[Owasp-board] OWASP Whistleblower Policy Updates

Josh Sokol josh.sokol at owasp.org
Mon Dec 8 20:08:21 UTC 2014


All,

I have added the revised Whistleblower Policy to the OWASP Board Meeting
agenda this week.  I made a minor change based on Andrew's suggestion, but
otherwise it is the same policy that I sent out mid-November.  There were a
couple questions around confidentiality and time to resolution that we can
discuss during the meeting, but my general gut is that the policy is
sufficient as written and can be tweaked further, later, should the need
arise.  There was also a suggestion for a committee, which I agree is a
good approach, but we have yet to have an official committee proposal for
this and I don't want to continue to hold on this policy until we do.  We
can make modifying the policy part of the responsibility of a committee
should someone initiate one.  This has been a lengthy process and I would
like to see us bring some closure here before the end of the year.  Thanks!

https://docs.google.com/a/owasp.org/document/d/1OwoHQtNGWxpr2qgSGbTqCRJJYLayh5d8zvzxoh2Cnqk/edit

~josh

On Wed, Nov 12, 2014 at 12:40 PM, Josh Sokol <josh.sokol at owasp.org> wrote:

> Based on the feedback I received from Martin, I made a few changes to the
> Whistleblower policy that I had previously sent out.  Please review when
> you have a chance and feel free to provide feedback either via comment or
> by responding back to this e-mail.  Here is the link:
>
>
> https://docs.google.com/a/owasp.org/document/d/1OwoHQtNGWxpr2qgSGbTqCRJJYLayh5d8zvzxoh2Cnqk/edit
>
> Thanks!
>
> ~josh
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20141208/4ee8d406/attachment.html>


More information about the Owasp-board mailing list