Service levels for Certified Parties
Last updated
Version 2.1 (current version)
Last updated
For Certified Parties, the following service levels apply:
Availability is a measure of the time a service is in a functioning condition. It includes the availability window and the maintenance window.
The availability window includes the times at which Certified Party guarantees the availability of their service.
Norm: 24 hours * all days of the year
Minimum level required: 99% availability* per calendar month, from 00:00-23:59h
*Planned maintenance does NOT count as unavailability
The maintenance window includes the times at which Certified Party can perform planned maintenance, that is likely to result in downtime, to their service(s). If no downtime is expected, maintenance can take place outside of the maintenance window. Planned maintenance does NOT include incident resolution, as this can take place outside the maintenance window as described under .
Norm:
The maintenance window includes the nights from Friday to Saturday and from Saturday to Sunday, from 00:00-5.59h;
Maintenance MUST be announced to the impacted parties directly as well as to the Data Space Governance Body/Scheme Owner**;
Announcements MUST be made at least 10 working days before the maintenance and MUST include date, time, and impacted service(s).
**The Scheme Owner/Data Space Governance Body presents an overview of its Certified Parties' current and planned maintenance on its website.
Performance includes the time it takes for a service to respond when requested or called upon; i.e. the time an Certified Party's service takes to respond to a received message.
Norm:
95% of Certified Parties' messages MUST be responded within 2 seconds;
99% of Certified Parties' messages MUST be responded within 5 seconds;
Each Certified Party MUST be able to process at least 100 simultaneous messages while meeting above requirements.
An incident is an event, not part of the standard service operation, that results in a potential impact or risk with regards to the quality, availability, confidentiality and/or integrity of (data within) the iSHARE Trust Framework. This ONLY includes the data used for identification, authentication and authorisation purposes in the context of data exchange, but not the contents of the actual data exchange.
Minor incident;
Calamity;
Crisis.
Norm:
All incidents MUST be communicated by the Certified Party(ies) to the Scheme Owner/Data Space Governance Body directly after they are discovered;
Communication MUST include date, time, incident level as estimated by the Certified Party(ies), argumentation including impacted service(s), and a potential incident manager;
In case of a calamity or crisis, the Certified Party MUST have an incident manager available during working days, and SHOULD have an incident manager available 24 * 7;
An update on the incident MUST be communicated to the Data Space Governance Body/Scheme Owner*:
For minor incidents, at the end of each working day;
For calamities, within 2 hours of every significant update and at the end of each working day;
For crises, within 2 hours of every significant update and every 4 hours.
Support by Certified Party includes answering questions and requests from Adhering Parties.
Norm: Certified Parties are available for support via e-mail; they MUST confirm receiving a question/request within 1 working day. They SHOULD send an underpinned reaction (with an answer/solution or at the very least a direction) within 5 working days.
Availability
Yes
Yes
Number of relations with Adhering Parties
Yes
Only if operating standalone Participant Registry (disconnected from the distributed ledger)
Number of transactions
Yes
No
Number of transactions per Adhering Party
Yes
No
Number of incidents.
Yes
Yes
All Certified Parties are expected to collect management information about each month: 0:00h on the first day to 23:59h on the last.
Norm: All Certified Party MUST deliver the management information about the last month, conform the iSHARE template, before 23:59h on the 5th working day of the current month
Three classifications of incidents are recognised within iSHARE, as explained in the :
All incidents SHOULD be handled by the Certified Party (in cooperation with the Scheme Owner/Data Space Governance Body as per the ) within 3 working days after being appointed as the responsible party - unless agreed otherwise.
*In line with the , the Scheme Owner/Data Space Governance Body presents an overview of current calamities and crises on its website
Reports are meant to monitor both compliance to the service level agreements and the (growing) use of the iSHARE network, as described in the . The following will be reported on (non-exhaustive):