Meeting in Vienna 20081222
Meeting opened 10:30 Present: Philipp Dunkel, Rasika, iang (minutes). Action points in bold.
- Rasika could be added to internal audit team for now
as -> Internal Audit (test taken 2008 december)
- (unknown when final result is revealed)
- discussion consisted of a working attempt to create a Disaster Recovery plan.
(rasika) created a starter list of BusinessProcesses, following CISA guide.
developed plan from processes as per DisasterRecovery
- see SM
- Redundant versus hot standby
- MySQL has online PUSH?
- (Philipp D) we want hot standby, is already in MySQL? sysadm?
- don't want any software development effort put in ....
- Hot standby machines should exist in the same facility.
- cannot secure elsewhere
- could ask HCC
- for security and reliability: they should be in the same place
- Disaster Level 1: hard
- Disaster Level BIT: BIT is down
- Availability of backups offsite
- Security cannot be ensured for transmission and storage of remote data...
- offsite backups need to be offsite.
- Make it incremental: dailies stay in the same town
- rotate physical backups: new one arrives; send old one to escrow.
- Weekly fedex packages to somewhere...
- recover from next neighbour jurisdiction
- (Rasika) Background Check
- procedure and ruling (recommendation) should be public
- interview, documents should not be public,
- summary of evidence should be in the ruling.
- Arbitrator can rule on the escrow questions of evidence
- New proposal (written by Philipp D) reviewed quickly on laptop screen
- it has been sent to board only so far
- was written in a meeting last week between Philipp D and Philipp G
- Some basic pointers needed
- that is, training + test
ask Ted to set up, start pumping in some questions
- need a legitimacy step for test+questions
- board or policy to be asked to approve at some point
- Go back to board, ask for objections, into SM.
Philipp D: the proposal needs to be distributed, only to board so far
- 4 eyes work in the software development
- today, software development == philipp G
- Philipp wants a governance methodology for SD?
- he may want to provide 4 eyes, in software development
- (PG? PD?) has provided a way to do the software development methodology.
Philipp G is writing up the Software Development
- "define this to the point that you can hand it over to someone else"
- 29th Monday after Xmas
- Assurer Change from Software Development to Sysadms.
- Ted has the patch to switch off the old Assurers
Ask Ted to RESEND it as a patch to Philipp G + Philipp D
- mechanism: is it a patch(1) ?
- Software Development Patch procedure, needs to cover
- sending patches to the sysadms
- receiving patches from the sysadms
- (rasika) this is the role of the media librarian
- Governance as it impacts software development
- Philip D: 4 eyes needed over all support actions
means we don't need so much control on TrustCheck
- Software Development cannot install patches, only Sysadms.
- Must be a handover.
- Review of patches
- Sysadms can review the patch; all source code is PHP, non-black
- Sysadms have the responsibility to do a random check:
- "random" means also to include "all" and "none".
- other people can also check it.
- if a check is done, comment added to code in subversion
- sysadms do not write code: they only add comments!!!!
- sysadms will be kicked out if they fix code
- perhaps make the comments into an ACL-controlled file like README or REVIEW-COMMENTS at top of tree
- Software development does not know which checks are done.
- so, code and patches might be checked at time.
Formal meeting closed 18:30.