From 780dadd473bbe941f8cbe0aadac76e842b0a2271 Mon Sep 17 00:00:00 2001
From: Ian Grigg <iang@cacert.org>
Date: Mon, 30 Apr 2012 12:55:53 +0000
Subject: [PATCH] rewording, new header, for Arbitration a20120121.1

git-svn-id: http://svn.cacert.org/CAcert/Policies@2372 14b1bab8-4ef6-0310-b690-991c95c89dfd
---
 .../OrganisationAssurancePolicy.html          | 159 ++++++++----------
 1 file changed, 72 insertions(+), 87 deletions(-)

diff --git a/OrganisationAssurancePolicy/OrganisationAssurancePolicy.html b/OrganisationAssurancePolicy/OrganisationAssurancePolicy.html
index e38ce0d..bf2da05 100644
--- a/OrganisationAssurancePolicy/OrganisationAssurancePolicy.html
+++ b/OrganisationAssurancePolicy/OrganisationAssurancePolicy.html
@@ -2,54 +2,49 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
         "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
-        <head>
-                <title>
-                        Organisation Assurance Policy
-                </title>
-        </head>
-        <body>
-	<p>
-	<center>
-	<big>
-	<br><b>WARNING:</b><br>
-	The proper policy document is located<br>
-	<a href="http://www.cacert.org/policy/OrganisationAssurancePolicy.php">
-	on the CAcert website </a>.<br>
-	</big></b>
-	This document is a working draft to include<br>
-	future revisions only, and is currently<br>
-	only relevant for the [policy] group.<br>
-	</center>
-	</p>
-
-     <h1>
-	Organisation&nbsp;Assurance&nbsp;Policy
-     </h1>
-      <p>
-      <a href="../PolicyOnPolicy.html"><img src="../cacert-draft.png" alt="CAcert Draft" height="31" width="88" style="border-style: none;" /> </a><br />
-Document: OAP COD11<br />
-Author: Jens Paul<br />
-Creation date: 2007-09-18<br />
-Status: POLICY/DRAFT 2007-09-18 <a href="http://wiki.cacert.org/wiki/TopMinutes-20070917">m20070918.x </a><br />
-Changed: 2008-04-01 Teus Hagen policy list vote; add advisors and board<br />
-Next status: POLICY 2008<br />
-         <!-- $Id$ -->
-        </p>
-<h2> <a name="0">0.  </a>  Preliminaries </h2>
+<head>
+<title> Organisation Assurance Policy </title>
+<style type="text/css">
+<!--
+.comment {
+        color : steelblue;
+}
+-->
+</style>
+</head>
+
+<body>
+<div class="comment">
+<table width="100%"><tr><td>
+  Name: OAP <a style="color: steelblue" href="//svn.cacert.org/CAcert/Policies/ControlledDocumentList.html">COD11</a><br />
+  Author: Jens Paul<br />
+  Creation date: 2007-09-18<br />
+  Status: POLICY/DRAFT 2007-09-18 <a style="color: steelblue" href="//wiki.cacert.org/wiki/TopMinutes-20070917">m20070918.x </a><br />
+  Licence: <a style="color: steelblue" href="//wiki.cacert.org/Policy#Licence" title="this document is Copyright &copy; CAcert Inc., licensed openly under CC-by-sa with all disputes resolved under DRP.  More at wiki.cacert.org/Policy" > CC-by-sa+DRP </a><br />
+
+</td><td align="right">
+  <a href="//www.cacert.org/policy/PolicyOnPolicy.html"><img src="images/cacert-policy.png" alt="Security Policy Status == POLICY" style="border-width:0" /></a>
+</td></tr></table>
+</div>
+
+<h1> Organisation&nbsp;Assurance&nbsp;Policy </h1>
+
+<h2 id="s0">0.  Preliminaries </h2>
 
 <p>
 This policy describes how Organisation Assurers ("OAs")
-conduct Assurances on Organisations.
-It fits within the overall web-of-trust
-or Assurance process of CAcert.
+conduct assurances on organisations.
+Organisation assurance fits within the overall web-of-trust
+or assurance process of CAcert.
 </p>
 
 <p>
-This policy is not a Controlled document, for purposes of
-Configuration Control Specification ("CCS").
+This policy is subsidiary to Assurance Policy ("AP" COD13) and
+is a Controlled document under
+Configuration Control Specification ("CCS" COD2).
 </p>
 
-<h2> <a name="1"> 1. </a> Purpose </h2>
+<h2 id="s1"> 1. Purpose </h2>
 
 <p>
 Organisations with assured status can issue certificates
@@ -73,27 +68,27 @@ and as described in the CPS.
 </li></ul>
 
 
-<h2> <a name="2"> 2. </a> Roles and Structure </h2> 
+<h2 id="s2"> 2. Roles and Structure </h2> 
 
-<h3> <a name="2.1"> 2.1 </a> Assurance Officer </h3> 
+<h3 id="s2.1"> 2.1 Assurance Officer </h3> 
 
 <p>
-The Assurance Officer ("AO")
+The Assurance Officer
 manages this policy and reports to the CAcert Inc. Committee ("Board").
 </p>
 
 <p>
-The AO manages all OAs and is responsible for process,
+The Assurance Officer manages all OAs and is responsible for process,
 the CAcert Organisation Assurance Programme ("COAP") form,
 OA training and testing, manuals, quality control.
 In these responsibilities, other Officers will assist.
 </p>
 <p>
-The OA is appointed by the Board. 
-Where the OA is failing the Board decides.
+The Assurance Officer is appointed by the Board
+and may be replaced by the Board.
 </p>
 
-<h3> <a name="2.2"> 2.2 </a> Organisation Assurers </h3> 
+<h3 id="s2.2"> 2.2 Organisation Assurers </h3> 
 
 <p>
 </p>
@@ -101,8 +96,8 @@ Where the OA is failing the Board decides.
 <ol type="a"> <li>
     An OA must be an experienced Assurer
     <ol type="i">
-      <li>Have 150 assurance points.</li>
-      <li>Be fully trained and tested on all general Assurance processes.</li>
+      <li>Have 50 Experience Points.</li>
+      <li>Be fully trained and tested on all general assurance processes.</li>
     </ol>
 
   </li><li>
@@ -126,6 +121,7 @@ Where the OA is failing the Board decides.
       <li> Tests are conducted manually, not online/automatic. </li>
       <li> Documentation to be retained. </li>
       <li> Tests may include on-the-job components. </li>
+      <li> Final test to be a number of supervised organisation assurances. </li>
     </ol>
 
   </li><li>
@@ -134,37 +130,31 @@ Where the OA is failing the Board decides.
       <li> Two supervising OAs must sign-off on new OA,
            as trained, tested and passed.
            </li>
-      <li> AO must sign-off on a new OA,
+      <li> To appoint a new OA, the Assurance Officer must sign-off
            as supervised, trained and tested.
            </li>
     </ol>
     </li>
-	<li>The OA can decide when a CAcert
-	(individual) Assurer
-	has done several OA Application Advises to appoint this
-	person to OA Assurer.
-	</li>
 
 </ol>
 
-<h3> <a name="2.3"> 2.3 </a> Organisation Assurance Advisor ("OAA") </h3>
-	<p>In countries/states/provinces where no OA Assurers are
-	operating for an OA Application (COAP) the OA
-	can be advised by an experienced local CAcert
-	(individual) Assurer to take the decision
-	to accept the OA Application (COAP) of the organisation.
+<h3 id="s2.3"> 2.3 Local Assurer as Advisor </h3>
+	<p>In countries/states/provinces where no OAs are
+	operating, the OA
+	may rely upon the advice of an experienced local CAcert
+	(individual) Assurer in performing the organisation assurance.
 	</p>
 	<p>
-	The local Assurer must have at least 150 Points,
+	The local Assurer must have at least 50 Experience Points,
 	should know the language, and know
 	the organisation trade office registry culture and quality.
 	</p>
 
 
-<h3> <a name="2.4"> 2.4 </a> Organisation Administrator </h3> 
+<h3 id="s2.4"> 2.4 Organisation Administrator </h3> 
 
 <p>
-The Administrator within each Organisation ("O-Admin")
+The Administrator within each organisation ("O-Admin")
 is the one who handles the assurance requests
 and the issuing of certificates.
 </p>
@@ -191,9 +181,9 @@ and the issuing of certificates.
 </ol>
 
 
-<h2> <a name="3"> 3. </a> Policies </h2> 
+<h2 id="s3"> 3. Policies </h2> 
 
-<h3> <a name="3.1"> 3.1 </a> Policy </h3> 
+<h3 id="s3.1"> 3.1 Policy </h3> 
 
 <p>
 There is one policy being this present document,
@@ -207,7 +197,7 @@ and several subsidiary policies.
   <li>  Organisations are assured under an appropriate subsidiary policy. </li>
 </ol>
 
-<h3> <a name="3.2"> 3.2 </a> Subsidiary Policies </h3>
+<h3 id="s3.2"> 3.2 Subsidiary Policies </h3>
 
 <p>
 The nature of the Subsidiary Policies ("SubPols"):
@@ -226,7 +216,7 @@ The nature of the Subsidiary Policies ("SubPols"):
   </li><li>
     For OAs,
     SubPol specifies the <i>tests of local knowledge</i>
-    including the local organisation assurance COAP forms.
+    including the local COAP forms.
   </li><li>
     For assurances,
     SubPol specifies the <i>local documentation forms</i>
@@ -237,7 +227,7 @@ The nature of the Subsidiary Policies ("SubPols"):
    policy approval process.
 </li></ol>
 
-<h3> <a name="3.3"> 3.3 </a>  Freedom to Assemble </h3>
+<h3 id="s3.3"> 3.3 Freedom to Assemble </h3>
 
 <p>
 Subsidiary Policies are open, accessible and free to enter. 
@@ -270,11 +260,11 @@ Subsidiary Policies are open, accessible and free to enter.
 </li></ol>
 
 
-<h2> <a name="4"> 4. </a>  Process </h2>
+<h2 id="s4"> 4. Process </h2>
 
-<h3> <a name="4.1"> 4.1 </a>  Standard of Organisation Assurance </h3>
+<h3 id="s4.1"> 4.1 Standard of Organisation Assurance </h3>
 <p>
-The essential standard of Organisation Assurance is:
+The essential standard of organisation assurance is:
 </p>
 
 <ol type="a"><li>
@@ -292,9 +282,7 @@ The essential standard of Organisation Assurance is:
     requestor can sign on behalf of the organisation.
   </li><li>
     the organisation has agreed to the terms of the
-    <b>
-    CAcert Community Agreement
-    </b>,
+    CAcert Community Agreement,
     and is therefore subject to Arbitration.
 </li></ol>
 
@@ -303,7 +291,7 @@ The essential standard of Organisation Assurance is:
     are stated in the SubPol.
 </p>
 
-<h3> <a name="4.2"> 4.2 </a>  COAP </h3>
+<h3 id="s4.2"> 4.2 COAP </h3>
 <p>
 The COAP form documents the checks and the resultant
 assurance results to meet the standard.
@@ -325,11 +313,11 @@ Additional information to be provided on form:
     domain name(s)
   </li><li>
     Agreement with
-    <b>CAcert Community Agreement</b>.
+    CAcert Community Agreement.
     Statement and initials box for organisation
     and also for OA.
   </li><li>
-    Date of completion of Assurance.
+    Date of completion of assurance.
     Records should be maintained for 7 years from
     this date.
 </li></ol>
@@ -341,17 +329,17 @@ and indication provided that the English is the
 ruling language (due to Arbitration requirements).
 </p>
 
-<h3> <a name="4.3"> 4.3 </a> Jurisdiction </h3>
+<h3 id="s4.3"> 4.3 Jurisdiction </h3>
 
 <p>
-Organisation Assurances are carried out by
+Organisation assurances are carried out by
 CAcert Inc. under its Arbitration jurisdiction.
 Actions carried out by OAs are under this regime.
 </p>
 
 <ol type="a"><li>
     The organisation has agreed to the terms of the
-    <b>CAcert Community Agreement</b>.
+    CAcert Community Agreement.
   </li><li>
     The organisation, the Organisation Assurers, CAcert and
     other related parties are bound into CAcert's jurisdiction
@@ -360,12 +348,12 @@ Actions carried out by OAs are under this regime.
     The OA is responsible for ensuring that the
     organisation reads, understands, intends and
     agrees to the
-    <b>CAcert Community Agreement</b>.
+    CAcert Community Agreement.
     This OA responsibility should be recorded on COAP
     (statement and initials box).
 </li></ol>
 
-<h2> <a name="5"> 5. </a> Exceptions </h2>
+<h2 id="s5"> 5. Exceptions </h2>
 
 
 <ol type="a"><li>
@@ -396,8 +384,5 @@ Actions carried out by OAs are under this regime.
     This means that the anglo law tradition of unregistered DBAs
     is not accepted without further proof.
   </li></ol>
-  <p><a href="http://validator.w3.org/check?uri=referer"><img    src="http://www.w3.org/Icons/valid-xhtml11-blue" alt="Valid XHTML 1.1" height="31" width="88" style="border-style: none;" /> </a>
-  </p>
-	</body>
+</body>
 </html>
-