[Owasp-board] Update to Bylaws

Fabio Cerullo fcerullo at owasp.org
Wed Mar 26 16:54:23 UTC 2014


Josh,

I don't want to be a pain and really appreciate your efforts in drafting
this doc.

My only intent is to clarify the Global Board role and establish a clear
escalation path through the Community Manager.

Here goes an updated wording.. please feel free to modify it at will:

SECTION 4.07  Participation. Participation in OWASP activities
(conferences, meetings, mailings lists, projects, etc) does not require
membership, but is subject to adherence to the OWASP Code of Ethics, and
OWASP leaders may revoke the privilege of participation to those who choose
not to abide by that code.  Notification of such a revocation must be made
to the individual in writing, with the *OWASP Community Manager *CC'd for
inclusion in the Foundation records.  If an individual believes that this
revocation is unjustified, then they have the option to appeal the decision
by notifying the OWASP *Community Manager *in writing within 14 days of the
original notification. *If there is enough evidence that this revocation
was unjustified, then the Community Manager could raise the issue with the
OWASP Global Board of Directors for review at the next Global Board
meeting.*

By doing so, the Global Board avoids getting involved in matters that could
be resolved by the Community Manager.

Any questions, just let me know.

Regards
Fabio


On Tue, Mar 25, 2014 at 2:25 PM, Josh Sokol <josh.sokol at owasp.org> wrote:

> Fabio,
>
> Yes, the community manager needs to be engaged at the community level to
> work with our leaders to make sure it doesn't get to this point.  They
> should not, however, be responsible for appeals if someone feels they have
> been wrongly excluded.  This puts our representative for community
> engagement in a position of potential conflict with members of our
> community.  That said, I volunteered to put together wording of the Bylaws
> based on what was discussed at the Board meeting which I supported.  If you
> or Tom would like to propose a different wording in a votable format, then
> I would be happy to consider that as an alternative.  I do feel that we
> need to finish this off sooner rather than later though as I have had at
> least one Chapter leader ask me if it had been finalized yet as this is a
> priority for them.
>
> ~josh
> On Mar 24, 2014 9:00 AM, "Fabio Cerullo" <fcerullo at owasp.org> wrote:
>
>> Josh,
>>
>> I like the escalation process suggested by Tom.
>>
>> If an issue arises in the community, it has to be handled by the
>> Community Manager first, and then as a last resource by the Board.
>>
>> One of the CM main responsibilities is: to serve as the single point of
>> contact for OWASP Chapter related questions, issues, and volunteerism.
>>
>> Maybe we could amend the wording in the bylaws to include this escalation
>> process?
>>
>> Thanks
>> Fabio
>>
>>
>> On Mon, Mar 24, 2014 at 1:50 PM, Jim Manico <jim.manico at owasp.org> wrote:
>>
>>>  Ok I second your motion and your notion, Josh.  Sorry, been listening
>>> to Smokey Robinson. It could have been worse, I could have said something
>>> like "If you feel like loving me, if you have the notion, I'll second that
>>> emotion" but decided against it.
>>>
>>> Aloha from Mumbai.
>>> Jim
>>>
>>>
>>>
>>>
>>> On 3/24/14, 7:15 PM, Josh Sokol wrote:
>>>
>>>  Bueller?  Bueller?
>>>
>>> Can I please get a second and a vote?  This was sent out 3 weeks ago.
>>>
>>>  ~josh
>>>
>>>
>>> On Fri, Mar 21, 2014 at 10:27 PM, Jim Manico <jim.manico at owasp.org>wrote:
>>>
>>>>  Sounds good Josh. Sorry for any confusion.
>>>>
>>>> Cheers,
>>>> Jim
>>>>
>>>>
>>>> On 3/22/14, 12:24 PM, Josh Sokol wrote:
>>>>
>>>> To be clear, what you're talking about is a process and I support
>>>> that.  What I've proposed (per what you all asked me to put together at the
>>>> Board meeting) is a policy via thr Bylaws that specifies the path of
>>>> revocation should that process fail to allow cooler heads to prevail.  They
>>>> are not mutually exclusive and are both important along the path toward
>>>> resolution one way or another.
>>>> On Mar 21, 2014 7:56 PM, "Jim Manico" <jim.manico at owasp.org> wrote:
>>>>
>>>>>  +1
>>>>>
>>>>> I like this process.
>>>>>
>>>>> 1) When conflict arises, first the chapter leads bring in the
>>>>> community manager to see if the dispute can be resolved.
>>>>> 2) If necessary, chapters can start a process to remove someone from
>>>>> the chapter. Community manager over-sees this to make sure it's done with
>>>>> integrity.
>>>>> 3) If the individual thinks the process is being done unfairly or they
>>>>> were removed unfairly, they can petition the board to get involved.
>>>>>
>>>>> This seems reasonable to be. I want to make sure that competitive
>>>>> interests or corporate interests are not taking over a chapter and decide
>>>>> to remove someone to remove competition.
>>>>> - Jim
>>>>>
>>>>> On 3/22/14, 8:52 AM, GK Southwick wrote:
>>>>>
>>>>> Completely fair and I believe that that was what Tom was suggesting,
>>>>> only that it shouldn't go straight to the BoD, unless there is no other
>>>>> recourse. We now have a Community Manager to handle mitigation, without
>>>>> having to involve the board in every little dispute.
>>>>>
>>>>>  Don't get me wrong, I know that completely ostracizing someone from
>>>>> the community is not a  "little" dispute, by any means. But I also believe
>>>>> that there's a time and place for escalation and we can start every appeal
>>>>> at a lower level than the BoD.
>>>>>
>>>>>  -= GK
>>>>>
>>>>>  Community Manager
>>>>>  OWASP Foundation
>>>>>
>>>>>  gksouthwick at owasp.org <gk at owasp.org>
>>>>> +01.415.742.2342
>>>>>
>>>>>
>>>>>
>>>>> On Fri, Mar 21, 2014 at 5:39 PM, Jim Manico <jim.manico at owasp.org>wrote:
>>>>>
>>>>>>  Since this is about someone getting pushed out of the community in
>>>>>> a big way, something against our DNA, I want to make sure they have the
>>>>>> ability to appeal to the board after the community review process is
>>>>>> complete. Fair?
>>>>>>
>>>>>> --
>>>>>> Jim Manico
>>>>>> @Manicode
>>>>>> (808) 652-3805
>>>>>>
>>>>>> On Mar 22, 2014, at 5:58 AM, GK Southwick <
>>>>>> genevieve.southwick at owasp.org> wrote:
>>>>>>
>>>>>>   Absolutely. We don't need to escalate it to BoD review, unless we
>>>>>> can't agree to disagree at the community level first.
>>>>>>
>>>>>>  Best,
>>>>>>
>>>>>>  -= GK
>>>>>>
>>>>>>  Community Manager
>>>>>>  OWASP Foundation
>>>>>>
>>>>>>  gksouthwick at owasp.org <gk at owasp.org>
>>>>>> +01.415.742.2342
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Fri, Mar 21, 2014 at 2:53 PM, Tom Brennan <tomb at owasp.org> wrote:
>>>>>>
>>>>>>> " notifying the OWASP Board of Directors in writing within 14 days of
>>>>>>> the original notification"
>>>>>>>
>>>>>>>  notifying the OWASP Community Manager in writing within 14 days of
>>>>>>> the
>>>>>>> original notification
>>>>>>>
>>>>>>> What that does is allow the staff to look at the issue.  If
>>>>>>> satisfaction resolution to either party is not made then it can be go
>>>>>>> on the agenda for a board meeting discussion.
>>>>>>>
>>>>>>>
>>>>>>> Semper Fi,
>>>>>>>
>>>>>>> Tom Brennan | OWASP Foundation
>>>>>>> Vice Chairman
>>>>>>> Main: +1 973 202 0122 <%2B1%20973%20202%200122>
>>>>>>> Skype: proactiverisk
>>>>>>> Web: http://www.owasp.org
>>>>>>>
>>>>>>> NYC CyberSocial 26 March
>>>>>>> http://www.meetup.com/OWASP-NYC/events/169653782/
>>>>>>>
>>>>>>> NJ CyberSocial 27 March
>>>>>>> http://www.meetup.com/OWASP-New-Jersey/events/169975572/
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Fri, Mar 21, 2014 at 3:56 PM, Josh Sokol <josh.sokol at owasp.org>
>>>>>>> wrote:
>>>>>>> > Does anyone else have any comments on this?  Tobias asked if "in
>>>>>>> writing"
>>>>>>> > includes e-mail, but otherwise that's the only comment I received.
>>>>>>>  Can I
>>>>>>> > have a second please so that we can proceed with a vote?
>>>>>>> >
>>>>>>> >
>>>>>>> > Proposal: Add a new section to the OWASP Bylaws.
>>>>>>> >
>>>>>>> > SECTION 4.07  Participation. Participation in OWASP activities
>>>>>>> (conferences,
>>>>>>> > meetings, mailings lists, projects, etc) does not require
>>>>>>> membership, but is
>>>>>>> > subject to adherence to the OWASP Code of Ethics, and OWASP
>>>>>>> leaders may
>>>>>>> > revoke the privilege of participation to those who choose not to
>>>>>>> abide by
>>>>>>> > that code.  Notification of such a revocation must be made to the
>>>>>>> individual
>>>>>>> > in writing, with the OWASP Board of Directors CC'd for inclusion
>>>>>>> in the
>>>>>>> > Foundation records.  If an individual believes that this
>>>>>>> revocation is
>>>>>>> > unjustified, then they have the option to appeal the decision by
>>>>>>> notifying
>>>>>>> > the OWASP Board of Directors in writing within 14 days of the
>>>>>>> original
>>>>>>> > notification.
>>>>>>> >
>>>>>>> > ~josh
>>>>>>> >
>>>>>>> >
>>>>>>> > On Tue, Mar 4, 2014 at 3:14 AM, Tobias <tobias.gondrom at owasp.org>
>>>>>>> wrote:
>>>>>>> >>
>>>>>>> >> Hi Josh,
>>>>>>> >> sounds good.
>>>>>>> >> One question to the lawyers among us: does "in writing" include
>>>>>>> per email?
>>>>>>> >> Thanks, Tobias
>>>>>>> >>
>>>>>>> >>
>>>>>>> >>
>>>>>>> >> On 03/03/14 16:12, Josh Sokol wrote:
>>>>>>> >>
>>>>>>> >> As requested, I have re-worded the proposed addition to the
>>>>>>> Bylaws to
>>>>>>> >> include information about notification and an appeals process.
>>>>>>>  Also, since
>>>>>>> >> the most logical place to put this is in the membership section
>>>>>>> of the
>>>>>>> >> bylaws, I modified to say that participation does not require
>>>>>>> membership.
>>>>>>> >> Please discuss.
>>>>>>> >>
>>>>>>> >> Proposal: Add a new section to the OWASP Bylaws.
>>>>>>> >>
>>>>>>> >> SECTION 4.07  Participation. Participation in OWASP activities
>>>>>>> >> (conferences, meetings, mailings lists, projects, etc) does not
>>>>>>> require
>>>>>>> >> membership, but is subject to adherence to the OWASP Code of
>>>>>>> Ethics, and
>>>>>>> >> OWASP leaders may revoke the privilege of participation to those
>>>>>>> who choose
>>>>>>> >> not to abide by that code.  Notification of such a revocation
>>>>>>> must be made
>>>>>>> >> to the individual in writing, with the OWASP Board of Directors
>>>>>>> CC'd for
>>>>>>> >> inclusion in the Foundation records.  If an individual believes
>>>>>>> that this
>>>>>>> >> revocation is unjustified, then they have the option to appeal
>>>>>>> the decision
>>>>>>> >> by notifying the OWASP Board of Directors in writing within 14
>>>>>>> days of the
>>>>>>> >> original notification.
>>>>>>> >>
>>>>>>> >> Thanks!
>>>>>>> >>
>>>>>>> >> ~josh
>>>>>>> >>
>>>>>>> >>
>>>>>>> >> _______________________________________________
>>>>>>> >> Owasp-board mailing list
>>>>>>> >> Owasp-board at lists.owasp.org
>>>>>>> >> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>> >>
>>>>>>> >>
>>>>>>> >
>>>>>>> >
>>>>>>> > _______________________________________________
>>>>>>> > Owasp-board mailing list
>>>>>>> > Owasp-board at lists.owasp.org
>>>>>>> > https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>> >
>>>>>>> _______________________________________________
>>>>>>> Owasp-board mailing list
>>>>>>> Owasp-board at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>
>>>>>>
>>>>>>    _______________________________________________
>>>>>> Owasp-board mailing list
>>>>>> Owasp-board at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Owasp-board mailing list
>>>>> Owasp-board at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>
>>>>>
>>>>
>>>
>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140326/86826355/attachment-0001.html>


More information about the Owasp-board mailing list