[Owasp-board] Whistleblower and Antiretaliation Policy - v2

Josh Sokol josh.sokol at owasp.org
Fri Nov 1 22:27:21 UTC 2013

In general I agree with this policy.  A couple of comments:

1) "A Compliance Officer shall be identified by the Board of Directors and
approved by a unanimous vote by January 1, 2013 of each year"

I think this is just an editorial oversight, but we should remove the ",
2013" portion of that sentence.

2) The appendix is oddly organized.  You talk about the possibility of
disciplinary action, then there's what feels like a misplaced link to
"Membership Revocation", then there's the list of what I'd assume is the
actual code of ethics?  Would it maybe make more sense to provide the code
of ethics followed by the possible consequences if found in violation of
the code of ethics?


On Wed, Oct 30, 2013 at 5:51 PM, Sarah Baso <sarah.baso at owasp.org> wrote:

> Board and Governance list -
> There were quite a few comments regarding the compliance officer and
> confidentiality/final reporting of outcome... so I have updated the
> document and would like a final opportunity for comment before a vote by
> the Board.
> https://docs.google.com/a/owasp.org/document/d/1qIMaZK71tlqk5o_CrN4_LOLGO8aUkclfIQ8BA3-wsE8/edit#
> Please submit comments by Friday.
> Thanks
> Sarah Baso
> --
> Executive Director
> OWASP Foundation
> sarah.baso at owasp.org
> +1.312.869.2779
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20131101/e6c22dc6/attachment-0001.html>

More information about the Owasp-board mailing list