[Owasp-board] [Governance] Conflict of Interest Policy - VOTE requested

Sarah Baso sarah.baso at owasp.org
Mon Nov 4 17:28:57 UTC 2013


It was for emphasis - I see your (implied) point though that they are not
necessary and will remove.


On Mon, Nov 4, 2013 at 8:46 AM, Josh Sokol <josh.sokol at owasp.org> wrote:

> Why is "cause" in quotation marks?
>
> ~josh
>
>
> On Sun, Nov 3, 2013 at 6:21 PM, Sarah Baso <sarah.baso at owasp.org> wrote:
>
>> Josh -
>> Thank you for the thoughtful review and comments.
>>
>> 1. I have revised and added the clarification
>> "Each member of the board of directors and employees of the Foundation
>> has a duty of loyalty to the Foundation.  The duty of loyalty generally
>> requires a director or employee to prefer the interests of the Foundation
>> over the director’s/employee’s interest or the interests of others when making
>> decisions affecting the organization."
>>
>> 2. I think it is impractical to think all the possible violations and
>> possible ramifications for different situations and this will likely be on
>> a case by case basis. I have revised to include the most severe
>> consequences though.
>>
>> If, after hearing the member’s response and after making further
>> investigation as warranted by the circumstances, the governing board or
>> committee determines the member has failed to disclose an actual or
>> possible conflict of interest, it shall take appropriate disciplinary and
>> corrective action. The violation of this Conflicts of Interest policy is
>> a serious matter and may constitute "cause" for removal from the Board,
>> termination of employment, and/or  the termination of any contractual
>> relationship the Foundation may have with an Interested Person or other
>> party.
>>
>> 3. I have added a statement about third party disclosure - the
>> determination of whether the disclosure exists, procedures for addressing a
>> conflict, and violation for failure to disclose should apply the same.
>>
>> Board members, employees, community members, or other third parties are
>> encouraged to notify the board any any undisclosed financial interest or
>> other conflict of interest by a board member or employee including material
>> facts supporting the conflict.
>>
>> Regards,
>> Sarah
>>
>>
>>
>> On Thu, Oct 31, 2013 at 12:39 PM, Josh Sokol <josh.sokol at owasp.org>wrote:
>>
>>> I've got a couple of comments on this policy:
>>>
>>> 1) "Each member of the board of directors and employees of the
>>> Foundation has a duty of loyalty to the Foundation.  The duty of loyalty
>>> generally requires a director or employee to prefer the interests of the
>>> Foundation over the director’s/employee’s interest or the interests of
>>> others."
>>>
>>> Is it reasonable to assume that a Director should prefer the interests
>>> of the Foundation over any other interests?  Personally, I don't think so,
>>> and it really shouldn't matter as far as this document goes.  The idea is
>>> to expose and isolate these conflicts so that they do not affect our
>>> decisions, not to tell people to whom their loyalties should lie.
>>>
>>> 2) "If, after hearing the member’s response and after making further
>>> investigation as warranted by the circumstances, the governing board or
>>> committee determines the member has failed to disclose an actual or
>>> possible conflict of interest, it shall take appropriate disciplinary and
>>> corrective action."
>>>
>>> What is an "appropriate disciplinary and corrective action"?  Removal
>>> from the meeting?  From the Board?  Spankings?  I don't think that we
>>> should leave this as vague as it currently is.
>>>
>>> 3) While the document does a good job of addressing self-disclosure of a
>>> conflict of interest, I don't think I saw anywhere in it where it specifies
>>> the process for a third-party disclosure.  If I think that Jim has a
>>> conflict on a vote, but he has not disclosed it, what is the proper channel
>>> for me to disclose that?  How is that handled?
>>>
>>> Thanks!
>>>
>>> ~josh
>>>
>>>
>>> On Thu, Oct 31, 2013 at 11:52 AM, Eoin Keary <eoin.keary at owasp.org>wrote:
>>>
>>>> No it's in ref to the grants.
>>>>
>>>> Eoin Keary
>>>> Owasp Global Board
>>>> +353 87 977 2988
>>>>
>>>>
>>>> On 31 Oct 2013, at 15:07, Sarah Baso <sarah.baso at owasp.org> wrote:
>>>>
>>>> Eoin- is this in reference to the conflict of interest policy? If not
>>>> can you try to keep the discussion on the applicable thread?
>>>>
>>>> Thanks
>>>>
>>>> Sarah Baso
>>>>
>>>> On Oct 31, 2013, at 2:13 AM, Eoin Keary <eoin.keary at owasp.org> wrote:
>>>>
>>>> Question:
>>>> If a project has funding but is terminated have we documented what
>>>> happens in such edge cases?
>>>> If a project has surplus funding what happens also?
>>>>
>>>>
>>>> Eoin Keary
>>>> Owasp Global Board
>>>> +353 87 977 2988
>>>>
>>>>
>>>> On 30 Oct 2013, at 23:20, Sarah Baso <sarah.baso at owasp.org> wrote:
>>>>
>>>> Thank you for your comments and questions Bev - the disclosure should
>>>> be covered by the questionnaire at the end of the document and this is to
>>>> set a minimum bar of what is required by Board and Staff.
>>>>
>>>> Sarah
>>>>
>>>>
>>>> On Wed, Oct 30, 2013 at 4:05 PM, Bev Corwin <bev.corwin at owasp.org>wrote:
>>>>
>>>>> Dear Sarah,
>>>>>
>>>>> Thank you. This is very thoughtful, and a well prepared policy
>>>>> document. My questions are in the context of how to define and determine
>>>>> appropriate differences in the understanding and relationships of
>>>>> "disclosure" vs "transparency" vs "privacy" vs "confidentiality"
>>>>> requirements within an open culture such as OWASP? This document
>>>>> specifically mentions "disclosure" however, it does not make mention of
>>>>> transparency, privacy, confidentiality, or explain what "open" specifically
>>>>> means within the larger context of the OWASP organizational culture. What
>>>>> is appropriate disclosure exactly? What is transparency? Is transparency
>>>>> enough? And how does an "open" culture address them in their policies?
>>>>>  Would it be incorrect to assume that they would be similar to more
>>>>> traditional or non "open" non profit organizational cultures? Thank you in
>>>>> advance for your thoughtfulness and consideration.
>>>>>
>>>>> Respectfully submitted,
>>>>> Bev
>>>>>
>>>>>
>>>>>
>>>>> On Wed, Oct 30, 2013 at 6:09 PM, Sarah Baso <sarah.baso at owasp.org>wrote:
>>>>>
>>>>>> Board members -
>>>>>>
>>>>>> I have updated the conflict of interest policy draft, which will
>>>>>> apply to staff and board members, to reflect comments made in the document
>>>>>> and on the governance list.
>>>>>> https://docs.google.com/a/owasp.org/document/d/1IlyfFrlQg0dznJD2MnyAd2njUETVUCiMFuUYxOI8mmQ/edit#
>>>>>>
>>>>>> Thanks to everyone who reviewed and commented.
>>>>>>
>>>>>> I am requesting a vote to approve this policy so we can move forward
>>>>>> with implementation.
>>>>>>
>>>>>> Regards,
>>>>>> Sarah Baso
>>>>>>
>>>>>> --
>>>>>> Executive Director
>>>>>> OWASP Foundation
>>>>>>
>>>>>> sarah.baso at owasp.org
>>>>>> +1.312.869.2779
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Governance mailing list
>>>>>> Governance at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/governance
>>>>>>
>>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Executive Director
>>>> OWASP Foundation
>>>>
>>>> sarah.baso at owasp.org
>>>> +1.312.869.2779
>>>>
>>>>
>>>>
>>>>
>>>>  _______________________________________________
>>>> Owasp-board mailing list
>>>> Owasp-board at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>
>>>>
>>>> _______________________________________________
>>>> Owasp-board mailing list
>>>> Owasp-board at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>
>>>>
>>>
>>
>>
>> --
>> Executive Director
>> OWASP Foundation
>>
>> sarah.baso at owasp.org
>> +1.312.869.2779
>>
>>
>>
>>
>>
>


-- 
Executive Director
OWASP Foundation

sarah.baso at owasp.org
+1.312.869.2779
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20131104/133918fd/attachment-0001.html>


More information about the Owasp-board mailing list