[Owasp-board] [Governance] Conflict of Interest Policy - VOTE requested

Josh Sokol josh.sokol at owasp.org
Fri Nov 1 14:05:32 UTC 2013


Thanks for the link Jim.  The legal fiduciary duty is to act in the
foundations best interest, as opposed to your personal or employers
interest, *when making decisions affecting the organization*.  Maybe it's
implied, but I think that it's a very important thing to distinguish here.

"Each member of the board of directors and employees of the Foundation has
a duty of loyalty to the Foundation.  The duty of loyalty generally
requires a director or employee to prefer the interests of the Foundation
over the director’s/employee’s interest or the interests of others."

I'll give you a contrived example.  My daughter is sick and needs to go to
the hospital, but there's a Board meeting scheduled to start in 5 minutes.
If I prefer the interests of the Foundation over my personal interests,
then I go to the meeting and leave my daughter where she lies.  I know
that's not what's intended here, so I'd propose one minor tweak here:

"Each member of the board of directors and employees of the Foundation has
a duty of loyalty to the Foundation.  The duty of loyalty generally
requires a director or employee to prefer the interests of the Foundation
over the director’s/employee’s interest or the interests of others when
making decisions affecting the organization."

In other words, when you're voting or taking action on behalf of the
Foundation, you should be unbiased by your other interests.  Or if you feel
that your biases would affect your voting or action, then you should
abstain or delegate so as to remove that bias.  Make sense?  As they say,
the devil is in the details.

~josh


On Fri, Nov 1, 2013 at 3:56 AM, Jim Manico <jim.manico at owasp.org> wrote:

> Josh,
>
> #1 Is part of each board members legal fiduciary duty to care for the
> organization. •When acting as a board member of OWASP• it's a legal duty to
> act in the foundations best interest, as opposed to your personal or
> employers interest.
>
>
> http://www.councilofnonprofits.org/files/How%20to%20Be%20Great%20Nonprofit%20Board%20Member.pdf
>
>
> --
> Jim Manico
> @Manicode
> (808) 652-3805
>
> On Oct 31, 2013, at 8:39 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
>
> I've got a couple of comments on this policy:
>
> 1) "Each member of the board of directors and employees of the Foundation
> has a duty of loyalty to the Foundation.  The duty of loyalty generally
> requires a director or employee to prefer the interests of the Foundation
> over the director’s/employee’s interest or the interests of others."
>
> Is it reasonable to assume that a Director should prefer the interests of
> the Foundation over any other interests?  Personally, I don't think so, and
> it really shouldn't matter as far as this document goes.  The idea is to
> expose and isolate these conflicts so that they do not affect our
> decisions, not to tell people to whom their loyalties should lie.
>
> 2) "If, after hearing the member’s response and after making further
> investigation as warranted by the circumstances, the governing board or
> committee determines the member has failed to disclose an actual or
> possible conflict of interest, it shall take appropriate disciplinary and
> corrective action."
>
> What is an "appropriate disciplinary and corrective action"?  Removal from
> the meeting?  From the Board?  Spankings?  I don't think that we should
> leave this as vague as it currently is.
>
> 3) While the document does a good job of addressing self-disclosure of a
> conflict of interest, I don't think I saw anywhere in it where it specifies
> the process for a third-party disclosure.  If I think that Jim has a
> conflict on a vote, but he has not disclosed it, what is the proper channel
> for me to disclose that?  How is that handled?
>
> Thanks!
>
> ~josh
>
>
> On Thu, Oct 31, 2013 at 11:52 AM, Eoin Keary <eoin.keary at owasp.org> wrote:
>
>> No it's in ref to the grants.
>>
>> Eoin Keary
>> Owasp Global Board
>> +353 87 977 2988
>>
>>
>> On 31 Oct 2013, at 15:07, Sarah Baso <sarah.baso at owasp.org> wrote:
>>
>> Eoin- is this in reference to the conflict of interest policy? If not can
>> you try to keep the discussion on the applicable thread?
>>
>> Thanks
>>
>> Sarah Baso
>>
>> On Oct 31, 2013, at 2:13 AM, Eoin Keary <eoin.keary at owasp.org> wrote:
>>
>> Question:
>> If a project has funding but is terminated have we documented what
>> happens in such edge cases?
>> If a project has surplus funding what happens also?
>>
>>
>> Eoin Keary
>> Owasp Global Board
>> +353 87 977 2988
>>
>>
>> On 30 Oct 2013, at 23:20, Sarah Baso <sarah.baso at owasp.org> wrote:
>>
>> Thank you for your comments and questions Bev - the disclosure should be
>> covered by the questionnaire at the end of the document and this is to set
>> a minimum bar of what is required by Board and Staff.
>>
>> Sarah
>>
>>
>> On Wed, Oct 30, 2013 at 4:05 PM, Bev Corwin <bev.corwin at owasp.org> wrote:
>>
>>> Dear Sarah,
>>>
>>> Thank you. This is very thoughtful, and a well prepared policy document.
>>> My questions are in the context of how to define and determine appropriate
>>> differences in the understanding and relationships of "disclosure" vs
>>> "transparency" vs "privacy" vs "confidentiality" requirements within an
>>> open culture such as OWASP? This document specifically mentions
>>> "disclosure" however, it does not make mention of transparency, privacy,
>>> confidentiality, or explain what "open" specifically means within the
>>> larger context of the OWASP organizational culture. What is appropriate
>>> disclosure exactly? What is transparency? Is transparency enough? And how
>>> does an "open" culture address them in their policies?  Would it be
>>> incorrect to assume that they would be similar to more traditional or non
>>> "open" non profit organizational cultures? Thank you in advance for your
>>> thoughtfulness and consideration.
>>>
>>> Respectfully submitted,
>>> Bev
>>>
>>>
>>>
>>> On Wed, Oct 30, 2013 at 6:09 PM, Sarah Baso <sarah.baso at owasp.org>wrote:
>>>
>>>> Board members -
>>>>
>>>> I have updated the conflict of interest policy draft, which will apply
>>>> to staff and board members, to reflect comments made in the document and on
>>>> the governance list.
>>>> https://docs.google.com/a/owasp.org/document/d/1IlyfFrlQg0dznJD2MnyAd2njUETVUCiMFuUYxOI8mmQ/edit#
>>>>
>>>> Thanks to everyone who reviewed and commented.
>>>>
>>>> I am requesting a vote to approve this policy so we can move forward
>>>> with implementation.
>>>>
>>>> Regards,
>>>> Sarah Baso
>>>>
>>>> --
>>>> Executive Director
>>>> OWASP Foundation
>>>>
>>>> sarah.baso at owasp.org
>>>> +1.312.869.2779
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Governance mailing list
>>>> Governance at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/governance
>>>>
>>>>
>>>
>>
>>
>> --
>> Executive Director
>> OWASP Foundation
>>
>> sarah.baso at owasp.org
>> +1.312.869.2779
>>
>>
>>
>>
>>  _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20131101/bc33b7dc/attachment.html>


More information about the Owasp-board mailing list