[Governance] [Owasp-board] Bylaw Update Discussion - Board Member Confidence

Josh Sokol josh.sokol at owasp.org
Mon Aug 24 12:31:48 UTC 2015


Bil,

I initiated a Board vote on the new text that you had proposed back in
April or May this year and the Board unanimously voted to approve.  Paul
has been working to try to identify all of the changes that have been made
(there's only been one or two this year) in order to get a new version of
the Bylaws on the website.  Regardless, the one that is there is definitely
out-of-date.

With respect to your update, thank you, I was thinking something similar as
well, but this doesn't address a few of my bullet points:

   - The method of tabulation is unspecified.  If we are tabulating
   sequentially, then we have a situation where if a Board member missed their
   first meeting, a vote is required to be held for three tabulations (0%,
   50%, and 66%) until they make it up over 75%.  I am guessing that the
   intent is for this to be tabulated assuming attendance for all future
   meetings and action would be taken if the person would be unable to
   maintain 75% attendance, but if anyone disagrees and has a different
   interpretation, please let me know.
   - The timeframe for the vote is unspecified.  It just says that it will
   cause a mandatory vote of confidence, but never says when that vote is
   supposed to take place or who is supposed to initiate it.  Is it to be
   handled immediately at the time of tabulation?  Is it handled offline over
   e-mail as we recently did?  Is it handled at the next Board meeting?  Based
   on the current verbiage, technically the Board could drag it's heels on it
   indefinitely.  I would think that something reasonable would be having the
   vote initiated by our Executive Director within two weeks of the tabulation
   that found them to be not meeting their attendance requirements.  If there
   is a Board meeting during that window, then it could be handled then, or
   handled via the mailing list otherwise.  That provides time to handle the
   situation and removes any Board member bias from the initiation of the vote.
   - This does not offer the offender an opportunity to explain why they
   failed to meet their attendance requirement.  I think that a reasonable
   process would assume that there is a rational explanation for why they did
   not attend.  Maybe it's because all of the meetings were being held at 2 AM
   in their timezone.  Maybe it's because of a death in the family.  I think
   this process should take the personal factor into consideration.

Would you care to take a stab at addressing these?  If not, I can certainly
take a shot at it as well.

~josh

On Mon, Aug 24, 2015 at 2:07 AM, Bil Corry <bil.corry at owasp.org> wrote:

> Hi Josh,
>
> The current bylaw I see is from last year, which doesn't have the text you
> quoted.  It's here:
>
>      https://www.owasp.org/index.php/OWASP_Foundation_ByLaws
>
> I know we discussed changing the bylaws, but I don't know what was
> ultimately adopted.  FWIW, this is the wording from last proposed text,
> which is very clear on how tabulation is calculated, although it doesn't
> give strict time limes for tabulation and confidence voting.  The thought
> was to allow the Board some flexibility in how they want to execute it.
> But if you'd like it to be formally incorporated into the bylaws, then
> please proposed some text.
>
>
> *SECTION 3.03 Regular Meetings.* The Board of Directors shall have
> regular meetings as needed.  A link to the board meeting agenda’s and the
> historical minutes is here:
> https://www.owasp.org/index.php/OWASP_Board_Meetings.  Meetings shall be
> at such dates, times, and places as the Board shall determine in December
> of the preceding year and as amended by the Board. In no event will there
> be less than one meeting per quarter.  These meetings will be open to
> public attendance, however, certain portions of the meeting may be closed
> to board members  and their delegates when required for legal reasons, or
> to shield liability, or to handle personnel issues, or similar.  Attendance
> in person or virtually by board members is required at no less than 75% of
> the total meetings each year and shall be highly encouraged to meet in
> person at least once annually at a date to be announced and agreed upon.
> Attendance is tabulated after every scheduled meeting for the purpose of
> determining if the 75% attendance requirement has been met, and the
> tabulation is based upon the entire calendar year.  Cancelled meetings are
> considered attended for the purposes of the tabulation.  Failure by a board
> member to meet the 75% attendance requirement after any tabulation will
> cause a mandatory vote of confidence by the remaining board members,
> whose votes will be publicly recorded.  An overall vote of "no confidence"
> is recorded if half or more of the board members vote for it, which causes
> the board member in question to be instantly removed from their seat on the
> board.  Vacancies on the board are handled as per Section 3.10.
>
>
>
>
>
> 2 OWASP Board of Directors will hold quarterly board meetings lasting 4­6
> hours each. The schedule of meetings will be set by the board in December
> before the year. It is likely the the board meetings will take place on
> Saturdays or on a dedicated day before a large OWASP conference. This
> change is a result of the success of the longer format board meeting and
> also a result of the Executive Director role that has enabled full time
> involvement and focus on OWASP operations. Board members must attend (in
> person or virtually) 3 of the 4 meetings to fulfill the attendance
> requirements. This will take effect in January, 2014. Changes passed August
> 19, 2013.
>
> 3 “and shall be highly encouraged to meet in person at least once annually
> at a date to be announced and agreed upon” amendment to document passed
> June 10, 2013.
>
>
>
> - Bil
>
>
> On Sat, Aug 22, 2015 at 6:01 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
>
>> Board,
>>
>> As recently discussed and voted on in a separate thread, our current
>> Bylaws state as follows:
>>
>> *Failure by a board member to meet the 75% attendance requirement after
>> any tabulation will cause a mandatory vote of confidence by the remaining
>> board members, whose votes will be publicly recorded.  An overall vote of
>> "no confidence" is recorded if half or more of the board members vote for
>> it, which causes the board member in question to be instantly removed from
>> their seat on the board.*
>>
>> I see a few issues with this:
>>
>>    - The timeframe that this applies to is unspecified.  Is it per
>>    quarter?  Per calendar year?  Over the two year duration of a Board member
>>    term?  Over the cumulative time that a Board member is in office?  I'm
>>    guessing that the intent is for this to be over the calendar year, but if
>>    anyone disagrees and has a different interpretation, please let me know.
>>    - The definition of "tabulation" is unspecified.  Who is doing the
>>    tabulation?  Is there a certain time that this tabulation is conducted?
>>    I'm guessing that the intent is for this to be based on the attendance role
>>    that is captured during the Board meeting, but if anyone disagrees and has
>>    a different interpretation, please let me know.
>>    - The method of tabulation is unspecified.  If we are tabulating
>>    sequentially, then we have a situation where if a Board member missed their
>>    first meeting, a vote is required to be held for three tabulations (0%,
>>    50%, and 66%) until they make it up over 75%.  I am guessing that the
>>    intent is for this to be tabulated assuming attendance for all future
>>    meetings and action would be taken if the person would be unable to
>>    maintain 75% attendance, but if anyone disagrees and has a different
>>    interpretation, please let me know.
>>    - The timeframe for the vote is unspecified.  It just says that it
>>    will cause a mandatory vote of confidence, but never says when that vote is
>>    supposed to take place or who is supposed to initiate it.  Is it to be
>>    handled immediately at the time of tabulation?  Is it handled offline over
>>    e-mail as we recently did?  Is it handled at the next Board meeting?  Based
>>    on the current verbiage, technically the Board could drag it's heels on it
>>    indefinitely.  I would think that something reasonable would be having the
>>    vote initiated by our Executive Director within two weeks of the tabulation
>>    that found them to be not meeting their attendance requirements.  If there
>>    is a Board meeting during that window, then it could be handled then, or
>>    handled via the mailing list otherwise.  That provides time to handle the
>>    situation and removes any Board member bias from the initiation of the vote.
>>    - This does not offer the offender an opportunity to explain why they
>>    failed to meet their attendance requirement.  I think that a reasonable
>>    process would assume that there is a rational explanation for why they did
>>    not attend.  Maybe it's because all of the meetings were being held at 2 AM
>>    in their timezone.  Maybe it's because of a death in the family.  I think
>>    this process should take the personal factor into consideration.
>>
>> With the above in mind, I don't see a reason to lower the bar from 75%.
>> My thinking is that this is a reasonable expectation to have of a Board
>> member with all things being equal.  It may not be the best measure of
>> engagement, but it is still a responsibility that all Board members are
>> aware of going into it, and I am not aware of it having been an issue in
>> the past (until now), so I'm not sure why we would change it now that one
>> Board member had a vote initiated for it.  I would propose that we update
>> the language in order to better clarify my bullet points above, but leave
>> the requirement itself in place.  Please provide your thoughts regarding
>> each of these bullet points (or any other issues that you think need to be
>> addressed here).  Once we have some level of agreement with these, I can
>> take the action item of re-writing this section of the Bylaws in order to
>> incorporate these changes.  Thanks.
>>
>> ~josh
>>
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/governance/attachments/20150824/d374627a/attachment.html>


More information about the Governance mailing list