[Governance] Transparency Policy

Josh Sokol josh.sokol at owasp.org
Thu Jun 19 20:16:33 UTC 2014


Please don't feel like you have to defer to any existing policy or make any
assumptions.  If you're taking the time and effort to draft this policy,
who would you ideally like to see make that decision?

~josh


On Thu, Jun 19, 2014 at 2:36 PM, Bil Corry <bil.corry at owasp.org> wrote:

> Good question – I defer to the Whistleblower policy as to the disciplinary
> details, but my assumption is the BoD makes the final determination.  The
> Whistleblower policy can be updated to be more clear on this point.
>
>
>
> - Bil
>
>
>
> *From:* Josh Sokol [mailto:josh.sokol at owasp.org]
> *Sent:* Thursday, June 19, 2014 6:19 PM
>
> *To:* Bil Corry
> *Cc:* OWASP GOVERNING
> *Subject:* Re: [Governance] Transparency Policy
>
>
>
> One question for clarity, who determines the action as a result of a
> policy violation?  The Compliance Officer?  A Committee?  The Board?  The
> ED?
>
> ~josh
>
>
>
> On Thu, Jun 19, 2014 at 9:48 AM, Bil Corry <bil.corry at owasp.org> wrote:
>
> Thanks Josh, I've updated the violation section based on your suggestion.
> I also added the whistleblower exception, as our whistleblower policy
> states it is a confidential process.
>
>
>
>
>
> - Bil
>
>
>
> *From:* Josh Sokol [mailto:josh.sokol at owasp.org]
> *Sent:* Thursday, June 19, 2014 4:06 PM
> *To:* Bil Corry
> *Cc:* OWASP GOVERNING
> *Subject:* Re: [Governance] Transparency Policy
>
>
>
> I really like where this is going.  It reads similar to a data
> classification plan and maybe we should even consider labeling documents
> based on the levels outlined.  When I have some time, I will try to add
> additional examples for consideration.  In the meantime, my only advice may
> be to rephrase the policy violations section at the bottom more along the
> lines of "including the possibility of suspension or revocation of
> membership, exclusion from OWASP events and mailing lists, or other such
> action as determined."
>
> ~josh
>
>
>
> On Thu, Jun 19, 2014 at 5:18 AM, Bil Corry <bil.corry at owasp.org> wrote:
>
> Hello Governance,
>
>
>
> I am proposing we create (and have the BoD adopt) a policy on transparency
> to clarify the information that should never be shared publicly.
>
>
>
> To that end, I've created an initial draft, which you can find here:
>
>
>
> https://www.owasp.org/index.php/Transparency_Policy
>
>
>
> I'm requesting discussion and feedback on the draft, along with additional
> exclusions (I only started with two).
>
>
>
> Thank you for your time in advance,
>
>
>
> - Bil
>
>
> _______________________________________________
> Governance mailing list
> Governance at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/governance
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/governance/attachments/20140619/e6af0640/attachment.html>


More information about the Governance mailing list