[Ssr2-review] Please prepare for the plenary call on Thursday

[Boban Krsic]

Hi Alain, all,

On 01.11.18 09:36, ALAIN AINA wrote:

> Most of the impact of the implementation  in my opinion  are to be investigated in strategic objectives and their implementation through activities portfolio throughout the years. We  shall measure the impact from the  KPI and deliverable in the OP, Annual report and  also  how SSR inputs and influences the strategic/ operation plannings and  the prioritisation of the activities and projects. Engage with Staff, board and any other affected parties or constituencies by the recommendations.

That sounds really good and reasonable, but I doubt that we can do it on
a voluntary basis in this form.

I also see that the evaluation of the implementation status of
individual recommendations has only included a handful of evidences.

Let's take the example of strategic planning and the risks assessment we
discussed in this context. Until this workshop in Barcelona, we
obviously had not previously reviewed the strategic planning document
https://www.icann.org/en/system/files/files/strategic-plan-2016-2020-10oct14-en.pdf
- otherwise we would know that strategic risks were being considered in
this context.

I don't expect - and in my opinion nobody can - that we know everything
and have to know where something is written. But IMHO there has to be an
in-depth review, either through evidence (in form of available
documents) or through interviews with SME's.

Based on the above-mentioned facts, I also find it difficult to conclude
at end, that most of the 28 recommendations are still not implemented.

Which brings me back to the question, should we not use external
resources more within the review? I would like to hear from all
RT-members their own point of view on this. So, how do you see it? Are
you satisfied with the result of the review of SSR1 recommendations and
can you stand for the conclusion?

> On the specifics. 
> 
> For example we claimed that definition of security  in the registry agreement differs from the one  published in  the SSR framework, added to the ICANN glossary and supposed to be used in all materials.
> 
> But, section 7.3  of the registry agreement does not define “security”,  or “stability” but define  what “effect  on them mean or refer to"
> 
> ======
> 
> (a)                          For the purposes of this Agreement, an effect on “Security” shall mean
> 
> (1) the unauthorized disclosure, alteration, insertion or destruction of registry data, or (2) the unauthorized access to or disclosure of information or resources on the Internet by systems operating in accordance with all applicable standards.
>  
> 
> (b)                         For purposes of this Agreement, an effect on “Stability” shall refer to
> 
> (1) lack of compliance with applicable relevant standards that are authoritative and published by a well-established and recognized Internet standards body, such as the
> 
> =======
> So using this example to justify a breach in the implementation of  the recommendation is not appropriate in my opinion.


I had already mentioned this in Barcelona and I will still agree with
you. We should give everyone - and especially ICANN's legal department
when it comes to drafting contracts - the option of interpreting and
refining a definition for or in a particular context. Maybe we can
include this in the analysis as an observation.


Best regards

	- Boban.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 529 bytes
Desc: OpenPGP digital signature
URL: <http://mm.icann.org/pipermail/ssr2-review/attachments/20181101/398e0917/signature.asc>