* Case Number: a20130421.1 * Status: init * Claimants: UlrichSchroeter * Respondents: CAcert * Initial Case Manager: AlexRobertson, at 2016-12-08 EvaStöwe disclosed dispute based on DRO decision [[https://community.cacert.org/board/motions.php?motion=m20161119.4|m20161119.4]] and [[https://community.cacert.org/board/motions.php?motion=m20161119.3|m20161119.3]] * Case Manager: name case manager * Arbitrator: name arbitrator * Date of arbitration start: 201Y-MM-DD * Date of ruling: 201Y-MM-DD * Case closed: 201Y-MM-DD * Complaint: Status of Access Engineer team in question * Relief: Plz review current state of Access Engineer team if it fulfills SP requirements. Before: Arbitrator name arbitor (A), Respondent: CAcert (R), Claimant: UlrichSchroeter (C), Case: a20130421.1 == History Log == . 2013-04-29 (issue.c.o) case [[https://issue.cacert.org/otrs/index.pl?Action=AgentZoom&TicketID=220871|s20130427.129]] . 2013-04-29 (iCM): added to wiki, request for CM / A . 2013-04-30 (iCM): further email from (C) == Original Dispute, Discovery (Private Part) (optional) == * '''Link to Arbitration case [[Arbitrations/priv/a20130421.1|a20130421.1 (Private Part)]], Access for (CM) + (A) only)''' ## ==> INCLUDE SECTION BOT <> ## <== INCLUDE SECTION EOT ==== EOT Private Part ==== == Original Dispute == {{{ > > Dear CAcert, > > > > current state of Access Engineer team is quite diverse. > > On the wiki page > > https://wiki.cacert.org/SystemAdministration/Team > > I've edited the documentation of Access Engineer team members while > > trying to find the related Arbitration case numbers and Board motion > > numbers of the Access Engineer team members nomination procedure. > > AE's that are to be bound by SP > > https://svn.cacert.org/CAcert/Policies/SecurityPolicy.html > > Effected SP paragraphs: > > SP 1.1.1 covered personal > > SP 2.3.1. Access Authorisation > > SP 2.3.5. Physical Security codes & devices SP 3.4.2. Special > > Authorisation SP 3.4.4. Removing access SP 9.1.1. Roles and > > responsibilities > > * Access Engineer: responsible for controlling access to hardware, > > and maintaining hardware. > > SP 9.1.2. Staffing levels > > SP 9.1.3. Process of new Team Members SP 9.1.4. Arbitrated > > Background Check - Procedures SP 9.1.4.2. Coverage SP 9.1.4.3. > > Documentation SP 9.1.4.4. Privacy for Critical Roles SP 9.1.5. > > Authorisation > > > > > > SP 3.4.2. Special Authorisation > > Additional or special access is granted according to the > > authorisations on the below access control lists (see §1.1.1): > > List Name Physical Control List > > Who Access Engineers > > Purpose of access control of access by personnel to hardware > > Relationship exclusive of all other roles > > Manager Access team leader > > > > All changes of personnel to the above lists are subject to Board > > approval. > > > > From the Access Engineers team members list under > > https://wiki.cacert.org/SystemAdministration/Team > > I only could find a board motion and an Arbitration case regarding > > Arbitrated Background Check for Stefan Kooman > > > > SP 9.1.3. Process of new Team Members > > New team members need: > > o Recommendation by team leader > > o Arbitrated Background Check ("ABC") > > o Authorisation by Board > > > > For the critical sysadmins, there exist at least a board motion > > https://wiki.cacert.org/EmailBoardDecisionsUpdateFeb2008#m20080608.1 > > https://wiki.cacert.org/EmailBoardDecisions2008-09#m20090202.2 > > https://wiki.cacert.org/EmailBoardDecisionsUpdateFeb2008#m20081006.1 > > but for the Access Engineer team the documentation lacks the ABC > > process and a board motion (!) > > > > From my current PoV, we currently have only one Access Engineer team > > member. This clashes SP 9.1.2. Staffing levels "Each team should > > have a minimum of two members available at any time." > > > > Ok, "should" ... but keep in mind, that before Stefan Kooman has > > been nominated by m20110717.4, probably no Access Engineer was > > nominated before ?!? > > that makes all activities that happened before questionable under SP > > > > There is a link with Oophaga regarding Access Engineer personal in > > the MoU > > > https://svn.cacert.org/CAcert/CAcert_Inc/hosting/CAcert-Oophaga-MoU-Si > gned-20090810.pdf > > (Contact and Access Control) > > but this doesn't release the requirement for a successful conducted > > ABC for team members falling under SP (if SP doesn't clashes the MoU > > contract). > > > > So the relief is: > > Plz review current state of Access Engineer team if it fulfills SP > > requirements. }}} == Discovery == == Ruling == == Execution == == Similiar Cases == ---- . CategoryArbitration . CategoryArbCaseSystemTasks . CategoryArbCaseOthers