[Governance] Transparency Policy

Dinis Cruz dinis.cruz at owasp.org
Fri Jun 20 04:58:09 UTC 2014


Hi Bill, I really like the view that '*The rule of thumb for transparency
is to default all information as public,' *since that is exactly how I view
it.

So for example, where would you put communications between 'OWASP employes
with OWASP Board Members' and 'OWASP employees and OWASP Leaders'? Taking
the view that all information should be public, there should be very few
exchanges between these two groups that would happen in private, right?

Specially when there are questions or issues being raised that need to be
clarified.

For example what happened with Samantha is an explosion of tons of little
issues that (in my view) should had been discussed, clarified and defended
when they occurred (which would had prevented the drama, loss of an OWASP
Employee and strong accusations to the multiple parties).

Another question I have is: "*For the cases when a thread starts in
private, once the facts are clarified, and unless it falls into one the 3
exceptions listed, the expectation is that such private thread will
eventually be made public",* right?

Finally, '*where do you put 'employees reviews*'? should that be private or
public? My view is that any information about OWASP organisation and its
staff should be public and on the record (so that it can be peer-reviewed
and validated by the OWASP leaders community). This might be something that
we will need the employees to agree to, which can/should part of their
OWASP contract.

Thanks

Dinis



On 19 June 2014 11:18, Bil Corry <bil.corry at owasp.org> wrote:

> Hello Governance,
>
>
>
> I am proposing we create (and have the BoD adopt) a policy on transparency
> to clarify the information that should never be shared publicly.
>
>
>
> To that end, I've created an initial draft, which you can find here:
>
>
>
> https://www.owasp.org/index.php/Transparency_Policy
>
>
>
> I'm requesting discussion and feedback on the draft, along with additional
> exclusions (I only started with two).
>
>
>
> Thank you for your time in advance,
>
>
>
> - Bil
>
> _______________________________________________
> Governance mailing list
> Governance at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/governance
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/governance/attachments/20140620/f86ac8c5/attachment-0001.html>


More information about the Governance mailing list