In order for CIF and the Cloud Service Provider Self-Certification process to remain credible and trusted it needs to have an appropriate governance and enforcement model in place to oversee the development of the Code, undertake random audits of participants' Self-Certification claims, investigate complaints and, where appropriate, withdraw a Self-Certification in the event that participants' claims are proven to be untrue.
To that end CIF will maintain an independent and diverse Governance Board to represent the wider stakeholder communities made upof 12 members drawn from across industry vendors, end user organisations or user groups, members from independent advisors (academics, IT standards champions etc) and legal practice.
Any 6 Board members and the Chairman represent a Quorum, or 8 Board members excluding the Chairman.
An additional 4 non-voting seats are reserved for representatives of formally recognised partner organisations that are aligned to the Code by specialism (e.g. technology or security standards) or by international focus (extending the reach of the Code).
The Governance Board is convened bi-monthly to review progress and actions arising, and to ensure the strategic direction of the CIF and the Code of Practice is maintained.