Policy Development Kit

Top Level Infrastructure Policy	Description	Target Audience
Top Level Infrastructure Policy	Defines the purpose of a collaborative research environment, the roles and responsibilities of all the participants, and serves to bind all the other policies together. It also allocates terminology with specific definitions.	Service Providers

Top Level Infrastructure Policy

Description

Target Audience

Top Level Infrastructure Policy

Defines the purpose of a collaborative research environment, the roles and responsibilities of all the participants, and serves to bind all the other policies together.

It also allocates terminology with specific definitions.

Service Providers

Operational Security Policies	Description	Target Audience
Service Operational Security Policy	Defines the cyber security requirements for operating a service within the collaborative research environment.	Service Providers
Incident Response Procedure	This procedure applies for any suspected or confirmed security breach with a potential impact on the infrastructure or on other infrastructure participants.	Service Providers

Membership Management Policies	Description	Target Audience
Membership Management	This policy applies to the community manager and other designated community management personnel. It places requirements on communities regarding eligibility, obligations, and the rights of their users. It also governs their relationships with all infrastructures with which they have a usage agreement.	Community Managers and Service Providers
Acceptable Use Policy	The Acceptable Use Policy defines the rules and conditions that govern access to and use (including transmission, processing, and storage of data) of the resources and services.	End Users
Acceptable Authentication Assurance Policy	Documents which identity providers are acceptable for the community and how much certainty is required of the identity.	Service Providers

Membership Management Policies

Description

Target Audience

Membership Management

This policy applies to the community manager and other designated community management personnel. It places requirements on communities regarding eligibility, obligations, and the rights of their users. It also governs their relationships with all infrastructures with which they have a usage agreement.

Community Managers

and

Service Providers

Acceptable Use Policy

The Acceptable Use Policy defines the rules and conditions that govern access to and use (including transmission, processing, and storage of data) of the resources and services.

End Users

Acceptable Authentication Assurance Policy

Documents which identity providers are acceptable for the community and how much certainty is required of the identity.

Service Providers

Data Protection Policies	Description	Target Audience
Policy on Processing Personal Data	Ensures that data collected as a result of the use of the infrastructure is processed fairly and lawfully by infrastructure participants.	Service Providers
Risk Assessment	What are the risks associated with the processing of the person data associated with the identity and access management.	Service Providers
Privacy Policy	Identify what data the community is collecting from users, how it is managed and under what legal basis this data is controlled.	End Users