[Owasp-board] Proposed change to Section 3.03 of the bylaws

Jim Manico jim.manico at owasp.org
Tue Apr 28 18:57:26 UTC 2015


I too like this language. I'm especially fond that there is no "auto-boot"
clause. I feel that all board members are very active this year, even ones
that are missing meetings. Making board member removal a vote is a good
check-and-balance.

Bil, thank you for this. This help is a very important contribution and I
continue to appreciate your help with governance issues.

--
Jim Manico
@Manicode
(808) 652-3805

On Apr 28, 2015, at 8:53 AM, Josh Sokol <josh.sokol at owasp.org> wrote:

I like the new wording.  Thank you very much for putting that together
Bil.  I would be happy to vote in favor of this change to our Bylaws.  I
guess I would favor the 75% because, in the case of quarterly meetings,
this means that a person would be required to attend 3 out of the 4
meetings.  2 out of the 4 has them failing at their Board member duties
IMHO.  In the case of monthly meetings, that still affords them to miss 3
meetings which is still a lot in my opinion.  The difference between 75%
and 66% in the case of monthly meetings is 4 missed meetings instead of 5.
66% again is one meeting shy of half.  Why even be on the Board if you're
going to attend half of the meetings?  And, Tobias, it shouldn't matter
whether this is an issue with the current Board.  Bylaws set expectations
for current and future Board alike, unless they are changed.

~josh

On Tue, Apr 28, 2015 at 1:03 PM, Bil Corry <bil.corry at owasp.org> wrote:

> Hi Tobias,
>
>
>
> I'll leave it to the board to decide if 66% is an acceptable attendance
> record, instead of the more stringent 75%.  Perhaps it can be discussed at
> the board meeting, then voted upon.  I don't have a personal opinion one
> way or another – on the one hand, you want dedicated board members, but on
> the other hand, they're all volunteers and some may not try to be on the
> board if there isn't enough flexibility.  From what I recall, Josh was one
> such potential candidate that wasn't sure he could meet the in-person
> meeting requirement.
>
>
>
>
>
> - Bil
>
>
>
> *From:* Tobias [mailto:tobias.gondrom at owasp.org]
> *Sent:* Monday, April 27, 2015 11:29 PM
> *To:* bil.corry at owasp.org; josh.sokol at owasp.org
> *Cc:* owasp-board at lists.owasp.org
>
> *Subject:* Re: [Owasp-board] Proposed change to Section 3.03 of the bylaws
>
>
>
> Hi Bill, hi all,
>
> thanks a lot for drafting this. We definitely need to update the bylaws to
> reflect the new monthly meeting schedule.
>
> But while I can see that it may seem tempting to enforce hard rules of
> attendance for board members, I don't feel that we really need it.
>
> IMHO, lack of attendance has not been a major issue the last 2 years and I
> hope it will not be an issue in the future. So to some degree it feels like
> over-engineering.
> Just for last year, here is our records of attendance, which I would say
> is a pretty well functioning board:
>
> https://docs.google.com/spreadsheets/d/1wpaOCBP-qrnde0sLiglDMJOUCtse6oB-zf3ONCkWgZk/edit#gid=6
>
> Outright removal would indeed be irresponsible, because a board member
> might have had very good reasons (incl. illness or working on activities
> for our own OWASP organisation) for not attending.
>
> I can sense that you might want to cause a vote of confidence.
> But I am not sure we really need to define such a process step, but
> depending on my fellow board members, I would ok with that.
>
> As for attendance ratios: personally, I feel that expulsion of an elected
> board member from the board through a non-confidence vote is still a pretty
> heavy step, therefore 8/12 = 66% (instead of 75%) should be sufficient as
> minimum requirement before such a vote can be cast.
>
> Overall, I hope we can continue to positively motivate people to attend
> the board meeting, instead of threatening with a stick.
>
> Your thoughts?
>
> Best regards, Tobias
>
>
>
> On 27/04/15 13:30, Bil Corry wrote:
>
> Below is the updated proposed text.  I suggest reading through it first,
> then come back here for my discussion about the choices I made.
>
>
>
> It's get a little tricky with the 75% since it's based on the calendar
> year, so for example, assuming 12 monthly meetings for the year, you could
> miss Jan, Feb, and March, but attend all of the rest and still meet the
> attendance requirement (attended 9/12 = 75%).  However, if you miss Jan,
> Feb, Mar, and Apr, then obviously there is no way to attend 75% for the
> entire year, the best you could hope for is (8/12 = 66%) which means the
> vote of confidence is triggered at the point the fourth meeting is missed.
>
>
>
> The reason for having a vote of confidence instead of outright removal is
> to allow some sanity to the policy – this allows the board to take into
> account the factors that led to the missed meetings (rescheduled meetings,
> personal situations, etc).
>
>
>
> The reason cancelled meetings are still counted is so that we don't end up
> in a situation where someone misses 4 meetings (8/12 = 66% attendance),
> they're voted off the board, then later two meetings are cancelled, and now
> their attendance is 8/10 = 80%.  Instead, those two cancelled meetings are
> counted as attended by all board members, which keeps the attendance for
> the voted off board member at 8/12 = 66%.  Hope that makes sense.
>
>
>
>
>
> - Bil
>
>
>
>
>
> *PROPOSED*
>
>
>
> *SECTION 3.03 Regular Meetings.* The Board of Directors shall have
> regular meetings as needed.  A link to the board meeting agenda’s and the
> historical minutes is here:
> https://www.owasp.org/index.php/OWASP_Board_Meetings.  Meetings shall be
> at such dates, times, and places as the Board shall determine in December
> of the preceding year and as amended by the Board. In no event will there
> be less than one meeting per quarter.  These meetings will be open to
> public attendance, however, certain portions of the meeting may be closed
> to board members  and their delegates when required for legal reasons, or
> to shield liability, or to handle personnel issues, or similar.  Attendance
> in person or virtually by board members is required at no less than 75% of
> the total meetings each year and shall be highly encouraged to meet in
> person at least once annually at a date to be announced and agreed upon.
> Attendance is tabulated after every scheduled meeting for the purpose of
> determining if the 75% attendance requirement has been met, and the
> tabulation is based upon the entire calendar year.  Cancelled meetings are
> considered attended for the purposes of the tabulation.  Failure by a board
> member to meet the 75% attendance requirement after any tabulation will
> cause a mandatory vote of confidence by the remaining board members, whose
> votes will be publicly recorded.  An overall vote of "no confidence" is
> recorded if half or more of the board members vote for it, which causes the
> board member in question to be instantly removed from their seat on the
> board.  Vacancies on the board are handled as per Section 3.10.
>
>
>
>
>
> 2 OWASP Board of Directors will hold quarterly board meetings lasting 4­6
> hours each. The schedule of meetings will be set by the board in December
> before the year. It is likely the the board meetings will take place on
> Saturdays or on a dedicated day before a large OWASP conference. This
> change is a result of the success of the longer format board meeting and
> also a result of the Executive Director role that has enabled full time
> involvement and focus on OWASP operations. Board members must attend (in
> person or virtually) 3 of the 4 meetings to fulfill the attendance
> requirements. This will take effect in January, 2014. Changes passed August
> 19, 2013.
>
> 3 “and shall be highly encouraged to meet in person at least once annually
> at a date to be announced and agreed upon” amendment to document passed
> June 10, 2013.
>
>
>
>
>
>
>
>
>
>
>
> *From:* Josh Sokol [mailto:josh.sokol at owasp.org <josh.sokol at owasp.org>]
> *Sent:* Monday, April 20, 2015 11:18 PM
> *To:* Bil Corry
> *Cc:* Tobias; OWASP Foundation Board List
> *Subject:* Re: [Owasp-board] Proposed change to Section 3.03 of the bylaws
>
>
>
> I like the changes here for the most part, but a couple of thoughts:
>
> 1) I think we need to find a way to remove the language about meetings
> lasting 4-6 hours.  This was fine when the meetings were quarterly, but
> when we switched to monthly the only lasted about an hour.  So, if we can
> eliminate the meeting duration from the text, I think that would be ideal.
>
> 2) Something that I've always wondered is what happens when a Board member
> does not attend 75% of the meetings?  It says that it's mandatory to
> attend, but what are the ramifications?  Forfeiture of their Board position
> and appointment of a new Director for the duration of their seat?  It may
> not have ever been a problem, but I witnessed it happen in our local ISSA
> chapter and it was incredibly frustrating to have a President in absencia
> and our VP basically had to step up and take on his responsibilities and we
> were short a Board member the whole time.  If we are making changes, I'd
> like to see something here to correct that as well.
>
> ~josh
>
>
>
> On Mon, Apr 20, 2015 at 3:16 AM, Bil Corry <bil.corry at owasp.org> wrote:
>
> Below is new proposed text.  I made the following changes (you can read
> the original here
> <https://www.owasp.org/images/9/92/April2014OWASPFoundationByLaws.pdf>):
>
>
>
> 1.    Removed the footnotes.  They were capturing the changes, but
> there's a section at the end of the bylaws that already does that.
> Footnote 1 on page 4 should also be removed (and added to the section at
> the end of the bylaws).
>
> 2.    Removed all references to quarterly meetings and the number of
> total meetings.  Instead, it now stipulates the minimum number of meetings
> required, but the board can determine how many meetings total are needed
> for the upcoming year and can now modify it as needed.
>
> 3.    Changed the board member attendance requirement to a percentage
> instead of a fixed number.
>
> 4.    Clarified that while the meetings are open to the public, certain
> portions of the meeting may be closed to just the board members and their
> delegates.
>
>
>
>
>
> - Bil
>
>
>
>
>
> *PROPOSED*
>
>
>
> *SECTION 3.03 Regular Meetings.* The Board of Directors shall have
> regular meetings lasting 4 to ­6 hours as needed.  A link to the board
> meeting agenda’s and the historical minutes is here:
> https://www.owasp.org/index.php/OWASP_Board_Meetings.  Meetings shall be
> at such dates, times, and places as the Board shall determine in December
> of the preceding year and as amended by the Board. In no event will there
> be less than one meeting per quarter.  These meetings will be open to
> public attendance, however, certain portions of the meeting may be closed
> to board members  and their delegates when required for legal reasons, or
> to shield liability, or to handle personnel issues, or similar.  Attendance
> in person or virtually by board members is required at no less than 75% of
> the total meetings each year and shall be highly encouraged to meet in
> person at least once annually at a date to be announced and agreed upon.
>
>
>
>
>
> 2 OWASP Board of Directors will hold quarterly board meetings lasting 4­6
> hours each. The schedule of meetings will be set by the board in December
> before the year. It is likely the the board meetings will take place on
> Saturdays or on a dedicated day before a large OWASP conference. This
> change is a result of the success of the longer format board meeting and
> also a result of the Executive Director role that has enabled full time
> involvement and focus on OWASP operations. Board members must attend (in
> person or virtually) 3 of the 4 meetings to fulfill the attendance
> requirements. This will take effect in January, 2014. Changes passed August
> 19, 2013.
>
> 3 “and shall be highly encouraged to meet in person at least once annually
> at a date to be announced and agreed upon” amendment to document passed
> June 10, 2013.
>
>
>
>
>
>
>
>
>
>
>
> *From:* owasp-board-bounces at lists.owasp.org [mailto:
> owasp-board-bounces at lists.owasp.org] *On Behalf Of *Josh Sokol
> *Sent:* Saturday, April 04, 2015 7:55 AM
> *To:* Tobias
> *Cc:* OWASP Foundation Board List
> *Subject:* Re: [Owasp-board] Proposed change to Section 3.03 of the bylaws
>
>
>
> Can we adjust wih Bil's suggestion and re-propose?
>
> ~josh
>
> On Apr 4, 2015 12:48 AM, "Tobias" <tobias.gondrom at owasp.org> wrote:
>
> I second the proposed change.
>
> Any discussion?
>
> Best regards, Tobias
>
>
>
> On 26/03/15 03:25, Jim Manico wrote:
>
> *I propose we change section 3.03 of the bylaws to reflect our return to
> monthly meetings:*
>
> SECTION 3.03 Regular Meetings. The Board of Directors shall have regular
> meetings quarterly lasting 4­6 hours as needed.2 A link to the board
> meeting agenda’s and the historical minutes is here:
> https://www.owasp.org/index.php/OWASP_Board_Meetings Meetings shall be at
> such dates, times, and places as the Board shall determine in December of
> the preceding year. These meetings will be open to public attendance.
> Attendance in person or virtually by board members is required at *no
> less than 3 of the 4 quarterly meetings per year* and and shall be highly
> encouraged to meet in person at least once annually at a date to be
> announced and agreed upon.
>
> To:
>
> SECTION 3.03 Regular Meetings. The Board of Directors shall have regular
> meetings quarterly lasting 4­6 hours as needed.2 A link to the board
> meeting agenda’s and the historical minutes is here:
> https://www.owasp.org/index.php/OWASP_Board_Meetings Meetings shall be at
> such dates, times, and places as the Board shall determine in December of
> the preceding year. These meetings will be open to public attendance.
> Attendance in person or virtually by board members is required at *no
> less than 9 of the 12 monthly meetings per year* and and shall be highly
> encouraged to meet in person at least once annually at a date to be
> announced and agreed upon.
>
>
>
> _______________________________________________
>
> Owasp-board mailing list
>
> Owasp-board at lists.owasp.org
>
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
>
>
>

_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150428/0a057088/attachment-0001.html>


More information about the Owasp-board mailing list