Policies & Guidelines

Policies Referenced in OASIS Membership Agreement

The following OASIS documents, approved by the Board of Directors, are referenced as a part of the terms and conditions of the Membership Agreement for Technical Committees and the Membership Agreement for Open Projects.

• Antitrust Guidelines
  Defining the OASIS Antitrust Guidelines
• Bylaws
  Describing the governance policies and procedures for the Consortium
• Intellectual Property Rights (IPR) Policy
  Governing the treatment of intellectual property in the production of specifications and other works by OASIS

Other OASIS Policies and Guidelines

• Board Standing Rules
  Documenting procedures under which the OASIS Board operates
• Business Continuity and Disaster Recovery Plan
  Provides a plan to respond to and recover from incidents that pose a risk to our operations, people, and the communities we serve.
• Code of Conduct
  Describing the values we wish to foster in our organization and our communities, the standards of professional conduct we expect, and providing instruction and protection for individuals who bring allegations of violations of this policy.
• Conflict of Interest Policy
  Governing disclosure and conduct of Board members, corporate officers, or any persons with financial interest in proposed OASIS transactions or arrangements
• Data Security User Responsibilities Policy
  Describing the responsibilities of all users of OASIS’s information systems and networks, including staff, OASIS members, third party vendors, and any other users accessing OASIS’s technology resources.
• Directives for Filenames, URIs, Namespaces, and Metadata
  Providing rules and best practice guidance for specification design, including: filenames, URIs, namespace URIs, namespace documents, version identifiers, and metadata
• Document Lifecycle Best Practices
  Contains both a summary of the work product process and guidance on how to streamline that process
• Document Retention and Destruction Policy
  Describing OASIS operational requirements for retaining documents and secure destruction of documents.
• Foundation-as-a-Service Operating Rules
  Defining corporate and legal infrastructure and fiscal agency services that allows groups to form and run their own Foundations
• GitHub Repositories for OASIS TC Members’ Chartered Work
  Governing the use of GitHub repositories by TCs for chartered technical work
• Information Security Policy
  Governing the operational procedures taken to securely store OASIS Member and OASIS Employee personal Information and the requirements for reporting any security breach.
• Interoperability Demonstration Policy
  Governing participation in public interoperability demonstrations that showcase multi-vendor implementations of approved OASIS work
• Interpretations Policy
  Describing the process by which implementers may seek interpretation of OASIS Standards
• Liaison Policy
  Governing formal liaison relationships between OASIS and other organizations
• Liaison Policy – ANSI Addendum
  OASIS Technical Committees considering submitting their Standards for consideration for American National Standard (ANS) status must comply with these requirements in order for their work to be eligible for ANS submission under the Liaison Policy.
• Member Section Policy
  Defining the types of activities that can be conducted within an OASIS Member Section
• OASIS Committee Operations Process
  Defining common rules applying to any committee operating at OASIS.
• OASIS Defined Terms
  Defining terms that carry specific meaning when used in OASIS policy and rule documents.
• Open Project Rules
  Governing the OASIS Open Project Process
• Open Repository Guidelines and Procedures
  Supporting the development of open source resources related to OASIS Technical Committee work through community contributions to GitHub public repositories
• Privacy
  Describing OASIS practices and your rights regarding personal information use and webcookies.
• Risk Assessment Policy
  Describing OASIS’s approach to identifying, evaluating, and managing risks across all areas of its operations.
• Technical Committee (TC) Process
  Governing the OASIS Technical Committee Process
• Trademark Policy
  Governing the use of OASIS marks and copyrights
• Translation Policy
  Governing language translations of OASIS Standards, specifications, and documents
• Vulnerability Handling & Disclosure Policy
  Describing the policy for receiving and responding to reports of vulnerabilities in OASIS work products.
• Whistleblower Policy
  Providing instruction and protection for individuals who make allegations regarding potentially illegal or inappropriate conduct within OASIS

Other Guidelines

• Case Study Guidelines
  Detailing the creation and publication of official Consortium documents that describe implementation experiences involving OASIS Standards or specifications
• Code of Conduct Incident Reporting and Response Process
  Overview of the Code of Conduct workflow for OASIS staff when receiving and responding to an incident report.
• Guidelines to Writing Conformance Clauses
  Providing guidelines on how to write Conformance statements for OASIS specifications
• Interoperability Guidelines
  Describing best practices for writing specifications, so that the risk of having interoperability (or portability) failures between implementations is reduced
• Keyword Guidelines for OASIS Specifications and Standards
  Describing best practices in using RFC2119 or ISO keywords when writing specifications
• Mailing List Guidelines and Procedures
  Describing the range of OASIS mailing lists, instructions for their use, and the policies that govern their operation and archives
• Media Relations Guidelines
  Governing communications with the media on OASIS work
• Open Projects Advisory Council Terms of Reference
  Describing the role of strategic advisors for the OASIS Open Projects program
• Vulnerability Handling & Disclosure Process
  Governing language translations of OASIS Standards, specifications, and documents