[Icp2-review] Artice 3 : Recognition, Audit and emergency continuity

[Amin Dayekh]

Hi, My Suggestions for Article 3

Article 3: Recognition

Add new paragraph (g):

(g) Anti-Capture, Resilience and Continuity. The Candidate RIR must
demonstrate documented and tested Anti-Capture, Continuity, and Resilience
policies meeting Section 4.1(t), including verified plans for maintaining
essential registry and governance functions during crises. Evidence of such
policies and successful tests shall form part of the Recognition audit.

suggestion to add

*4.1(t) Anti-Capture, Resilience and Continuity Governance*

(i) Each RIR shall adopt, maintain, and annually test Anti-Capture,
Continuity, and Resilience Policies to ensure essential operational and
governance functions continue without paralysis or material degradation
under emergency conditions.

(ii) Policies shall include: an anti-capture Plan, A business-continuity
plan for registry and critical systems; crisis-governance procedures for
remote decision-making; succession procedures for key officers and board
members; disaster-recovery objectives with defined RTO/RPO; annual testing
with a public report within 30 days; and independent verification during
Recognition or audit.

(iii) Results of tests and remedial actions shall appear in the audit
summary under 4.2.
(iv) Failure to maintain or test these policies is material non-compliance
subject to corrective action under audit procedures.


*4.2 Audit *
Audits shall verify compliance with this Document, including the
Anti-Capture, Resilience, and Continuity Governance obligations of Section
4.1(t). A summary report after each audit shall be published by ICANN.


*Article 5 Emergency Continuity*

*5.1 (e) and (f) Non-Disruption Guarantee*

(e) During any Recognition Review or Audit process and until a Recognized
successor or Emergency Operator is verified, RIR Services to compliant
Resource Holders shall continue without interruption. No RIR, ICANN, or
Emergency Operator shall degrade or suspend services except as required by
law or Global Policy.

(f) Registry (RDAP/WHOIS), RPKI, IRR, and member-portal functions shall be
maintained at or above defined SLOs; any transition must be hot-cut with
integrity validation and public status updates.


*Amin Dayekh*

****************************************************************************************
This email and any attachment (s) transmitted with it are confidential. They
may also be privileged or otherwise protected by law. They are intended
solely for the use of the individual or entity to whom they are addressed. If
you have received this email by error, please notify the sender immediately
by e-mail and delete this e-mail from your system. You are also notified that
disclosing, copying, distributing, or taking any action in relation to
its contents
is strictly prohibited and unlawful. By reading the message and opening
any attachment, the recipient accepts full responsibility for taking protective
and remedial action about viruses and other defects.
****************************************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/icp2-review/attachments/20251029/6ebae438/attachment-0001.html>