Identify key actors in Blueprint Architecture (Membership Manager, Proxy Operator, etc)
Identify Policies Required for Compliance with Snctfi
Identify Example Policies from other infrastructures to serve as inspiration
Produce a training module to enable Research Communities to have a basic starter pack for policies
1. Introduce the concept of frameworks and policies, why are they important
2. Introduce in the context of Snctfi
3. Encourage RC actors to make policy decisions (e.g. log retention, minimum assurance etc)
4. Translate those decisions into policy templates
5. Q & A

Assumptions

RCs/Infrastructures may not have a security focussed person, could just be a PI. Definitely can't assume CSIRT body
Those using this policy pack are following the AARC blueprint

...

Space shortcuts