Service levels for Certified Parties

This part of the iSHARE Trust Framework is considered normative and is therefore compliant with RFC 2119.

For Certified Parties, the following service levels apply:

Availability

Availability is a measure of the time a service is in a functioning condition. It includes the availability window and the maintenance window.

Availability window

The availability window includes the times at which Certified Party guarantees the availability of their service.

Norm: 24 hours * all days of the year

Minimum level required: 99% availability* per calendar month, from 00:00-23:59h

*Planned maintenance does NOT count as unavailability

Maintenance window

The maintenance window includes the times at which Certified Party can perform planned maintenance, that is likely to result in downtime, to their service(s). If no downtime is expected, maintenance can take place outside of the maintenance window. Planned maintenance does NOT include incident resolution, as this can take place outside the maintenance window as described under incidents.

Norm:

  • The maintenance window includes the nights from Friday to Saturday and from Saturday to Sunday, from 00:00-5.59h;

  • Maintenance MUST be announced to the impacted parties directly as well as to the Data Space Governance Body/Scheme Owner**;

  • Announcements MUST be made at least 10 working days before the maintenance and MUST include date, time, and impacted service(s).

**The Scheme Owner/Data Space Governance Body presents an overview of its Certified Parties' current and planned maintenance on its website.

Performance

Performance includes the time it takes for a service to respond when requested or called upon; i.e. the time an Certified Party's service takes to respond to a received message.

Norm:

  • 95% of Certified Parties' messages MUST be responded within 2 seconds;

  • 99% of Certified Parties' messages MUST be responded within 5 seconds;

  • Each Certified Party MUST be able to process at least 100 simultaneous messages while meeting above requirements.

Incidents

An incident is an event, not part of the standard service operation, that results in a potential impact or risk with regards to the quality, availability, confidentiality and/or integrity of (data within) the iSHARE Trust Framework. This ONLY includes the data used for identification, authentication and authorisation purposes in the context of data exchange, but not the contents of the actual data exchange.

Three classifications of incidents are recognised within iSHARE, as explained in the incident management process:

  • Minor incident;

  • Calamity;

  • Crisis.

Norm:

  • All incidents MUST be communicated by the Certified Party(ies) to the Scheme Owner/Data Space Governance Body directly after they are discovered;

  • Communication MUST include date, time, incident level as estimated by the Certified Party(ies), argumentation including impacted service(s), and a potential incident manager;

  • In case of a calamity or crisis, the Certified Party MUST have an incident manager available during working days, and SHOULD have an incident manager available 24 * 7;

  • An update on the incident MUST be communicated to the Data Space Governance Body/Scheme Owner*:

    • For minor incidents, at the end of each working day;

    • For calamities, within 2 hours of every significant update and at the end of each working day;

    • For crises, within 2 hours of every significant update and every 4 hours.

  • All incidents SHOULD be handled by the Certified Party (in cooperation with the Scheme Owner/Data Space Governance Body as per the incident management process) within 3 working days after being appointed as the responsible party - unless agreed otherwise.

*In line with the incident management process, the Scheme Owner/Data Space Governance Body presents an overview of current calamities and crises on its website

Support

Support by Certified Party includes answering questions and requests from Adhering Parties.

Norm: Certified Parties are available for support via e-mail; they MUST confirm receiving a question/request within 1 working day. They SHOULD send an underpinned reaction (with an answer/solution or at the very least a direction) within 5 working days.

Reporting

Reports are meant to monitor both compliance to the service level agreements and the (growing) use of the iSHARE network, as described in the management reporting process. The following will be reported on (non-exhaustive):

Certified party
Participant Registry

Availability

Yes

Yes

Number of relations with Adhering Parties

Yes

Only if operating standalone Participant Registry (disconnected from the distributed ledger)

Number of transactions

Yes

No

Number of transactions per Adhering Party

Yes

No

Number of incidents.

Yes

Yes

All Certified Parties are expected to collect management information about each month: 0:00h on the first day to 23:59h on the last.

Norm: All Certified Party MUST deliver the management information about the last month, conform the iSHARE template, before 23:59h on the 5th working day of the current month

Last updated