source]
"Audit" Approach and First Steps[edit | edit source]
At the beginning of 2014, the Structural Improvements Committee (SIC) (as it was named at the time) investigated the possibility of unifying the process for Article 4 reviews, so that each review, regardless of organization, followed a predictable path. The proposal from the chair included the adoption of an "audit" approach to reviews:
The Chair discussed elements of different types of audits (outcome, structural and process element audits), and how they may be used to assist the overall effectiveness of the organization. The SIC considered potential elements of an audit or review mechanism, including the methods and tools, and qualitative and quantitative metrics. The Chair noted that the outputs could be fed into the work of other Board committees, such as the Audit Committee or the Risk Committee. The members of the SIC discussed whether the proposed approach would overlap with the overall organizational assessment that is part of the ATRT review. The SIC also discussed the implications of using the term "audit" to identify the structural review, and discussed the importance of ensuring that any review (or "audit") meets the requirements in the Bylaws.[22]
Committee members expressed some concern about the term "audit," which in both definition and practice is distinct from a "review,"[23] and noted that any review/audit process must comply with the ICANN Bylaws. Committee members also noted community concerns about the number of reviews underway.[22]
Impact on GNSO2[edit | edit source]
The introduction of the "audit" concept coincided with the initiation of the Second GNSO Organizational Review, and appears to have influenced the scope described in the RFP for that review. Notably, there is no indication that the ICANN Board reviewed or approved a Terms of Reference document regarding GNSO2.[24] In March 2014, both the "audit" concept and GNSO2 were on the agenda at the SIC meeting.[25] Although the term "audit" had disappeared, the discussion of a "review accountability framework" included similar categories to those discussed in February: "process reviews, process element reviews, outcome reviews, and structure reviews."[25] ICANN staff was directed to:
provide a comprehensive view of how the different review mechanisms correlate and what assurances they provide; identify standards and criteria used by the previous review; and identify opportunities to streamline review mechanisms and processes for increased efficiency and effectiveness.[25]
In the discussion of GNSO2, meanwhile, the presentation emphasized the intentionally limited scope and process of the review, echoing comments made in concurrent presentations to the GNSO and the public.[25] In particular, GNSO2 would ignore the first question of Article 4.4 - whether the GNSO served a continuing purpose in the ICANN structure.[26]
Shift from "Audit" to "Unified Approach"[edit | edit source]
At the June meeting of the SIC, a representative from Moss Adams provided a report on their engagement to conduct an inventory and mapping of reviews with ICANN and their existing processes, for the following purposes: "(a) to identify how the different review mechanisms correlate and what assurances they provide; (b) to identify standards and criteria used by prior reviews; and (c) to identify gaps and/or redundancies between the reviews."[27] While efficiency concerns were an aspect of the Moss Adams study, the primary thrust was now compliance with the requirements of the bylaws, and establishing baseline operational standards for past reviews.
At the SIC meeting in October 2014, staff presented the outcomes of the study:
Staff provided the SIC with an update on the inventory and mapping of the reviews within ICANN performed by Moss Adams. The purpose of the report is to identify gaps, overlaps and dependencies within the structural reviews and Affirmation of Commitments reviews. A few recommendations were provided, including development of overall review management procedures and centralized tracking, as well as development of primers for independent examiners to allow for greater consistency.[28] Staff was instructed to generate topic areas for discussion, as well as a plan for productively engaging those topic areas at the next SIC meeting.[28]
In February 2015, staff proposed three "buckets" for discussion and potential improvements to the SIC: "process improvements, oversight and coordination, and a more strategic look at the "structures" within ICANN as a whole."[29] Staff was instructed to begin work on policy and procedures documents, as well as a tracking model, with an eye toward standardization of process across Article 4 reviews.[29] Also in February, at ICANN 52, the schedule for both the "Affirmation of Commitments" reviews and organizational reviews was discussed, along with the ongoing efforts to bring standardization to the review process.[30]
Process Improvement Options at ICANN 53[edit | edit source]
After a particularly full agenda precluded discussion in April, the committee next addressed the review framework at ICANN 53 in Buenos Aires. At the SIC meeting during ICANN 53, staff proposed several areas for potential process improvements:
- Standard Review Process and Methodology
- Relevance to Each Organization
- Adoption and Application of Standards
- Increased Effectiveness and Impact
- Creating Alternate Process for Strategic Reviews[31] The other buckets - oversight and holistic approaches to ICANN's structural issues - were wrapped into the ICANN 53 session on review efficiencies, and a public comment period was still open at the time of the meeting.[31] Public comments on issues surrounding reviews were wide-ranging, but it is notable that multiple commenters objected to the exclusion of structural considerations from the GNSO2 review.[32]
Proceeses Proposed, Attention Wanes[edit | edit source]
In September 2015, the newly-renamed Organizational Effectiveness Committee acknowledged that lessons learned from the last series of reviews could be refined into process improvements applicable to all reviews within ICANN.[33] The discussion and commitment to engage in such refinemnent appeared to mark the end of work in regards to the "process improvements" bucket.
With regard to a "review framework," the October 2015 meeting of the OEC resulted in the following two-phase plan:
Phase 1: Systematization of Reviews, based on current mandates
- Document the process of conducting Reviews, based on current practices and lessons learned from recent Reviews
- Incorporate applicable and relevant standards derived from industry best practices and standards, such as Project Management (Project Management Institute) and Organizational Excellence (EFQM Excellence Model)
- Socialize and implement systemization
Phase 2: Future of Reviews in the post-transition ICANN
- In alignment with the direction of CCWG-Accountability and other related proposals impacting Reviews, identify key questions for consideration of the future of Reviews as a significant accountability mechanism
- OEC discussion
- Develop next steps as appropriate[34]
2019 Operating Standards Updates[edit | edit source]
Both the ICANN Board and ICANN staff have recently been engaged in efforts to improve the review process for both specific and organizational reviews. In 2019, the Board issued new Operating Standards for Specific Reviews[35] [36] In addition, ICANN staff drafted a process proposal for streamlining organizational reviews in April 2019.[37] Public comments on the proposal addressed a much broader range of challenges and difficulties than the proposed streamlining measures.[38]
The Board and staff of ICANN continue to address the issues raised during public comment processes, public meetings, and other communications related to the efficiency and timing of reviews.[39] In November 2019, Lars Hoffman presented at ICANN 66 on the topic of improving the effectiveness of review recommendations and their implementation.[40]
References[edit | edit source]
- ↑ ICANN Bylaws, Article 1
- ↑ ICANN Bylaws - Articles 4.4-4.6
- ↑ 3.0 3.1 ICANN.org - Review Dashboard
- ↑ ICANN.org - Specific (Article 4.6) Reviews
- ↑ [https://www.icann.org/resources/pages/bylaws-2016-09-30-en#article4 ICANN.org Archive - Bylaws as adopted October 1, 2016
- ↑ ICANN.org - Accountability & Transparency Review
- ↑ ICANN.org - Security, Stability, & Resiliency Review
- ↑ ICANN.org - Registration Directory Service Review
- ↑ ICANN.org - Competition, Consumer Trust, and Consumer Choice
- ↑ 10.0 10.1 10.2 ICANN Bylaws, Article 4.6
- ↑ ICANN.org - Specific Reviews Process Flowchart, August 31, 2017 (PDF)
- ↑ 12.0 12.1 ICANN.org - Organizational Reviews
- ↑ 13.0 13.1 ICANN Bylaws, Article 4.4
- ↑ 14.0 14.1 [https://www.icann.org/resources/unthemed-pages/bylaws-2002-12-15-en#IV ICANN.org Archive - Bylaws as amended December 15, 2002
- ↑ ICANN.org Archive - Bylaws as amended October 1, 2016
- ↑ 16.0 16.1 ICANN.org - Organizational Review Process Flowchart, August 31, 2017 (PDF)
- ↑ ICANN Board Review Dashboard
- ↑ Resolution of the Board, June 25, 2010
- ↑ Article 4 provides for review mechanisms for board actions; Article 5 establishes the Ombudsman's office.
- ↑ 20.0 20.1 TLG Review Dashboard, last updated August 25, 2011
- ↑ Resolution of the Board, March 12, 2010
- ↑ 22.0 22.1 Meeting Minutes, Structural Improvements Committee, February 6, 2014
- ↑ See e.g. the Government Accountability Office's "Audit and Evaluation: Is there a difference?" - October 6, 1980
- ↑ GNSO Organizational Review Dashboard (Note that GNSO2 was "initiated" and a "Terms of Reference approved" by the board, with no citation to a source document or to meeting minutes.)
- ↑ 25.0 25.1 25.2 25.3 Meeting Minutes, Structural Improvement Committee, March 21, 2014
- ↑ For more background, see ICANNWiki's article on the Second GNSO Organizational Review
- ↑ Meeting Minutes, Structural Improvement Committee, June 20, 2014
- ↑ 28.0 28.1 Meeting Minutes, Structural Improvements Committee, October 12, 2014
- ↑ 29.0 29.1 Meeting Minutes, Structural Improvement Committee, February 6, 2015
- ↑ AoC and Organizational Reviews: Supporting ICANN Accountability, ICANN 52, February 9, 2015
- ↑ 31.0 31.1 Meeting Minutes, Structural Improvements Committee, June 19, 2015
- ↑ Staff Report on Public Comment Proceeding - AoC and Org Reviews, August 5, 2015
- ↑ Meeting Minutes, Organizational Effectiveness Committee, September 28, 2015
- ↑ Meeting Minutes, Organizational Effectiveness Committee, October 17, 2015
- ↑ ICANN.org Blog - Operating Standards: Guiding ICANN's Specific Reviews, July 8, 2019
- ↑ ICANN Operating Standards - Specific Reviews, June 23, 2019 (PDF)
- ↑ ICANN.org - Public Comment Archive, Process Proposal for Streamlining Organization Reviews, April 30, 2019
- ↑ Staff Report on Public Comment Process, July 30, 2019
- ↑ ICANN Blog - Enhancing and Streamlining ICANN's Reviews: Issues, Approaches, and Next Steps, October 31, 2019
- ↑ ICANN 66 Archive - Enhancing the Effectiveness of Review Recommendations, November 4, 2019 (registration with ICANN.org required)