Compliance Committee: Difference between revisions
Joe.andrieu (talk | contribs) m (typo) |
No edit summary |
||
Line 2: | Line 2: | ||
'''Create and oversee VRM compliance program''' | '''Create and oversee VRM compliance program''' | ||
Our proposal is that: | |||
This is a | 1) We develop a series of statements of good/ best practice in the areas that define VRM (see below *), build those into a process through which organisations can be assessed on a five point scale. Each statement would have to be 'owned' by a VRM expert and would include: | ||
- the statement itself | |||
- 5 answer options (ranging from 'never heard of this practice = 0 to 'yes we do this and can prove it' = 100%) | |||
- detailed compliance text explaining the practice and issues around it in detail | |||
* VRM practices could be clustered, for example, into: | |||
- Individual (user)-centrism | |||
- ability to generate a 'win-win' for buyer and seller | |||
- approach to personal information (portability etc) | |||
- use of open standards | |||
- overall transparency of service offering | |||
This would allow a 'VRM index' score to be generated at overall level, for each subject area, and for each individual practice. These scores then drive compliance (e.g. scores below 35% are non-compliant, scores below 65% are 'pending and scores 65 and above are compliant). They also drive benchmarking, i.e. to what extent is my application VRM compliant, which in turn drives improvement activity and the consulting/ services activities that go along with that. | |||
The score also becomes a published reputation with a reputation/ compliance mark provided. We'd run a white list (VRM compliant) and a black list (were compliant but are no longer so) with the bit in between being 'pending assessment'. | |||
An example of the above can be seen at my hobby-horse site, the Trust Index. If you are happy to go down the route that Brett and I propose I am happy that The Trust Index be absorbed into VRM benchmarking (some of the dimensions are relevant as is the assessment infrastructure), or at worst learned from. | |||
2) We establish an entity that owns the VRM Compliance and Benchmarking Program, which could be Berkman, could be hosted by the Liberty Alliance or could be a new entity. This is a key step and obviously feeds into the VRM Organisation work stream. | |||
3) We make the VRM Compliance/ Benchmarking assessment available in two forms. | |||
a) a face to face assessment of large organisations which we'd outsource to organisations which specialise in assessing and from which the entity above would earn revenues (a % of the assessment charge). | |||
b) a 'lite touch' self-assessment variant typically for smaller businesses/ non-profits. | |||
4) Over time, and as VRM applications and standards emerge, we develop a complementary technical compliance program in which applications are physically tested to ensure compliance to a specific, pre-agreed technical standard. | |||
Hope that helps give a flavour of what we have in mind. |
Revision as of 15:58, 30 March 2008
The objective of the Compliance Committee is to Create and oversee VRM compliance program
Our proposal is that:
1) We develop a series of statements of good/ best practice in the areas that define VRM (see below *), build those into a process through which organisations can be assessed on a five point scale. Each statement would have to be 'owned' by a VRM expert and would include:
- the statement itself - 5 answer options (ranging from 'never heard of this practice = 0 to 'yes we do this and can prove it' = 100%) - detailed compliance text explaining the practice and issues around it in detail
- VRM practices could be clustered, for example, into:
- Individual (user)-centrism - ability to generate a 'win-win' for buyer and seller - approach to personal information (portability etc) - use of open standards - overall transparency of service offering
This would allow a 'VRM index' score to be generated at overall level, for each subject area, and for each individual practice. These scores then drive compliance (e.g. scores below 35% are non-compliant, scores below 65% are 'pending and scores 65 and above are compliant). They also drive benchmarking, i.e. to what extent is my application VRM compliant, which in turn drives improvement activity and the consulting/ services activities that go along with that.
The score also becomes a published reputation with a reputation/ compliance mark provided. We'd run a white list (VRM compliant) and a black list (were compliant but are no longer so) with the bit in between being 'pending assessment'.
An example of the above can be seen at my hobby-horse site, the Trust Index. If you are happy to go down the route that Brett and I propose I am happy that The Trust Index be absorbed into VRM benchmarking (some of the dimensions are relevant as is the assessment infrastructure), or at worst learned from.
2) We establish an entity that owns the VRM Compliance and Benchmarking Program, which could be Berkman, could be hosted by the Liberty Alliance or could be a new entity. This is a key step and obviously feeds into the VRM Organisation work stream.
3) We make the VRM Compliance/ Benchmarking assessment available in two forms.
a) a face to face assessment of large organisations which we'd outsource to organisations which specialise in assessing and from which the entity above would earn revenues (a % of the assessment charge).
b) a 'lite touch' self-assessment variant typically for smaller businesses/ non-profits.
4) Over time, and as VRM applications and standards emerge, we develop a complementary technical compliance program in which applications are physically tested to ensure compliance to a specific, pre-agreed technical standard.
Hope that helps give a flavour of what we have in mind.