[Owasp-board] Update to Bylaws

Tobias tobias.gondrom at owasp.org
Thu Mar 27 10:28:52 UTC 2014


+1
Tobias


On 27/03/14 08:34, Jim Manico wrote:
> +2
>
> --
> Jim Manico
> @Manicode
> (808) 652-3805
>
> On Mar 27, 2014, at 1:29 AM, Sarah Baso <sarah.baso at owasp.org
> <mailto:sarah.baso at owasp.org>> wrote:
>
>> +1
>>
>> On Mar 26, 2014, at 12:53 PM, GK Southwick
>> <genevieve.southwick at owasp.org
>> <mailto:genevieve.southwick at owasp.org>> wrote:
>>
>>> After following this further down the rabbit hole, I'm in agreement
>>> with Josh. The bylaws shouldn't state anything about the Community
>>> Manager's involvement, but the Chapter Leader's Handbook should
>>> certainly have a section on Conflict Resolution that involves the
>>> Community Manager. As I mentioned in my introductory email yesterday
>>> afternoon: 
>>>
>>>   * Chapter/member disputes. One of my many hats here at OWASP is
>>>     mediation. If an issue arises in your Chapter, that you feel
>>>     needs to be brought to the attention of the Foundation, please
>>>     bring it to me first. I should, by default, be informed of any
>>>     issues that require the attention of anyone outside of your
>>>     immediate chapter, so that I may assist with intervention and
>>>     determine if it needs to be escalated further up the chain of
>>>     command. If I am unable to mediate to the satisfaction of all
>>>     parties involved, I will gladly assist in bringing the matter to
>>>     the Board of Directors and step out of the process, so that they
>>>     can make the case determination.
>>>
>>>
>>> This does not mean that the Community Manager should be mentioned in
>>> the bylaws. As Josh mentioned, if it's gotten so far that the Board
>>> needs to be involved, the matter should already have been brought to
>>> my attention by the Chapter Leader prior to that. Now that I
>>> understand the distinction that Josh is making there, I'm in
>>> complete agreement.
>>>
>>> I will handle mediation of Chapter issues, prior to them being
>>> brought to the attention of the BoD - in fact, I'll bring them to
>>> the BoD myself, if an amicable resolution can't be reached, but my
>>> involvement should be addressed in the Chapter Handbook Rules &
>>> Regs. Not the Foundation Bylaws.
>>>
>>> -= GK
>>>
>>> Community Manager
>>> OWASP Foundation
>>>
>>> gksouthwick at owasp.org <mailto:gk at owasp.org>
>>> +01.415.742.2342
>>>
>>>
>>>
>>> On Wed, Mar 26, 2014 at 1:42 PM, Josh Sokol <josh.sokol at owasp.org
>>> <mailto:josh.sokol at owasp.org>> wrote:
>>>
>>>     Fabio,
>>>
>>>     I'm not sure we have the same vision as to what the OWASP
>>>     Community Manager role is.  If they are engaged with the
>>>     community, as they should be, then they should already be aware
>>>     of any issues.  If an issue escalates to the point where a
>>>     leader is revoking someone from participating, then we have
>>>     clearly moved beyond the issue resolution phase and into the
>>>     action justification phase.  The Chapter Leader Handbook would
>>>     be an ideal place to talk about your process for issue
>>>     resolution, including escalation to the Community Manager, but I
>>>     disagree that the Community Manager should be fielding appeals
>>>     for revocation as they would have already been biased by the
>>>     issue resolution that took place beforehand.  It's like saying
>>>     "I couldn't help fix the problem so I'm just going to decide to
>>>     kick you out and I don't really feel like I was wrong therefore
>>>     I won't raise the issue with the Board."  Does that make sense? 
>>>
>>>     This Bylaw change was only meant to grant leaders the ability to
>>>     revoke and provide a path for appeal.  I don't think that we
>>>     need to put a whole dispute resolution process into the Bylaw item.
>>>
>>>     ~josh
>>>
>>>
>>>     On Wed, Mar 26, 2014 at 11:54 AM, Fabio Cerullo
>>>     <fcerullo at owasp.org <mailto:fcerullo at owasp.org>> wrote:
>>>
>>>         Josh,
>>>
>>>         I don't want to be a pain and really appreciate your efforts
>>>         in drafting this doc.
>>>
>>>         My only intent is to clarify the Global Board role and
>>>         establish a clear escalation path through the Community Manager.
>>>
>>>         Here goes an updated wording.. please feel free to modify it
>>>         at will:
>>>
>>>         SECTION 4.07  Participation. Participation in OWASP
>>>         activities (conferences, meetings, mailings lists, projects,
>>>         etc) does not require membership, but is subject to
>>>         adherence to the OWASP Code of Ethics, and OWASP leaders may
>>>         revoke the privilege of participation to those who choose
>>>         not to abide by that code.  Notification of such a
>>>         revocation must be made to the individual in writing, with
>>>         the *OWASP Community Manager *CC'd for inclusion in the
>>>         Foundation records.  If an individual believes that this
>>>         revocation is unjustified, then they have the option to
>>>         appeal the decision by notifying the OWASP *Community
>>>         Manager *in writing within 14 days of the original
>>>         notification. *If there is enough evidence that this
>>>         revocation was unjustified, then the Community Manager could
>>>         raise the issue with the OWASP Global Board of Directors for
>>>         review at the next Global Board meeting.*
>>>         *
>>>         *
>>>         By doing so, the Global Board avoids getting involved in
>>>         matters that could be resolved by the Community Manager.
>>>
>>>         Any questions, just let me know.
>>>
>>>         Regards
>>>         Fabio
>>>
>>>
>>>         On Tue, Mar 25, 2014 at 2:25 PM, Josh Sokol
>>>         <josh.sokol at owasp.org <mailto:josh.sokol at owasp.org>> wrote:
>>>
>>>             Fabio,
>>>
>>>             Yes, the community manager needs to be engaged at the
>>>             community level to work with our leaders to make sure it
>>>             doesn't get to this point.  They should not, however, be
>>>             responsible for appeals if someone feels they have been
>>>             wrongly excluded.  This puts our representative for
>>>             community engagement in a position of potential conflict
>>>             with members of our community.  That said, I volunteered
>>>             to put together wording of the Bylaws based on what was
>>>             discussed at the Board meeting which I supported.  If
>>>             you or Tom would like to propose a different wording in
>>>             a votable format, then I would be happy to consider that
>>>             as an alternative.  I do feel that we need to finish
>>>             this off sooner rather than later though as I have had
>>>             at least one Chapter leader ask me if it had been
>>>             finalized yet as this is a priority for them.
>>>
>>>             ~josh
>>>
>>>             On Mar 24, 2014 9:00 AM, "Fabio Cerullo"
>>>             <fcerullo at owasp.org <mailto:fcerullo at owasp.org>> wrote:
>>>
>>>                 Josh,
>>>
>>>                 I like the escalation process suggested by Tom. 
>>>
>>>                 If an issue arises in the community, it has to be
>>>                 handled by the Community Manager first, and then as
>>>                 a last resource by the Board.
>>>
>>>                 One of the CM main responsibilities is: to serve as
>>>                 the single point of contact for OWASP Chapter
>>>                 related questions, issues, and volunteerism.
>>>
>>>                 Maybe we could amend the wording in the bylaws to
>>>                 include this escalation process?
>>>
>>>                 Thanks
>>>                 Fabio
>>>
>>>
>>>                 On Mon, Mar 24, 2014 at 1:50 PM, Jim Manico
>>>                 <jim.manico at owasp.org <mailto:jim.manico at owasp.org>>
>>>                 wrote:
>>>
>>>                     Ok I second your motion and your notion, Josh. 
>>>                     Sorry, been listening to Smokey Robinson. It
>>>                     could have been worse, I could have said
>>>                     something like "If you feel like loving me, if
>>>                     you have the notion, I'll second that emotion"
>>>                     but decided against it.
>>>
>>>                     Aloha from Mumbai.
>>>                     Jim
>>>
>>>
>>>
>>>
>>>                     On 3/24/14, 7:15 PM, Josh Sokol wrote:
>>>>                     Bueller?  Bueller?
>>>>
>>>>                     Can I please get a second and a vote?  This was
>>>>                     sent out 3 weeks ago.
>>>>
>>>>                     ~josh
>>>>
>>>>
>>>>                     On Fri, Mar 21, 2014 at 10:27 PM, Jim Manico
>>>>                     <jim.manico at owasp.org
>>>>                     <mailto:jim.manico at owasp.org>> wrote:
>>>>
>>>>                         Sounds good Josh. Sorry for any confusion.
>>>>
>>>>                         Cheers,
>>>>                         Jim
>>>>
>>>>
>>>>                         On 3/22/14, 12:24 PM, Josh Sokol wrote:
>>>>>
>>>>>                         To be clear, what you're talking about is
>>>>>                         a process and I support that.  What I've
>>>>>                         proposed (per what you all asked me to put
>>>>>                         together at the Board meeting) is a policy
>>>>>                         via thr Bylaws that specifies the path of
>>>>>                         revocation should that process fail to
>>>>>                         allow cooler heads to prevail.  They are
>>>>>                         not mutually exclusive and are both
>>>>>                         important along the path toward resolution
>>>>>                         one way or another.
>>>>>
>>>>>                         On Mar 21, 2014 7:56 PM, "Jim Manico"
>>>>>                         <jim.manico at owasp.org
>>>>>                         <mailto:jim.manico at owasp.org>> wrote:
>>>>>
>>>>>                             +1
>>>>>
>>>>>                             I like this process.
>>>>>
>>>>>                             1) When conflict arises, first the
>>>>>                             chapter leads bring in the community
>>>>>                             manager to see if the dispute can be
>>>>>                             resolved.
>>>>>                             2) If necessary, chapters can start a
>>>>>                             process to remove someone from the
>>>>>                             chapter. Community manager over-sees
>>>>>                             this to make sure it's done with
>>>>>                             integrity.
>>>>>                             3) If the individual thinks the
>>>>>                             process is being done unfairly or they
>>>>>                             were removed unfairly, they can
>>>>>                             petition the board to get involved.
>>>>>
>>>>>                             This seems reasonable to be. I want to
>>>>>                             make sure that competitive interests
>>>>>                             or corporate interests are not taking
>>>>>                             over a chapter and decide to remove
>>>>>                             someone to remove competition.
>>>>>                             - Jim
>>>>>
>>>>>                             On 3/22/14, 8:52 AM, GK Southwick wrote:
>>>>>>                             Completely fair and I believe that
>>>>>>                             that was what Tom was suggesting,
>>>>>>                             only that it shouldn't go straight to
>>>>>>                             the BoD, unless there is no other
>>>>>>                             recourse. We now have a Community
>>>>>>                             Manager to handle mitigation, without
>>>>>>                             having to involve the board in every
>>>>>>                             little dispute. 
>>>>>>
>>>>>>                             Don't get me wrong, I know that
>>>>>>                             completely ostracizing someone from
>>>>>>                             the community is not a  "little"
>>>>>>                             dispute, by any means. But I also
>>>>>>                             believe that there's a time and place
>>>>>>                             for escalation and we can start every
>>>>>>                             appeal at a lower level than the BoD.
>>>>>>
>>>>>>                             -= GK
>>>>>>
>>>>>>                             Community Manager
>>>>>>                             OWASP Foundation
>>>>>>
>>>>>>                             gksouthwick at owasp.org
>>>>>>                             <mailto:gk at owasp.org>
>>>>>>                             +01.415.742.2342
>>>>>>
>>>>>>
>>>>>>
>>>>>>                             On Fri, Mar 21, 2014 at 5:39 PM, Jim
>>>>>>                             Manico <jim.manico at owasp.org
>>>>>>                             <mailto:jim.manico at owasp.org>> wrote:
>>>>>>
>>>>>>                                 Since this is about someone
>>>>>>                                 getting pushed out of the
>>>>>>                                 community in a big way, something
>>>>>>                                 against our DNA, I want to make
>>>>>>                                 sure they have the ability to
>>>>>>                                 appeal to the board after the
>>>>>>                                 community review process is
>>>>>>                                 complete. Fair?
>>>>>>
>>>>>>                                 --
>>>>>>                                 Jim Manico
>>>>>>                                 @Manicode
>>>>>>                                 (808) 652-3805
>>>>>>                                 <tel:%28808%29%20652-3805>
>>>>>>
>>>>>>                                 On Mar 22, 2014, at 5:58 AM, GK
>>>>>>                                 Southwick
>>>>>>                                 <genevieve.southwick at owasp.org
>>>>>>                                 <mailto:genevieve.southwick at owasp.org>>
>>>>>>                                 wrote:
>>>>>>
>>>>>>>                                 Absolutely. We don't need to
>>>>>>>                                 escalate it to BoD review,
>>>>>>>                                 unless we can't agree to
>>>>>>>                                 disagree at the community level
>>>>>>>                                 first.
>>>>>>>
>>>>>>>                                 Best,
>>>>>>>
>>>>>>>                                 -= GK
>>>>>>>
>>>>>>>                                 Community Manager
>>>>>>>                                 OWASP Foundation
>>>>>>>
>>>>>>>                                 gksouthwick at owasp.org
>>>>>>>                                 <mailto:gk at owasp.org>
>>>>>>>                                 +01.415.742.2342
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>                                 On Fri, Mar 21, 2014 at 2:53 PM,
>>>>>>>                                 Tom Brennan <tomb at owasp.org
>>>>>>>                                 <mailto:tomb at owasp.org>> wrote:
>>>>>>>
>>>>>>>                                     " notifying the OWASP Board
>>>>>>>                                     of Directors in writing
>>>>>>>                                     within 14 days of
>>>>>>>                                     the original notification"
>>>>>>>
>>>>>>>                                     notifying the OWASP
>>>>>>>                                     Community Manager in writing
>>>>>>>                                     within 14 days of the
>>>>>>>                                     original notification
>>>>>>>
>>>>>>>                                     What that does is allow the
>>>>>>>                                     staff to look at the issue.  If
>>>>>>>                                     satisfaction resolution to
>>>>>>>                                     either party is not made
>>>>>>>                                     then it can be go
>>>>>>>                                     on the agenda for a board
>>>>>>>                                     meeting discussion.
>>>>>>>
>>>>>>>
>>>>>>>                                     Semper Fi,
>>>>>>>
>>>>>>>                                     Tom Brennan | OWASP Foundation
>>>>>>>                                     Vice Chairman
>>>>>>>                                     Main: +1 973 202 0122
>>>>>>>                                     <tel:%2B1%20973%20202%200122>
>>>>>>>                                     Skype: proactiverisk
>>>>>>>                                     Web: http://www.owasp.org
>>>>>>>
>>>>>>>                                     NYC CyberSocial 26 March
>>>>>>>                                     http://www.meetup.com/OWASP-NYC/events/169653782/
>>>>>>>
>>>>>>>                                     NJ CyberSocial 27 March
>>>>>>>                                     http://www.meetup.com/OWASP-New-Jersey/events/169975572/
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>                                     On Fri, Mar 21, 2014 at 3:56
>>>>>>>                                     PM, Josh Sokol
>>>>>>>                                     <josh.sokol at owasp.org
>>>>>>>                                     <mailto:josh.sokol at owasp.org>>
>>>>>>>                                     wrote:
>>>>>>>                                     > Does anyone else have any
>>>>>>>                                     comments on this?  Tobias
>>>>>>>                                     asked if "in writing"
>>>>>>>                                     > includes e-mail, but
>>>>>>>                                     otherwise that's the only
>>>>>>>                                     comment I received.  Can I
>>>>>>>                                     > have a second please so
>>>>>>>                                     that we can proceed with a vote?
>>>>>>>                                     >
>>>>>>>                                     >
>>>>>>>                                     > Proposal: Add a new
>>>>>>>                                     section to the OWASP Bylaws.
>>>>>>>                                     >
>>>>>>>                                     > SECTION 4.07
>>>>>>>                                      Participation.
>>>>>>>                                     Participation in OWASP
>>>>>>>                                     activities (conferences,
>>>>>>>                                     > meetings, mailings lists,
>>>>>>>                                     projects, etc) does not
>>>>>>>                                     require membership, but is
>>>>>>>                                     > subject to adherence to
>>>>>>>                                     the OWASP Code of Ethics,
>>>>>>>                                     and OWASP leaders may
>>>>>>>                                     > revoke the privilege of
>>>>>>>                                     participation to those who
>>>>>>>                                     choose not to abide by
>>>>>>>                                     > that code.  Notification
>>>>>>>                                     of such a revocation must be
>>>>>>>                                     made to the individual
>>>>>>>                                     > in writing, with the OWASP
>>>>>>>                                     Board of Directors CC'd for
>>>>>>>                                     inclusion in the
>>>>>>>                                     > Foundation records.  If an
>>>>>>>                                     individual believes that
>>>>>>>                                     this revocation is
>>>>>>>                                     > unjustified, then they
>>>>>>>                                     have the option to appeal
>>>>>>>                                     the decision by notifying
>>>>>>>                                     > the OWASP Board of
>>>>>>>                                     Directors in writing within
>>>>>>>                                     14 days of the original
>>>>>>>                                     > notification.
>>>>>>>                                     >
>>>>>>>                                     > ~josh
>>>>>>>                                     >
>>>>>>>                                     >
>>>>>>>                                     > On Tue, Mar 4, 2014 at
>>>>>>>                                     3:14 AM, Tobias
>>>>>>>                                     <tobias.gondrom at owasp.org
>>>>>>>                                     <mailto:tobias.gondrom at owasp.org>>
>>>>>>>                                     wrote:
>>>>>>>                                     >>
>>>>>>>                                     >> Hi Josh,
>>>>>>>                                     >> sounds good.
>>>>>>>                                     >> One question to the
>>>>>>>                                     lawyers among us: does "in
>>>>>>>                                     writing" include per email?
>>>>>>>                                     >> Thanks, Tobias
>>>>>>>                                     >>
>>>>>>>                                     >>
>>>>>>>                                     >>
>>>>>>>                                     >> On 03/03/14 16:12, Josh
>>>>>>>                                     Sokol wrote:
>>>>>>>                                     >>
>>>>>>>                                     >> As requested, I have
>>>>>>>                                     re-worded the proposed
>>>>>>>                                     addition to the Bylaws to
>>>>>>>                                     >> include information about
>>>>>>>                                     notification and an appeals
>>>>>>>                                     process.  Also, since
>>>>>>>                                     >> the most logical place to
>>>>>>>                                     put this is in the
>>>>>>>                                     membership section of the
>>>>>>>                                     >> bylaws, I modified to say
>>>>>>>                                     that participation does not
>>>>>>>                                     require membership.
>>>>>>>                                     >> Please discuss.
>>>>>>>                                     >>
>>>>>>>                                     >> Proposal: Add a new
>>>>>>>                                     section to the OWASP Bylaws.
>>>>>>>                                     >>
>>>>>>>                                     >> SECTION 4.07
>>>>>>>                                      Participation.
>>>>>>>                                     Participation in OWASP
>>>>>>>                                     activities
>>>>>>>                                     >> (conferences, meetings,
>>>>>>>                                     mailings lists, projects,
>>>>>>>                                     etc) does not require
>>>>>>>                                     >> membership, but is
>>>>>>>                                     subject to adherence to the
>>>>>>>                                     OWASP Code of Ethics, and
>>>>>>>                                     >> OWASP leaders may revoke
>>>>>>>                                     the privilege of
>>>>>>>                                     participation to those who
>>>>>>>                                     choose
>>>>>>>                                     >> not to abide by that
>>>>>>>                                     code.  Notification of such
>>>>>>>                                     a revocation must be made
>>>>>>>                                     >> to the individual in
>>>>>>>                                     writing, with the OWASP
>>>>>>>                                     Board of Directors CC'd for
>>>>>>>                                     >> inclusion in the
>>>>>>>                                     Foundation records.  If an
>>>>>>>                                     individual believes that this
>>>>>>>                                     >> revocation is
>>>>>>>                                     unjustified, then they have
>>>>>>>                                     the option to appeal the
>>>>>>>                                     decision
>>>>>>>                                     >> by notifying the OWASP
>>>>>>>                                     Board of Directors in
>>>>>>>                                     writing within 14 days of the
>>>>>>>                                     >> original notification.
>>>>>>>                                     >>
>>>>>>>                                     >> Thanks!
>>>>>>>                                     >>
>>>>>>>                                     >> ~josh
>>>>>>>                                     >>
>>>>>>>                                     >>
>>>>>>>                                     >>
>>>>>>>                                     _______________________________________________
>>>>>>>                                     >> Owasp-board mailing list
>>>>>>>                                     >>
>>>>>>>                                     Owasp-board at lists.owasp.org
>>>>>>>                                     <mailto:Owasp-board at lists.owasp.org>
>>>>>>>                                     >>
>>>>>>>                                     https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>                                     >>
>>>>>>>                                     >>
>>>>>>>                                     >
>>>>>>>                                     >
>>>>>>>                                     >
>>>>>>>                                     _______________________________________________
>>>>>>>                                     > Owasp-board mailing list
>>>>>>>                                     >
>>>>>>>                                     Owasp-board at lists.owasp.org
>>>>>>>                                     <mailto:Owasp-board at lists.owasp.org>
>>>>>>>                                     >
>>>>>>>                                     https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>                                     >
>>>>>>>                                     _______________________________________________
>>>>>>>                                     Owasp-board mailing list
>>>>>>>                                     Owasp-board at lists.owasp.org
>>>>>>>                                     <mailto:Owasp-board at lists.owasp.org>
>>>>>>>                                     https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>
>>>>>>>
>>>>>>>                                 _______________________________________________
>>>>>>>                                 Owasp-board mailing list
>>>>>>>                                 Owasp-board at lists.owasp.org
>>>>>>>                                 <mailto:Owasp-board at lists.owasp.org>
>>>>>>>                                 https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>                             _______________________________________________
>>>>>                             Owasp-board mailing list
>>>>>                             Owasp-board at lists.owasp.org
>>>>>                             <mailto:Owasp-board at lists.owasp.org>
>>>>>                             https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>
>>>>
>>>>
>>>
>>>
>>>                     _______________________________________________
>>>                     Owasp-board mailing list
>>>                     Owasp-board at lists.owasp.org
>>>                     <mailto:Owasp-board at lists.owasp.org>
>>>                     https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>>
>>>
>>>
>>>
>>>     _______________________________________________
>>>     Owasp-board mailing list
>>>     Owasp-board at lists.owasp.org <mailto:Owasp-board at lists.owasp.org>
>>>     https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org <mailto:Owasp-board at lists.owasp.org>
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org <mailto:Owasp-board at lists.owasp.org>
>> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140327/defe77a5/attachment-0001.html>


More information about the Owasp-board mailing list