[Governance] [Owasp-board] Bylaw Update Discussion - Board Member Confidence

Tobias tobias.gondrom at owasp.org
Sun Aug 30 21:56:02 UTC 2015


I agree.
We should come to a motion and get a vote going on that.

I have 3 comments:
1. The future wording should avoid that after a trigger has been 
reached, that we vote again (and again) even though the respective board 
member is attending. The wording might require clarification on that issue.

2. I would prefer to avoid a situation where the calculation starts on 
the first meeting. E.g. a board member missing the first meeting and 
immediately triggering a vote of confidence. We could start the trigger 
at the 4th meeting, that gives reasonable excuse if one of the first 4 
meetings is missed.

And on a personal level: I like to remind us again, that so far I have 
given some priority to timing for US board members as most of our board 
members are there. So I like to ask for some understanding for people 
outside. Before you judge too quickly, please take a moment and think 
about how the current board times translate into European, China, 
Australia or Hawaii times...
In fact I am extremely grateful for Andrew's, Jim's and also Fabio's 
patience and understanding for the scheduling. It is hard to schedule 
for a globally distributed board. Still I believe it is in fact a very 
good thing for OWASP that we are having a global diversity on our board.

Thank you and best regards,

Tobias
(chair)



On 26/08/15 17:43, Michael Coates wrote:
> Like all issues we've had some discussion on the list.  Next step 
> would be a motion, second and a vote. Then the cards fall where they may.
>
> It sounds like most opinions are on the table so if someone wants to 
> make a motion, then go for it.
>
> My view echoes Matt, we have to show up. 75% is good and we can work 
> on the schedule to share the pain if that is the issue. Note that we 
> set the schedule at the beginning of the year, so we should be more 
> diligent in the future if people's voices on the schedule weren't heard.
>
>
> I still agree that in person is nice, but not a hard requirement.
>
>
>
> On Aug 26, 2015, at 7:59 AM, Josh Sokol <josh.sokol at owasp.org 
> <mailto:josh.sokol at owasp.org>> wrote:
>
>> Ahhh, so this is something personal against me because I won't agree 
>> that it makes sense to lower the bar for attendance?  Let's call a 
>> spade a spade, Fabio.
>>
>> These are two completely separate issues.  The Board attendance is 
>> one that ensures that you are at the meetings and actively engaged in 
>> the discussion and voting.  This is your FIDUCIARY RESPONSIBILITY AS 
>> A BOARD MEMBER.  Meeting in-person has no effect on whether you are 
>> performing your Board duties.  It's a nice thing. And, engaging with 
>> the community has NOTHING to do with attending a Board meeting 
>> in-person.  It has to do with being present while other members of 
>> our community are present.  Our community extends well beyond those 
>> present at AppSecUSA or AppSecEU.  That is an EXTREMELY narrow-minded 
>> viewpoint.  In fact, I would go so far as to argue that there are 
>> more members of our community that were at BlackHat than at either 
>> AppSec conference. Nothing against AppSec, it's a great conference, I 
>> even ran one, but they're limited in appeal and in those who attend.
>>
>> ~josh
>>
>> On Wed, Aug 26, 2015 at 8:45 AM, Fabio Cerullo <fcerullo at owasp.org 
>> <mailto:fcerullo at owasp.org>> wrote:
>>
>>     Guys,
>>
>>     My take on the 75% percent is that in the same fashion that US
>>     Board members could attend meetings comfortably during the day it
>>     is unfair to request other non-US Board members to attend
>>     meetings in the middle of the night. And then ask for a vote of
>>     CONFIDENCE if you go below that bar. Josh, in the same fashion
>>     that you object cannot attend meetings in person due to family
>>     reasons I think is unfair for you to request other Board members
>>     to make family sacrifices or deprive them from sleep.
>>
>>     Here is the 2015 schedule for past/upcoming Board meetings…
>>     almost all of them are early afternoon PST (Pacific time):
>>
>>     https://www.owasp.org/index.php/OWASP_Board_Meetings#tab=Agenda_for_2015_Meetings
>>
>>     So my recommendation there is either to make the requirement more
>>     logical for everyone (attendance 50% or lower) or change the
>>     wording so the vote of CONFIDENCE is not mandatory.
>>
>>     Regarding the attendance in person… my suggestion is to require
>>     OWASP Board members to attend in-person at least ONE meeting a
>>     year and engage with the Global OWASP community.
>>
>>     I don’t believe there is a requirement in the Bylaws for OWASP
>>     Board members to attend BlackHat, BSides or other non-OWASP events.
>>
>>     Thanks,
>>
>>     Fabio Cerullo
>>     Global Board Member
>>     OWASP Foundation
>>     https://www.owasp.org
>>     Join me at AppSecUSA 2015 <https://2015.appsecusa.org> in
>>     San Francisco!
>>
>>>     On 26 Aug 2015, at 13:53, Jim Manico <jim.manico at owasp.org
>>>     <mailto:jim.manico at owasp.org>> wrote:
>>>
>>>     Josh,
>>>
>>>     +1 on both accounts. I am personally very grateful for your many
>>>     and regular contributions on the board, even when we disagree on
>>>     occasion. I think you handle conflict extremely well and I
>>>     appreciate your strong sense of ethics.
>>>
>>>     Keep on rockin' in the free world.
>>>
>>>     Aloha,
>>>     Jim
>>>
>>>     On 8/26/15 7:13 AM, Josh Sokol wrote:
>>>>     Fabio,
>>>>
>>>>     I did not express any concern about the 75% requirement.  I
>>>>     think it is a very reasonable expectation to have a Board
>>>>     member not miss more than 3 meetings a year.  Even that number
>>>>     seems high to me.  I don't see any issue if Michael or Andrew
>>>>     were to trigger a vote of confidence if they were to miss
>>>>     another meeting.  In all likelihodd, if that were to happen, we
>>>>     would just handle it exactly as we handled your situation.  We
>>>>     recognize contributions outside of the meetings and move on. 
>>>>     That said, if a Board member got elected, and simply wasn't
>>>>     attending meetings, or wasn't putting in any effort, would you
>>>>     really want to wait longer than 3 months to have the OPTION to
>>>>     remove them?  This process is working exactly as it was
>>>>     designed to.  Why would we want to change it all of a sudden
>>>>     now that someone was falling below the bar?
>>>>
>>>>     With respect to changing the in-person Board meeting
>>>>     requirements, I strongly object. I was the one who petitioned
>>>>     the Board to have this requirement changed from MUST to SHOULD
>>>>     in the first place.  While my family and work obligations make
>>>>     travel quite difficult for me, I don't think it has sacrificed
>>>>     my participation in the Board at all.  And in terms of
>>>>     interaction with the community, I was out at both BSides Las
>>>>     Vegas and BlackHat where OWASP had a presence at both.  Were
>>>>     you?  I participate in the MONTHLY OWASP Austin chapter
>>>>     meetings, MONTHLY happy hours, and LASCON.  I attend many other
>>>>     local and regional security events such as BSides Austin and
>>>>     HouSecCon.  So, there are MANY other ways for a Board member to
>>>>     meet with the community, talk about their needs, and help them
>>>>     progress their projects without an in-person Board meeting. 
>>>>     With OWASP having a highly-distributed global Board, and in
>>>>     this age of technology, the idea that we all have to be in the
>>>>     same place to get something done is ludicrous.  Is it more
>>>>     ideal? Absolutely.  Should it be a requirement?  Absolutely not.
>>>>
>>>>     ~josh
>>>>
>>>>     On Tue, Aug 25, 2015 at 5:08 AM, Fabio Cerullo
>>>>     <fcerullo at owasp.org <mailto:fcerullo at owasp.org>> wrote:
>>>>
>>>>         Bill,
>>>>
>>>>         Thanks for updating the wording in the clause below. I have
>>>>         some comments regarding the 75% attendance requirement.
>>>>
>>>>         Besides Josh, several board members already expressed a
>>>>         concern about this requirement and are willing to
>>>>         lower/eliminate it.
>>>>
>>>>         Just to give you an example: Michael and Andrew will
>>>>         trigger a vote of CONFIDENCE if they miss another meeting
>>>>         during the calendar year.
>>>>
>>>>         https://docs.google.com/spreadsheets/d/1wpaOCBP-qrnde0sLiglDMJOUCtse6oB-zf3ONCkWgZk/edit?pli=1#gid=6
>>>>
>>>>         I think that is counterproductive and will send us in a
>>>>         spiral of votes of CONFIDENCE at every Board meeting. I
>>>>         would suggest to lower that requirement or NOT making the
>>>>         vote of CONFIDENCE a requirement for meetings attendance.
>>>>         The vote of CONFIDENCE should be a mechanism to expel a
>>>>         Board member if they don’t fulfil their duties, misbehave
>>>>         with other members/staff of the community, or they
>>>>         significantly do not show up at the Board meetings (e.g.
>>>>         attendance less than 50%).
>>>>
>>>>         Also, I believe the requirement to meet in person is quite
>>>>         vague as per current statement below. I attended all in
>>>>         person meetings at AppSec USA & AppSec EU and think they
>>>>         are very valuable. You have a chance to meet with the
>>>>         community, talk about their needs, help them progress their
>>>>         projects, and meet face-to-face with your fellow Board
>>>>         members. So if we are going to change the Bylaws, I think
>>>>         we need to put a requirement for Board members to meet in
>>>>         person at least ONCE a year. I will appreciate your
>>>>         feedback and from the rest of the Governance list regarding
>>>>         this matter.
>>>>>
>>>>>         Attendance in person or virtually by board members is
>>>>>         required at no less than 75% of the total meetings each
>>>>>         year and *shall be highly encouraged to meet in person at
>>>>>         least once annually* at a date to be announced and agreed
>>>>>         upon.
>>>>>
>>>>         Thanks,
>>>>
>>>>         Fabio Cerullo
>>>>         Global Board Member
>>>>         OWASP Foundation
>>>>         https://www.owasp.org <https://www.owasp.org/>
>>>>         Join me at AppSecUSA 2015 <https://2015.appsecusa.org/> in
>>>>         San Francisco!
>>>>
>>>>>         On 25 Aug 2015, at 10:22, Bil Corry <bil.corry at owasp.org
>>>>>         <mailto:bil.corry at owasp.org>> wrote:
>>>>>
>>>>>         Hi Josh,
>>>>>
>>>>>         Tabulation is described as thus (emphasis is mine):
>>>>>
>>>>>         "Attendance is tabulated after every scheduled meeting for
>>>>>         the purpose of determining if the 75% attendance
>>>>>         requirement has been met, and the tabulation is *based
>>>>>         upon the entire calendar year.*"
>>>>>
>>>>>         That means if there are 12 meetings during the year and
>>>>>         you miss the first meeting, your attendance is 11/12 or
>>>>>         92%. No vote required.
>>>>>
>>>>>         As far as your other concerns, I've updated the text
>>>>>         below, hopefully I've covered it all?  I pulled deadlines
>>>>>         out of thin air, so feel free to tweak the numbers and
>>>>>         method of voting.
>>>>>
>>>>>
>>>>>         *SECTION 3.03 Regular Meetings.* The Board of Directors
>>>>>         shall have regular meetings as needed.  A link to the
>>>>>         board meeting agenda’s and the historical minutes is here:
>>>>>         https://www.owasp.org/index.php/OWASP_Board_Meetings.
>>>>>          Meetings shall be at such dates, times, and places as the
>>>>>         Board shall determine in December of the preceding year
>>>>>         and as amended by the Board. In no event will there be
>>>>>         less than one meeting per quarter. These meetings will be
>>>>>         open to public attendance, however, certain portions of
>>>>>         the meeting may be closed to board members and their
>>>>>         delegates when required for legal reasons, or to shield
>>>>>         liability, or to handle personnel issues, or similar.
>>>>>         Attendance in person or virtually by board members is
>>>>>         required at no less than 75% of the total meetings each
>>>>>         year and shall be highly encouraged to meet in person at
>>>>>         least once annually at a date to be announced and agreed
>>>>>         upon. Attendance is tabulated by the Executive Director or
>>>>>         delegate within seven days after every scheduled meeting
>>>>>         for the purpose of determining if the 75% attendance
>>>>>         requirement has been met, and the tabulation is based upon
>>>>>         the entire calendar year. Cancelled meetings are
>>>>>         considered attended for the purposes of the tabulation.
>>>>>         Failure by a board member to meet the 75% attendance
>>>>>         requirement after any tabulation will cause a mandatory
>>>>>         vote of confidence by the remaining board members, whose
>>>>>         votes will be publicly recorded.  The vote of confidence
>>>>>         is to take place within 21 days, but not sooner than 7
>>>>>         days, of notification by the Executive Director or
>>>>>         delegate that a board member has not met the attendance
>>>>>         threshold. During the first seven days, the board member
>>>>>         in question will have an opportunity to make their case to
>>>>>         their fellow board members.  The vote of confidence will
>>>>>         take place on the OWASP Board of Directors email list,
>>>>>         unless the Board votes to review the matter at their next
>>>>>         meeting, so long as the next meeting occurs within the
>>>>>         21-day window.  An overall vote of "confidence" is record
>>>>>         if half or more of the board members vote for it and it
>>>>>         will prevent further votes of confidence for the remainder
>>>>>         of the year so long as the board member in question does
>>>>>         not miss any further meetings.  An overall vote of "no
>>>>>         confidence" is recorded if more than half of the board
>>>>>         members vote for it, which causes the board member in
>>>>>         question to be instantly removed from their seat on the
>>>>>         board. Vacancies on the board are handled as per Section 3.10.
>>>>>
>>>>>         _
>>>>>         _
>>>>>
>>>>>
>>>>>         2 OWASP Board of Directors will hold quarterly board
>>>>>         meetings lasting 4­6 hours each. The schedule of meetings
>>>>>         will be set by the board in December before the year. It
>>>>>         is likely the the board meetings will take place on
>>>>>         Saturdays or on a dedicated day before a large OWASP
>>>>>         conference. This change is a result of the success of the
>>>>>         longer format board meeting and also a result of the
>>>>>         Executive Director role that has enabled full time
>>>>>         involvement and focus on OWASP operations. Board members
>>>>>         must attend (in person or virtually) 3 of the 4 meetings
>>>>>         to fulfill the attendance requirements. This will take
>>>>>         effect in January, 2014. Changes passed August 19, 2013.
>>>>>
>>>>>         3 “and shall be highly encouraged to meet in person at
>>>>>         least once annually at a date to be announced and agreed
>>>>>         upon” amendment to document passed June 10, 2013.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>         - Bil
>>>>>
>>>>>
>>>>>         On Mon, Aug 24, 2015 at 2:31 PM, Josh Sokol
>>>>>         <josh.sokol at owasp.org <mailto:josh.sokol at owasp.org>> wrote:
>>>>>
>>>>>             Bil,
>>>>>
>>>>>             I initiated a Board vote on the new text that you had
>>>>>             proposed back in April or May this year and the Board
>>>>>             unanimously voted to approve.  Paul has been working
>>>>>             to try to identify all of the changes that have been
>>>>>             made (there's only been one or two this year) in order
>>>>>             to get a new version of the Bylaws on the website.
>>>>>             Regardless, the one that is there is definitely
>>>>>             out-of-date.
>>>>>
>>>>>             With respect to your update, thank you, I was thinking
>>>>>             something similar as well, but this doesn't address a
>>>>>             few of my bullet points:
>>>>>
>>>>>               * The method of tabulation is unspecified. If we are
>>>>>                 tabulating sequentially, then we have a situation
>>>>>                 where if a Board member missed their first
>>>>>                 meeting, a vote is required to be held for three
>>>>>                 tabulations (0%, 50%, and 66%) until they make it
>>>>>                 up over 75%. I am guessing that the intent is for
>>>>>                 this to be tabulated assuming attendance for all
>>>>>                 future meetings and action would be taken if the
>>>>>                 person would be unable to maintain 75% attendance,
>>>>>                 but if anyone disagrees and has a different
>>>>>                 interpretation, please let me know.
>>>>>               * The timeframe for the vote is unspecified. It just
>>>>>                 says that it will cause a mandatory vote of
>>>>>                 confidence, but never says when that vote is
>>>>>                 supposed to take place or who is supposed to
>>>>>                 initiate it. Is it to be handled immediately at
>>>>>                 the time of tabulation? Is it handled offline over
>>>>>                 e-mail as we recently did? Is it handled at the
>>>>>                 next Board meeting? Based on the current verbiage,
>>>>>                 technically the Board could drag it's heels on it
>>>>>                 indefinitely. I would think that something
>>>>>                 reasonable would be having the vote initiated by
>>>>>                 our Executive Director within two weeks of the
>>>>>                 tabulation that found them to be not meeting their
>>>>>                 attendance requirements. If there is a Board
>>>>>                 meeting during that window, then it could be
>>>>>                 handled then, or handled via the mailing list
>>>>>                 otherwise. That provides time to handle the
>>>>>                 situation and removes any Board member bias from
>>>>>                 the initiation of the vote.
>>>>>               * This does not offer the offender an opportunity to
>>>>>                 explain why they failed to meet their attendance
>>>>>                 requirement. I think that a reasonable process
>>>>>                 would assume that there is a rational explanation
>>>>>                 for why they did not attend.  Maybe it's because
>>>>>                 all of the meetings were being held at 2 AM in
>>>>>                 their timezone. Maybe it's because of a death in
>>>>>                 the family.  I think this process should take the
>>>>>                 personal factor into consideration.
>>>>>
>>>>>             Would you care to take a stab at addressing these?  If
>>>>>             not, I can certainly take a shot at it as well.
>>>>>
>>>>>             ~josh
>>>>>
>>>>>
>>>>>             On Mon, Aug 24, 2015 at 2:07 AM, Bil Corry
>>>>>             <bil.corry at owasp.org <mailto:bil.corry at owasp.org>> wrote:
>>>>>
>>>>>                 Hi Josh,
>>>>>
>>>>>                 The current bylaw I see is from last year, which
>>>>>                 doesn't have the text you quoted. It's here:
>>>>>
>>>>>                 https://www.owasp.org/index.php/OWASP_Foundation_ByLaws
>>>>>
>>>>>                 I know we discussed changing the bylaws, but I
>>>>>                 don't know what was ultimately adopted. FWIW, this
>>>>>                 is the wording from last proposed text, which is
>>>>>                 very clear on how tabulation is calculated,
>>>>>                 although it doesn't give strict time limes for
>>>>>                 tabulation and confidence voting.  The thought was
>>>>>                 to allow the Board some flexibility in how they
>>>>>                 want to execute it.  But if you'd like it to be
>>>>>                 formally incorporated into the bylaws, then please
>>>>>                 proposed some text.
>>>>>
>>>>>
>>>>>                 *SECTION 3.03 Regular Meetings.* The Board of
>>>>>                 Directors shall have regular meetings as needed. 
>>>>>                 A link to the board meeting agenda’s and the
>>>>>                 historical minutes is here:
>>>>>                 https://www.owasp.org/index.php/OWASP_Board_Meetings.
>>>>>                  Meetings shall be at such dates, times, and
>>>>>                 places as the Board shall determine in December of
>>>>>                 the preceding year and as amended by the Board. In
>>>>>                 no event will there be less than one meeting per
>>>>>                 quarter. These meetings will be open to public
>>>>>                 attendance, however, certain portions of the
>>>>>                 meeting may be closed to board members  and their
>>>>>                 delegates when required for legal reasons, or to
>>>>>                 shield liability, or to handle personnel issues,
>>>>>                 or similar. Attendance in person or virtually by
>>>>>                 board members is required at no less than 75% of
>>>>>                 the total meetings each year and shall be highly
>>>>>                 encouraged to meet in person at least once
>>>>>                 annually at a date to be announced and agreed
>>>>>                 upon. Attendance is tabulated after every
>>>>>                 scheduled meeting for the purpose of determining
>>>>>                 if the 75% attendance requirement has been met,
>>>>>                 and the tabulation is based upon the entire
>>>>>                 calendar year. Cancelled meetings are considered
>>>>>                 attended for the purposes of the tabulation.
>>>>>                 Failure by a board member to meet the 75%
>>>>>                 attendance requirement after any tabulation will
>>>>>                 cause a mandatory vote of confidence by the
>>>>>                 remaining board members, whose votes will be
>>>>>                 publicly recorded.  An overall vote of "no
>>>>>                 confidence" is recorded if half or more of the
>>>>>                 board members vote for it, which causes the board
>>>>>                 member in question to be instantly removed from
>>>>>                 their seat on the board. Vacancies on the board
>>>>>                 are handled as per Section 3.10.
>>>>>
>>>>>
>>>>>
>>>>>                 2 OWASP Board of Directors will hold quarterly
>>>>>                 board meetings lasting 4­6 hours each. The
>>>>>                 schedule of meetings will be set by the board in
>>>>>                 December before the year. It is likely the the
>>>>>                 board meetings will take place on Saturdays or on
>>>>>                 a dedicated day before a large OWASP conference.
>>>>>                 This change is a result of the success of the
>>>>>                 longer format board meeting and also a result of
>>>>>                 the Executive Director role that has enabled full
>>>>>                 time involvement and focus on OWASP operations.
>>>>>                 Board members must attend (in person or virtually)
>>>>>                 3 of the 4 meetings to fulfill the attendance
>>>>>                 requirements. This will take effect in January,
>>>>>                 2014. Changes passed August 19, 2013.
>>>>>
>>>>>                 3 “and shall be highly encouraged to meet in
>>>>>                 person at least once annually at a date to be
>>>>>                 announced and agreed upon” amendment to document
>>>>>                 passed June 10, 2013.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>                 - Bil
>>>>>
>>>>>
>>>>>                 On Sat, Aug 22, 2015 at 6:01 PM, Josh Sokol
>>>>>                 <josh.sokol at owasp.org
>>>>>                 <mailto:josh.sokol at owasp.org>> wrote:
>>>>>
>>>>>                     Board,
>>>>>
>>>>>                     As recently discussed and voted on in a
>>>>>                     separate thread, our current Bylaws state as
>>>>>                     follows:
>>>>>
>>>>>                     /Failure by a board member to meet the 75%
>>>>>                     attendance requirement after any tabulation
>>>>>                     will cause a mandatory vote of confidence by
>>>>>                     the remaining board members, whose votes will
>>>>>                     be publicly recorded.  An overall vote of "no
>>>>>                     confidence" is recorded if half or more of the
>>>>>                     board members vote for it, which causes the
>>>>>                     board member in question to be instantly
>>>>>                     removed from their seat on the board./
>>>>>
>>>>>                     I see a few issues with this:
>>>>>
>>>>>                       * The timeframe that this applies to is
>>>>>                         unspecified. Is it per quarter?  Per
>>>>>                         calendar year?  Over the two year duration
>>>>>                         of a Board member term?  Over the
>>>>>                         cumulative time that a Board member is in
>>>>>                         office? I'm guessing that the intent is
>>>>>                         for this to be over the calendar year, but
>>>>>                         if anyone disagrees and has a different
>>>>>                         interpretation, please let me know.
>>>>>                       * The definition of "tabulation" is
>>>>>                         unspecified. Who is doing the tabulation?
>>>>>                         Is there a certain time that this
>>>>>                         tabulation is conducted? I'm guessing that
>>>>>                         the intent is for this to be based on the
>>>>>                         attendance role that is captured during
>>>>>                         the Board meeting, but if anyone disagrees
>>>>>                         and has a different interpretation, please
>>>>>                         let me know.
>>>>>                       * The method of tabulation is unspecified.
>>>>>                         If we are tabulating sequentially, then we
>>>>>                         have a situation where if a Board member
>>>>>                         missed their first meeting, a vote is
>>>>>                         required to be held for three tabulations
>>>>>                         (0%, 50%, and 66%) until they make it up
>>>>>                         over 75%. I am guessing that the intent is
>>>>>                         for this to be tabulated assuming
>>>>>                         attendance for all future meetings and
>>>>>                         action would be taken if the person would
>>>>>                         be unable to maintain 75% attendance, but
>>>>>                         if anyone disagrees and has a different
>>>>>                         interpretation, please let me know.
>>>>>                       * The timeframe for the vote is unspecified.
>>>>>                         It just says that it will cause a
>>>>>                         mandatory vote of confidence, but never
>>>>>                         says when that vote is supposed to take
>>>>>                         place or who is supposed to initiate it.
>>>>>                         Is it to be handled immediately at the
>>>>>                         time of tabulation? Is it handled offline
>>>>>                         over e-mail as we recently did? Is it
>>>>>                         handled at the next Board meeting? Based
>>>>>                         on the current verbiage, technically the
>>>>>                         Board could drag it's heels on it
>>>>>                         indefinitely. I would think that something
>>>>>                         reasonable would be having the vote
>>>>>                         initiated by our Executive Director within
>>>>>                         two weeks of the tabulation that found
>>>>>                         them to be not meeting their attendance
>>>>>                         requirements. If there is a Board meeting
>>>>>                         during that window, then it could be
>>>>>                         handled then, or handled via the mailing
>>>>>                         list otherwise. That provides time to
>>>>>                         handle the situation and removes any Board
>>>>>                         member bias from the initiation of the vote.
>>>>>                       * This does not offer the offender an
>>>>>                         opportunity to explain why they failed to
>>>>>                         meet their attendance requirement. I think
>>>>>                         that a reasonable process would assume
>>>>>                         that there is a rational explanation for
>>>>>                         why they did not attend.  Maybe it's
>>>>>                         because all of the meetings were being
>>>>>                         held at 2 AM in their timezone. Maybe it's
>>>>>                         because of a death in the family.  I think
>>>>>                         this process should take the personal
>>>>>                         factor into consideration.
>>>>>
>>>>>                     With the above in mind, I don't see a reason
>>>>>                     to lower the bar from 75%.  My thinking is
>>>>>                     that this is a reasonable expectation to have
>>>>>                     of a Board member with all things being
>>>>>                     equal.  It may not be the best measure of
>>>>>                     engagement, but it is still a responsibility
>>>>>                     that all Board members are aware of going into
>>>>>                     it, and I am not aware of it having been an
>>>>>                     issue in the past (until now), so I'm not sure
>>>>>                     why we would change it now that one Board
>>>>>                     member had a vote initiated for it.  I would
>>>>>                     propose that we update the language in order
>>>>>                     to better clarify my bullet points above, but
>>>>>                     leave the requirement itself in place.  Please
>>>>>                     provide your thoughts regarding each of these
>>>>>                     bullet points (or any other issues that you
>>>>>                     think need to be addressed here).  Once we
>>>>>                     have some level of agreement with these, I can
>>>>>                     take the action item of re-writing this
>>>>>                     section of the Bylaws in order to incorporate
>>>>>                     these changes. Thanks.
>>>>>
>>>>>                     ~josh
>>>>>
>>>>>
>>>>>                     _______________________________________________
>>>>>                     Owasp-board mailing list
>>>>>                     Owasp-board at lists.owasp.org
>>>>>                     <mailto:Owasp-board at lists.owasp.org>
>>>>>                     https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>         _______________________________________________
>>>>>         Governance mailing list
>>>>>         Governance at lists.owasp.org <mailto:Governance at lists.owasp.org>
>>>>>         https://lists.owasp.org/mailman/listinfo/governance
>>>>
>>>>
>>>>
>>>>
>>>>     _______________________________________________
>>>>     Governance mailing list
>>>>     Governance at lists.owasp.org  <mailto:Governance at lists.owasp.org>
>>>>     https://lists.owasp.org/mailman/listinfo/governance
>>>
>>>     -- 
>>>     Jim Manico
>>>     Global Board Member
>>>     OWASP Foundation
>>>     https://www.owasp.org  <https://www.owasp.org/>
>>>     Join me at AppSecUSA 2015!
>>
>>
>> _______________________________________________
>> Governance mailing list
>> Governance at lists.owasp.org <mailto:Governance at lists.owasp.org>
>> https://lists.owasp.org/mailman/listinfo/governance
>
>
> _______________________________________________
> Governance mailing list
> Governance at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/governance

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/governance/attachments/20150830/95341104/attachment-0001.html>


More information about the Governance mailing list