From zoe.braiterman at owasp.org Wed Sep 26 03:54:28 2018 From: zoe.braiterman at owasp.org (Zoe Braiterman) Date: Tue, 25 Sep 2018 23:54:28 -0400 Subject: [Governance] Addressing BoD decision for WIA Committee without consulting the WIA Committee In-Reply-To: References: Message-ID: Hi Bil, I'd like to clarify the following based on your response, on which I encourage feedback from WIA Committee Officers and members (again, included in this email): 1) Proposing changes to the OWASP Committees 2.0 Operational Model would be counterproductive in expressing my concerns, although I still include the OWASP Governance mailing list (governance at lists.owasp.org) in this email at your suggestion. I remind you and everyone included in this email of the context of the OWASP Committees 2.0 Operational Model, under which the OWASP Women in AppSec Committee is governed: a) On July 16, 2014, the BoD passed the OWASP Committees 2.0 Operational Model to enable an OWASP Committee to make decisions among the members of the committee, independently from the OWASP BoD. From my perspective, there appears to be an ongoing misunderstanding of the intentions behind and value of the OWASP Committees 2.0 Operational Model. b) Section VII of the OWASP Committees 2.0 Operational Model ( https://www.owasp.org/index.php/Governance/OWASP_Committees#VII._OWASP_Board_Participation) explicitly states the following regarding its purpose to limit the decision rights of the few (7 listed at the moment: https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Code_of_Ethics) OWASP BoD members: "Members of the OWASP Board of Directors are allowed to become committee members, but participate as normal committee members with no special powers either expressed or implied. While Board member participation in committees is encouraged, Board members must refrain from taking an active leadership role for the committee." 2) I'd like note the possible flaw and possible conflict of interest (in my opinion) that, of the 3 OWASP Compliance Committee members, Richard Greenberg, Fiona Collins and Bil Corry (yourself), you were the one to respond to my expressing my concerns, considering that you are an OWASP BoD candidate ( https://www.owasp.org/index.php/2018_Global_Board_of_Directors_Election). I would therefore like to get input from Richard (although he's also a BoD candidate) and Fiona, in effort to receive fully representative feedback. 3) I make it a point to continue the discussion by email, rather than the BoD call (not a WIA Committee call) to best continue to facilitate feedback among WIA members and Officers as I voice my concerns based on my disappointment, given the relevant facts I mention. Again, I encourage feedback from any WIA Committee Officers and members, included in this thread. Best, Zoe On Tue, Sep 25, 2018 at 7:41 PM Bil Corry wrote: > Hi Zoe, > > Section 3.01 of the Foundation Bylaws provides the Board of Directors with > broad authority to manage the business and affairs of the Foundation. The > OWASP Committees 2.0 was created by the Board to empower the members of > OWASP to make decisions and act, it wasn't designed to remove power from > the Board. It's my belief the Board has acted within their authority. If > you disagree, I suggest raising the issue on the OWASP Governance List: > > https://lists.owasp.org/mailman/listinfo/governance > > Additionally, if you believe Bev Corwin should be reinstated, and/or if > you wish to modify the Committees 2.0 charter to limit the Board's power to > act, then you should request to be added to the agenda of the next Board > meeting and ask them to vote for those changes. > > > Best regards, > > - Bil > > > On Sun, Sep 23, 2018 at 5:26 PM Zoe Braiterman > wrote: > >> Dear OWASP Compliance Committee, >> >> >> I?d like you address the issue that the OWASP BoD?s decision to remove >> Bev Corwin from participation in the WIA Committee, without consulting WIA >> Committee Officers or members. Making decisions for WIA without consulting >> WIA is a violation of the OWASP Committees 2.0 Operational Model ( >> https://www.owasp.org/index.php/Governance/OWASP_Committees) under which >> the WIA Committee is set to be governed. >> >> >> I?ve already notified each WIA Officer by email to express how the OWASP >> BoD has overstepped their boundaries. >> >> >> Sincerely, >> >> Zoe >> -- >> *Zoe Braiterman* >> Chair, OWASP Women in AppSec (WIA) Committee - wia at owasp.org >> Vice Chair, OWASP NIST NSTIC IDESG (NNI) Initiative >> Learning Lead, OWASP Mentors Initiative & Learning Gateway Project >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "OWASP Governance - Compliance / Whistleblower Committee" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to compliance+unsubscribe at owasp.org. >> To post to this group, send email to compliance at owasp.org. >> To view this discussion on the web visit >> https://groups.google.com/a/owasp.org/d/msgid/compliance/CAM%3DttPKYgbGXsFYWb8SrAcUfu7_HDh%2B67E4mNLmt-Lni7L533g%40mail.gmail.com >> >> . >> > -- *Zoe Braiterman* Chair, OWASP Women in AppSec (WIA) Committee - wia at owasp.org Vice Chair, OWASP NIST NSTIC IDESG (NNI) Initiative Learning Lead, OWASP Mentors Initiative & Learning Gateway Project -------------- next part -------------- An HTML attachment was scrubbed... URL: