Search RPD Archives
[rpd] AFPUB-2020-GEN-001-DRAFT01 - Policy Compliance Dashboard
JORDI PALET MARTINEZ
jordi.palet at consulintel.es
Wed Sep 30 11:42:13 UTC 2020
Hi AK, Moses, all,
I will like you to reconsider your decision on this proposal, following CPM 3.5, on the grounds of my responses below, which have already been provided thru previous discussions and I don’t think any of those are valid-objections to the proposal.
See my points below, in-line.
Regards,
Jordi
@jordipalet
5. Policy Compliance Dashboard
The policy proposal seeks to provide a framework or a policy compliance dashboard be developed by AFRINIC and incorporated in myAFRINIC (and future member’s communication platforms). It will allow a periodic review of the policy compliance status of each member. It will also enable members to receive automated notifications for any issue. Staff will receive repeated warnings of lack of compliance or severe violations enshrined in the CPM. However, there are several oppositions to this proposal, such as:
a. This policy seems to be redundant of the status quo as violations are already checked and processed by the human staff.
That's the key human vs. automation. Human verification is costly and inefficient if it can be automated.
b. There is already an existing system of guidelines on keeping track of the violations of members.
The RSA and bylaws have generic provisions. There is nothing against the power of the community to make those more clearly stated. Furthermore this will protect the members against a mistake, which according to the legal bindings today, can call for an immediate resource reclamation.
c. The policy is not binding and does not enforce members actually to follow the rules and not violate policies.
All the policies are binding for all the members. This is clearly stated in the legal documents.
d. Ignorance could be a convenient excuse for violations because one could claim that they never got notified about their violations.
On the other way around, this is the actual status quo. This policy ensures that ignorance can’t be used as an excuse, because it will send alerts and show them also in the member account GUI.
e. There is no comprehensive system on how the board should take proper actions once members violate policies, nor does it give guidelines based on the severity of the violations.
This is on purpose. There are different severity levels, and this even may depend on circumstances, so it is up to the operational details of the implementation, to better detail it, which can be done in consultancy with the community. If the community think the staff is not doing that correctly, then a new proposal can be submitted, but with this proposal we have a starting point at least. Trying to agree on if making a mistake on this or that part of the CPM is more or less severe than doing 3 times wrong this or that, will be and endless discussion and too operational.
f. This policy takes away resources that could be used for more beneficial pursuits to AFRINIC for something existing in the system.
On the other way around. It is clear that automation *saves* resources. The policy doesn’t state *how* or *when* it should be implemented, and it is just fine that the staff defines what parts of the CPM are implemented when and in what order, depending on the availability of the human resources unless the board decides that this is key and should be implemented faster.
g. It an administrative process, and this should be left to staff
Is not. The community has the right to ensure that the policy compliance is monitored in a way that, because it is automated, doesn’t make a difference in how much time the staff has to do that manually and then do it faster for some resource holders than others. Automation makes it quick (no difference among resource holders), human means you do it for each resource holder “when you can”. Trying to make this in a way that is fair for all members by humans, will mean having almost as many staff human resources for each “validation” pass as resource holders. It will also mean that you do a reduced number of “passes” per year, while automation means you can do it every week or month.
Chairs Decision: NO rough Consensus
**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company
This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20200930/392e7030/attachment.html>
More information about the RPD
mailing list