SDOs / SSOs you are working with at the moment
I am currently National Mirror Committee lead for Study Group 5 (Interoperability) and Working Group 7 (Governance) for ISO TC307.
Your main field(s) of activity
I have studied the area of Blockchain in a recent MSc. I am working in a Blockchain Start-up QPQ Ltd. I am an active member of the two groups above and was an active participant before and during the recent plenary session in Dublin.
What ICT Challenges are you addressing in the ICT standardisation area?
Governance Traditional approaches to governance of IT, for example as described in ISO/IEC 38500 and ISO/IEC TR 38502, assume that the governing body of a single organization is accountable for the effective, efficient and acceptable use of IT within the organization and is responsible for evaluating plans and proposals, directing policies and strategies and monitoring performance and conformance related to IT. An organization is not necessarily a company, enterprise, or government agency, but is assumed to be well-defined and be upheld by a clear source of authority. Boundaries on the scope and authority of a governing body are normally documented for example in a constitution, charter, or legislation. The implications of governance of an organization from a single high-level perspective flow through to elements of its governance framework. Thus, the defined IT strategy and business plans will be in support of that specific organization’s strategy, the accountability and management systems will be mandated by that organization, and risk management will assess the consequences of risks in terms of their impact to that organization.
How, if implemented will this make a difference in a specific context?
This group addresses the unique aspects of distributed ledger technology systems that warrant the incorporation of specific governance functions and characteristics. As DLT with its nature of being a decentralized peer-to-peer system allows for a large network of computers to continuously agree on certain transactions is already a form or governance system, this report is going to illustrate the necessity of having differentiated view on DLT when it comes to governance in the different types of its appearance. The blockchain achieves a consensus via the build-in consensus mechanism as governance system coded into the DLT system, which is the reason why it is important to apply a lifecycle approach when it comes to DLT & blockchain system governance standardization, taking the design and implementation of a DLT system into account as well as the use and maintenance phase, and finally, the termination.
Are there any best practices that you are aware of that put into practice these challenges described ?
Traditional approaches to governance of IT can be directly applied to specific type of blockchains, although the detailed strategies, policies, and management systems for DLT & blockchain systems may be different to those for conventional systems such as cloud systems or enterprise IT in general. For some types, accountabilities and responsibilities for an entity may arise contractually in a sourcing arrangement, rather than through ownership by a parent organization, but this kind of arrangement is accommodated by conventional approaches to governance of IT. For some, traditional approaches to governance of IT can be effective to the extent that all parties jointly recognize a shared source of authority or governance body for their shared IT infrastructure. However, how to govern a permissionless and public DLT system that is not dominated by a single organization is the area where most work needs to be done and more research is needed.
What future actions or further specifications work would be necessary to undertake within an ICT Standards context?
The agreed DLT & blockchain systems governance lifecycle concept addresses both the inherent risks as well as the interests of DLT participants and stakeholders during the establishment, operation, and termination of a DLT & blockchain system. Governance applied throughout the DLT & blockchain system lifecycle must address challenges manifested by DLT’s unique characteristics, including the distributed nature of multiple ledger systems, as well as the potential lack of a trusted central party (particularly with respect to permissionless public DLT systems). Thus, DLT & blockchain systems governance needs to consider the decision-making rights, incentives structure, and accountabilities over the whole lifecycle to achieve desirable outcomes and behaviors.
I have, with the support and advice of Barry Smith of NSAI been an active participant in two groups and I was actively involved in the in the agreement to bring the Plenary Session to Dublin with Terry Landers.