2014-06-11 TRAC

From HL7 TSC
Jump to navigation Jump to search

TSC Risk Assessment Committee (TRAC) Agenda/Minutes

back to TRAC page

Meeting Info/Attendees

TRAC Meeting Minutes

Location: call 770-657-9270 using code 985371#
GoToMeeting ID: 889-380-173

Date: Wednesday, 2014-06-11
Time: 10:00 AM U.S. Eastern
Facilitator: Pat Van Dyke Note taker(s): Lynn
Quorum n/a
Chair/CTO Members Members
x Pat Van Dyke x Rick Haddorff Melva Peters
John Quinn x Austin Kreisler x Dave Hamill

Agenda

  • Agenda review and approval - Pat Van Dyke
  • Review minutes of 2014-05-28 TRAC
  • Action Items:
    • Update on Generic WGM Checklist Calendar - Rick
    • Pat will work on developing a straw man for separate criteria for informative ballot reconciliation in 6 months, for example.
    • Melva will re-review the T3F risks and give a first draft on impact and likelihood for review on the next call.
    • Determine tracking metric on three pronged measure for minutes, meeting room requests (app still in beta) and agenda posting - review last cycle's data when Rick and Melva are on the call.
    • Pat will circulate bullet points on WG Balloting combined metric prior to the meeting for review.
  • Review late project submissions with Dave
  • Review the use and definition of the columns in the governance points focusing on the ISM from 20140528 risk spreadsheet
    • precepts for the IP protection issues and address the related risks.
    • Risk identification from recent XSLT vulnerability issue
    • This group might identify the risks and suggest mitigations such as product family- or artifact-specific rules for versioning.
    • Add to spreadsheet tracker the risk mitigations identified:
      • TSC addition of ISM to publication request should be added to a mitigation strategy for an existing risk or create a strategic risk to represent what it is meant to mitigate.
      • US Realm Task Force as mitigation to risk where US Realm does not have authority of an affiliate.
  • TSC referred action:
    • WG Balloting metric: bundling together other PBS metrics measures including balloting in previous cycles, submitting PSS on time and NIBs on time, etc using Ballot quality assessment consideration as a governance point/work group health metric/strategic initiatives dashboard metric. Would measurements from before and after the changed process to disallow a single check box to enroll in all of the ballots be meaningful? Discussion deferred from TSC agenda 6/9.
  • Lynn not available for 6/18 call - who can support?

Minutes

Minutes/Conclusions Reached:

  • Pat convenes 10:02 AM
  • Agenda review and approval - Pat Van Dyke - Melva is not able to join today
  • Review minutes of 2014-05-28 TRAC - cannot meet next Wednesday 6/18 nor the 25th. Approved by general consent
  • Review late project submissions with Dave - there were ZERO late submissions! Pat asks Dave to update his spreadsheet - Lynn suggests he upload it to http://gforge.hl7.org/gf/project/tsc/docman/Architecture/Risk_Assessment/. Dave leaves the call.
    • Do we want to use that format for tracking late NIB submissions? Austin suggests we defer that one cycle as Don is on LOA. It's a manual process for him. Agreed by group.
  • Action Items:
    • Update on Generic WGM Checklist Calendar - Rick
      • He added the hyperlinks to the calendar entries for quick reference.
      • He published online and sent by email as ICS file. It didn't open correctly and would lose color categorization by email. He's still working on other ways to share e.g. Google calendar. You can set up an ID on outlook.com to see it. Lynn suggests checking with Webmaster or ES for suggestions. You might consider adding these to post-cycle MobiApp to see the deadlines for the cycle until the new WGM cycle is uploaded. Austin cautions we are straying into ES territory. This group is to make suggestions to the TSC and they can delegate to ES. We are also doing process improvement and may overlap the PIC work. Pat suggests we take this break point to bring this to those groups to socialize and implement. Pat or Rick will present to ES/Tooling and PIC.
    • Pat will work on developing a straw man for separate criteria for informative ballot reconciliation in 6 months, for example. No update
    • Melva will re-review the T3F risks and give a first draft on impact and likelihood for review on the next call. Melva not on the call.
    • Determine tracking metric on three pronged measure for minutes, meeting room requests (app still in beta) and agenda posting - review last cycle's data when Rick and Melva are on the call.
    • Pat will circulate bullet points on WG Balloting combined metric prior to the meeting for review.
  • Review the use and definition of the columns in the governance points focusing on the ISM from 20140528 risk spreadsheet
    • Risk 243 Lack of consistency in product development and definition with rapid development of products,
      • Austin noted to be US Realm specific. Work coming from the US S&IFramework is partially developed and when they bring it to HL7 it doesn't fit with our existing product lines.
      • Internal vs external example. Having the ISM Matrix available would help those bringing in external work
      • Duplication of line 230 identified; 227, 228, 229, 230 are all related and may be examples of one another and Pat suggests we combine them to have roles identified in a single governance point.
      • Rick suggests 229 be on its own. Austin cites a current example from CBCC that does not involve SDWG. Combine 227 and 230; 228 can be its own also as well as 229. Might combine 226 and 229.
      • Add date column for when the risk was identified yyyymm. Change "Comment" column to include Examples, following Date column
      • Next meeting, focus on developing Governance point for 230 on the Risk Spreadsheet

Adjourned 11:00 AM

  • Work deferred:
    • precepts for the IP protection issues and address the related risks.
    • Risk identification from recent XSLT vulnerability issue
    • This group might identify the risks and suggest mitigations such as product family- or artifact-specific rules for versioning.
    • Add to spreadsheet tracker the risk mitigations identified:
      • TSC addition of ISM to publication request should be added to a mitigation strategy for an existing risk or create a strategic risk to represent what it is meant to mitigate.
      • US Realm Task Force as mitigation to risk where US Realm does not have authority of an affiliate.


Next Steps

Actions (Include Owner, Action Item, and due date)


Next Meeting/Preliminary Agenda Items

© 2014 Health Level Seven® International. All rights reserved