[Owasp-board] Proposed change to Section 3.03 of the bylaws

[Tobias]

Hi Bill, hi all,

thanks a lot for drafting this. We definitely need to update the bylaws 
to reflect the new monthly meeting schedule.

But while I can see that it may seem tempting to enforce hard rules of 
attendance for board members, I don't feel that we really need it.

IMHO, lack of attendance has not been a major issue the last 2 years and 
I hope it will not be an issue in the future. So to some degree it feels 
like over-engineering.
Just for last year, here is our records of attendance, which I would say 
is a pretty well functioning board:
https://docs.google.com/spreadsheets/d/1wpaOCBP-qrnde0sLiglDMJOUCtse6oB-zf3ONCkWgZk/edit#gid=6

Outright removal would indeed be irresponsible, because a board member 
might have had very good reasons (incl. illness or working on activities 
for our own OWASP organisation) for not attending.

I can sense that you might want to cause a vote of confidence.
But I am not sure we really need to define such a process step, but 
depending on my fellow board members, I would ok with that.

As for attendance ratios: personally, I feel that expulsion of an 
elected board member from the board through a non-confidence vote is 
still a pretty heavy step, therefore 8/12 = 66% (instead of 75%) should 
be sufficient as minimum requirement before such a vote can be cast.

Overall, I hope we can continue to positively motivate people to attend 
the board meeting, instead of threatening with a stick.

Your thoughts?

Best regards, Tobias



On 27/04/15 13:30, Bil Corry wrote:
>
> Below is the updated proposed text.  I suggest reading through it 
> first, then come back here for my discussion about the choices I made.
>
> It's get a little tricky with the 75% since it's based on the calendar 
> year, so for example, assuming 12 monthly meetings for the year, you 
> could miss Jan, Feb, and March, but attend all of the rest and still 
> meet the attendance requirement (attended 9/12 = 75%).  However, if 
> you miss Jan, Feb, Mar, and Apr, then obviously there is no way to 
> attend 75% for the entire year, the best you could hope for is (8/12 = 
> 66%) which means the vote of confidence is triggered at the point the 
> fourth meeting is missed.
>
> The reason for having a vote of confidence instead of outright removal 
> is to allow some sanity to the policy – this allows the board to take 
> into account the factors that led to the missed meetings (rescheduled 
> meetings, personal situations, etc).
>
> The reason cancelled meetings are still counted is so that we don't 
> end up in a situation where someone misses 4 meetings (8/12 = 66% 
> attendance), they're voted off the board, then later two meetings are 
> cancelled, and now their attendance is 8/10 = 80%.  Instead, those two 
> cancelled meetings are counted as attended by all board members, which 
> keeps the attendance for the voted off board member at 8/12 = 66%. 
>  Hope that makes sense.
>
> - Bil
>
> *PROPOSED*
>
> *SECTION 3.03 Regular Meetings.* The Board of Directors shall have 
> regular meetings as needed.  A link to the board meeting agenda’s and 
> the historical minutes is here: 
> https://www.owasp.org/index.php/OWASP_Board_Meetings.  Meetings shall 
> be at such dates, times, and places as the Board shall determine in 
> December of the preceding year and as amended by the Board. In no 
> event will there be less than one meeting per quarter. These meetings 
> will be open to public attendance, however, certain portions of the 
> meeting may be closed to board members  and their delegates when 
> required for legal reasons, or to shield liability, or to handle 
> personnel issues, or similar.  Attendance in person or virtually by 
> board members is required at no less than 75% of the total meetings 
> each year and shall be highly encouraged to meet in person at least 
> once annually at a date to be announced and agreed upon. Attendance is 
> tabulated after every scheduled meeting for the purpose of determining 
> if the 75% attendance requirement has been met, and the tabulation is 
> based upon the entire calendar year.  Cancelled meetings are 
> considered attended for the purposes of the tabulation.  Failure by a 
> board member to meet the 75% attendance requirement after any 
> tabulation will cause a mandatory vote of confidence by the remaining 
> board members, whose votes will be publicly recorded.  An overall vote 
> of "no confidence" is recorded if half or more of the board members 
> vote for it, which causes the board member in question to be instantly 
> removed from their seat on the board.  Vacancies on the board are 
> handled as per Section 3.10.
>
> 2 OWASP Board of Directors will hold quarterly board meetings lasting 
> 4­6 hours each. The schedule of meetings will be set by the board in 
> December before the year. It is likely the the board meetings will 
> take place on Saturdays or on a dedicated day before a large OWASP 
> conference. This change is a result of the success of the longer 
> format board meeting and also a result of the Executive Director role 
> that has enabled full time involvement and focus on OWASP operations. 
> Board members must attend (in person or virtually) 3 of the 4 meetings 
> to fulfill the attendance requirements. This will take effect in 
> January, 2014. Changes passed August 19, 2013.
>
> 3 “and shall be highly encouraged to meet in person at least once 
> annually at a date to be announced and agreed upon” amendment to 
> document passed June 10, 2013.
>
> *From:*Josh Sokol [mailto:josh.sokol at owasp.org]
> *Sent:* Monday, April 20, 2015 11:18 PM
> *To:* Bil Corry
> *Cc:* Tobias; OWASP Foundation Board List
> *Subject:* Re: [Owasp-board] Proposed change to Section 3.03 of the bylaws
>
> I like the changes here for the most part, but a couple of thoughts:
>
> 1) I think we need to find a way to remove the language about meetings 
> lasting 4-6 hours.  This was fine when the meetings were quarterly, 
> but when we switched to monthly the only lasted about an hour.  So, if 
> we can eliminate the meeting duration from the text, I think that 
> would be ideal.
>
> 2) Something that I've always wondered is what happens when a Board 
> member does not attend 75% of the meetings?  It says that it's 
> mandatory to attend, but what are the ramifications?  Forfeiture of 
> their Board position and appointment of a new Director for the 
> duration of their seat?  It may not have ever been a problem, but I 
> witnessed it happen in our local ISSA chapter and it was incredibly 
> frustrating to have a President in absencia and our VP basically had 
> to step up and take on his responsibilities and we were short a Board 
> member the whole time.  If we are making changes, I'd like to see 
> something here to correct that as well.
>
> ~josh
>
> On Mon, Apr 20, 2015 at 3:16 AM, Bil Corry <bil.corry at owasp.org 
> <mailto:bil.corry at owasp.org>> wrote:
>
> Below is new proposed text.  I made the following changes (you can 
> read the original here 
> <https://www.owasp.org/images/9/92/April2014OWASPFoundationByLaws.pdf>):
>
> 1.Removed the footnotes.  They were capturing the changes, but there's 
> a section at the end of the bylaws that already does that.  Footnote 1 
> on page 4 should also be removed (and added to the section at the end 
> of the bylaws).
>
> 2.Removed all references to quarterly meetings and the number of total 
> meetings.  Instead, it now stipulates the minimum number of meetings 
> required, but the board can determine how many meetings total are 
> needed for the upcoming year and can now modify it as needed.
>
> 3.Changed the board member attendance requirement to a percentage 
> instead of a fixed number.
>
> 4.Clarified that while the meetings are open to the public, certain 
> portions of the meeting may be closed to just the board members and 
> their delegates.
>
> - Bil
>
> *PROPOSED*
>
> *SECTION 3.03 Regular Meetings.* The Board of Directors shall have 
> regular meetings lasting 4 to ­6 hours as needed.  A link to the board 
> meeting agenda’s and the historical minutes is here: 
> https://www.owasp.org/index.php/OWASP_Board_Meetings.  Meetings shall 
> be at such dates, times, and places as the Board shall determine in 
> December of the preceding year and as amended by the Board. In no 
> event will there be less than one meeting per quarter.  These meetings 
> will be open to public attendance, however, certain portions of the 
> meeting may be closed to board members  and their delegates when 
> required for legal reasons, or to shield liability, or to handle 
> personnel issues, or similar.  Attendance in person or virtually by 
> board members is required at no less than 75% of the total meetings 
> each year and shall be highly encouraged to meet in person at least 
> once annually at a date to be announced and agreed upon.
>
> 2 OWASP Board of Directors will hold quarterly board meetings lasting 
> 4­6 hours each. The schedule of meetings will be set by the board in 
> December before the year. It is likely the the board meetings will 
> take place on Saturdays or on a dedicated day before a large OWASP 
> conference. This change is a result of the success of the longer 
> format board meeting and also a result of the Executive Director role 
> that has enabled full time involvement and focus on OWASP operations. 
> Board members must attend (in person or virtually) 3 of the 4 meetings 
> to fulfill the attendance requirements. This will take effect in 
> January, 2014. Changes passed August 19, 2013.
>
> 3 “and shall be highly encouraged to meet in person at least once 
> annually at a date to be announced and agreed upon” amendment to 
> document passed June 10, 2013.
>
> *From:*owasp-board-bounces at lists.owasp.org 
> <mailto:owasp-board-bounces at lists.owasp.org> 
> [mailto:owasp-board-bounces at lists.owasp.org 
> <mailto:owasp-board-bounces at lists.owasp.org>] *On Behalf Of *Josh Sokol
> *Sent:* Saturday, April 04, 2015 7:55 AM
> *To:* Tobias
> *Cc:* OWASP Foundation Board List
> *Subject:* Re: [Owasp-board] Proposed change to Section 3.03 of the bylaws
>
> Can we adjust wih Bil's suggestion and re-propose?
>
> ~josh
>
> On Apr 4, 2015 12:48 AM, "Tobias" <tobias.gondrom at owasp.org 
> <mailto:tobias.gondrom at owasp.org>> wrote:
>
> I second the proposed change.
>
> Any discussion?
>
> Best regards, Tobias
>
>
>
> On 26/03/15 03:25, Jim Manico wrote:
>
>     *I propose we change section 3.03 of the bylaws to reflect our
>     return to monthly meetings:*
>
>     SECTION 3.03 Regular Meetings. The Board of Directors shall have
>     regular meetings quarterly lasting 4­6 hours as needed.2 A link to
>     the board meeting agenda’s and the historical minutes is here:
>     https://www.owasp.org/index.php/OWASP_Board_Meetings Meetings
>     shall be at such dates, times, and places as the Board shall
>     determine in December of the preceding year. These meetings will
>     be open to public attendance. Attendance in person or virtually by
>     board members is required at *no less than 3 of the 4 quarterly
>     meetings per year* and and shall be highly encouraged to meet in
>     person at least once annually at a date to be announced and agreed
>     upon.
>
>     To:
>
>     SECTION 3.03 Regular Meetings. The Board of Directors shall have
>     regular meetings quarterly lasting 4­6 hours as needed.2 A link to
>     the board meeting agenda’s and the historical minutes is here:
>     https://www.owasp.org/index.php/OWASP_Board_Meetings Meetings
>     shall be at such dates, times, and places as the Board shall
>     determine in December of the preceding year. These meetings will
>     be open to public attendance. Attendance in person or virtually by
>     board members is required at *no less than 9 of the 12 monthly
>     meetings per year* and and shall be highly encouraged to meet in
>     person at least once annually at a date to be announced and agreed
>     upon.
>
>     _______________________________________________
>
>     Owasp-board mailing list
>
>     Owasp-board at lists.owasp.org  <mailto:Owasp-board at lists.owasp.org>
>
>     https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org <mailto:Owasp-board at lists.owasp.org>
> https://lists.owasp.org/mailman/listinfo/owasp-board
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150427/d6797eb6/attachment-0001.html>