W3C

DPVCG Meeting Call

27 JUL 2023

Attendees

Present
delaram, harsh, paul
Regrets
georg
Chair
harsh
Scribe
harsh

Meeting minutes

Repository: w3c/dpv

Meeting minutes: https://w3id.org/dpv/meetings

purl for this meeting: https://w3id.org/dpv/meetings/meeting-2023-07-27

Risk Management concepts

see #74

<ghurlbot> Issue 74 Add Risk Management concepts from ISO 31000 series (coolharsh55)

see https://lists.w3.org/Archives/Public/public-dpvcg/2023Jul/0008.html for risk concepts proposed

Discussing ex-ante modelling of risk assessment in terms of sources, threats, vulnerabilities and the differences in NIST and ISO models and how they relate to the current proposed DPV model

The discussion focused on whether we need two concepts to represent what caused the risk (what is specified as RiskSource), and whether it fits with the existing NIST and ISO risk models which use different terms. Or whether a single concept leading to the risk is sufficient to model the cause.

Conclusion of the discussion was to have examples of stated models and to decide based on discussions using them.

Minutes manually created (not a transcript), formatted by scribe.perl version 217 (Fri Apr 7 17:23:01 2023 UTC).