[Owasp-board] [Governance] Conflict of Interest Policy - VOTE requested

Jim Manico jim.manico at owasp.org
Mon Nov 4 00:32:36 UTC 2013


Yes! http://www.youtube.com/watch?v=dv1kApvEPiY

--
Jim Manico
@Manicode
(808) 652-3805

On Nov 3, 2013, at 5:23 PM, Sarah Baso <sarah.baso at owasp.org> wrote:

Board members -

So far I have a yes from Michael, Seba, and Jim. Can the three of you
re-acknowledge your vote since there were a few small modifications based
on Josh's recommendations?

Eoin/Dave/Tom - A vote from you is kindly requested.

Regards,
Sarah



On Sun, Nov 3, 2013 at 4:21 PM, Sarah Baso <sarah.baso at owasp.org> wrote:

> Josh -
> Thank you for the thoughtful review and comments.
>
> 1. I have revised and added the clarification
> "Each member of the board of directors and employees of the Foundation
> has a duty of loyalty to the Foundation.  The duty of loyalty generally
> requires a director or employee to prefer the interests of the Foundation
> over the director’s/employee’s interest or the interests of others when making
> decisions affecting the organization."
>
> 2. I think it is impractical to think all the possible violations and
> possible ramifications for different situations and this will likely be on
> a case by case basis. I have revised to include the most severe
> consequences though.
>
> If, after hearing the member’s response and after making further
> investigation as warranted by the circumstances, the governing board or
> committee determines the member has failed to disclose an actual or
> possible conflict of interest, it shall take appropriate disciplinary and
> corrective action. The violation of this Conflicts of Interest policy is
> a serious matter and may constitute "cause" for removal from the Board,
> termination of employment, and/or  the termination of any contractual
> relationship the Foundation may have with an Interested Person or other
> party.
>
> 3. I have added a statement about third party disclosure - the
> determination of whether the disclosure exists, procedures for addressing a
> conflict, and violation for failure to disclose should apply the same.
>
> Board members, employees, community members, or other third parties are
> encouraged to notify the board any any undisclosed financial interest or
> other conflict of interest by a board member or employee including material
> facts supporting the conflict.
>
> Regards,
> Sarah
>
>
>
> On Thu, Oct 31, 2013 at 12:39 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
>
>> I've got a couple of comments on this policy:
>>
>> 1) "Each member of the board of directors and employees of the Foundation
>> has a duty of loyalty to the Foundation.  The duty of loyalty generally
>> requires a director or employee to prefer the interests of the Foundation
>> over the director’s/employee’s interest or the interests of others."
>>
>> Is it reasonable to assume that a Director should prefer the interests of
>> the Foundation over any other interests?  Personally, I don't think so, and
>> it really shouldn't matter as far as this document goes.  The idea is to
>> expose and isolate these conflicts so that they do not affect our
>> decisions, not to tell people to whom their loyalties should lie.
>>
>> 2) "If, after hearing the member’s response and after making further
>> investigation as warranted by the circumstances, the governing board or
>> committee determines the member has failed to disclose an actual or
>> possible conflict of interest, it shall take appropriate disciplinary and
>> corrective action."
>>
>> What is an "appropriate disciplinary and corrective action"?  Removal
>> from the meeting?  From the Board?  Spankings?  I don't think that we
>> should leave this as vague as it currently is.
>>
>> 3) While the document does a good job of addressing self-disclosure of a
>> conflict of interest, I don't think I saw anywhere in it where it specifies
>> the process for a third-party disclosure.  If I think that Jim has a
>> conflict on a vote, but he has not disclosed it, what is the proper channel
>> for me to disclose that?  How is that handled?
>>
>> Thanks!
>>
>> ~josh
>>
>>
>> On Thu, Oct 31, 2013 at 11:52 AM, Eoin Keary <eoin.keary at owasp.org>wrote:
>>
>>> No it's in ref to the grants.
>>>
>>> Eoin Keary
>>> Owasp Global Board
>>> +353 87 977 2988
>>>
>>>
>>> On 31 Oct 2013, at 15:07, Sarah Baso <sarah.baso at owasp.org> wrote:
>>>
>>> Eoin- is this in reference to the conflict of interest policy? If not
>>> can you try to keep the discussion on the applicable thread?
>>>
>>> Thanks
>>>
>>> Sarah Baso
>>>
>>> On Oct 31, 2013, at 2:13 AM, Eoin Keary <eoin.keary at owasp.org> wrote:
>>>
>>> Question:
>>> If a project has funding but is terminated have we documented what
>>> happens in such edge cases?
>>> If a project has surplus funding what happens also?
>>>
>>>
>>> Eoin Keary
>>> Owasp Global Board
>>> +353 87 977 2988
>>>
>>>
>>> On 30 Oct 2013, at 23:20, Sarah Baso <sarah.baso at owasp.org> wrote:
>>>
>>> Thank you for your comments and questions Bev - the disclosure should be
>>> covered by the questionnaire at the end of the document and this is to set
>>> a minimum bar of what is required by Board and Staff.
>>>
>>> Sarah
>>>
>>>
>>> On Wed, Oct 30, 2013 at 4:05 PM, Bev Corwin <bev.corwin at owasp.org>wrote:
>>>
>>>> Dear Sarah,
>>>>
>>>> Thank you. This is very thoughtful, and a well prepared policy
>>>> document. My questions are in the context of how to define and determine
>>>> appropriate differences in the understanding and relationships of
>>>> "disclosure" vs "transparency" vs "privacy" vs "confidentiality"
>>>> requirements within an open culture such as OWASP? This document
>>>> specifically mentions "disclosure" however, it does not make mention of
>>>> transparency, privacy, confidentiality, or explain what "open" specifically
>>>> means within the larger context of the OWASP organizational culture. What
>>>> is appropriate disclosure exactly? What is transparency? Is transparency
>>>> enough? And how does an "open" culture address them in their policies?
>>>>  Would it be incorrect to assume that they would be similar to more
>>>> traditional or non "open" non profit organizational cultures? Thank you in
>>>> advance for your thoughtfulness and consideration.
>>>>
>>>> Respectfully submitted,
>>>> Bev
>>>>
>>>>
>>>>
>>>> On Wed, Oct 30, 2013 at 6:09 PM, Sarah Baso <sarah.baso at owasp.org>wrote:
>>>>
>>>>> Board members -
>>>>>
>>>>> I have updated the conflict of interest policy draft, which will apply
>>>>> to staff and board members, to reflect comments made in the document and on
>>>>> the governance list.
>>>>> https://docs.google.com/a/owasp.org/document/d/1IlyfFrlQg0dznJD2MnyAd2njUETVUCiMFuUYxOI8mmQ/edit#
>>>>>
>>>>> Thanks to everyone who reviewed and commented.
>>>>>
>>>>> I am requesting a vote to approve this policy so we can move forward
>>>>> with implementation.
>>>>>
>>>>> Regards,
>>>>> Sarah Baso
>>>>>
>>>>> --
>>>>> Executive Director
>>>>> OWASP Foundation
>>>>>
>>>>> sarah.baso at owasp.org
>>>>> +1.312.869.2779
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Governance mailing list
>>>>> Governance at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/governance
>>>>>
>>>>>
>>>>
>>>
>>>
>>> --
>>> Executive Director
>>> OWASP Foundation
>>>
>>> sarah.baso at owasp.org
>>> +1.312.869.2779
>>>
>>>
>>>
>>>
>>>  _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>>
>>
>
>
> --
> Executive Director
> OWASP Foundation
>
> sarah.baso at owasp.org
> +1.312.869.2779
>
>
>
>
>


-- 
Executive Director
OWASP Foundation

sarah.baso at owasp.org
+1.312.869.2779




 _______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20131103/8e5ee38f/attachment-0001.html>


More information about the Owasp-board mailing list