[Owasp-leaders] [Owasp-board] Please provide a status update to the membership

Andrew van der Stock vanderaj at owasp.org
Thu Oct 16 02:18:19 UTC 2014

Thanks Kate, I really appreciate your efforts in assisting me with my membership this year.

Thanks Josh for organising this. 

I believe once we know the magnitude of the issue, Bev's idea of an extension to voting for a period after the official close is the best way forward. That will give expired members a chance to renew and participate once the ED knows how many are affected.

Can the ED please keep us informed, I will leave this for a period of time to allow the team to figure out how many are affected and to put resolutions in place, but we need to know some answers before voting closes next week.


Sent from my iPad

> On 16 Oct 2014, at 1:11 pm, Josh Sokol <josh.sokol at owasp.org> wrote:
> Andrew,
> It is viewable now thanks to super-Kate and her late night efforts to support us!  Unfortunately, I'm honestly not sure why this document was included in the Bylaws.  It is very specific to the 2012 elections, but does illustrate that this is not a process either run or moderated by the Board.  This process is firmly in the hands of our ED and Operations Team in order to maintain objectivity.
> ~josh
>> On Wed, Oct 15, 2014 at 8:52 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
>> Andrew,
>> Action by the Board to "determine if any candidates are not in good standing and make a decision as to how to deal with that" could be misconstrued as the Board tampering with the election and is not part of the Board role in this process.  The Executive Director and Operations Team is responsible for our elections process.  This includes every single one of the bullet points that you mention in your e-mail.  Our staff is actively seeking to do these things and being technical or non-technical is irrelevant.  As Eoin pointed out, it is NOT the Board's job to manage the election process.  This is not in the bylaws (https://www.owasp.org/images/9/92/April2014OWASPFoundationByLaws.pdf).  Honestly, I'm not sure about the election policy and procedure referenced in Section 3.02 as I do not have access to it either.  I have requested access and will send an inquiry to the operations team to get it publicly viewable ASAP.  Hopefully that document will help to address some of your assertions regarding who is responsible for what.
>> ~josh
>>> On Wed, Oct 15, 2014 at 4:09 PM, Andrew van der Stock <vanderaj at owasp.org> wrote:
>>> Eoin
>>> I am not asking the Board to get in there and deal with the technical
>>> stuff, I *am* asking the Board to
>>> * Determine what will happen if there is a significant number of
>>> disenfranchised members
>>> * Determine if any candidates are not in good standing and make a
>>> decision as to how to deal with that that complies with the by laws
>>> * Determine if there needs to be a delay or a re-do
>>> * Determine what will happen if there are challenges to the election
>>> or its process
>>> * Communicate with us
>>> None of those things are technical. None of those things stop the
>>> technical folks fixing the glitch. That should be happening in
>>> parallel, which it appears to be so. Let's let them do their job.
>>> At the same time, the Board needs to do their job, which is to manage
>>> the election process as per the by laws and providing advice or
>>> guidance around the election by laws when asked.
>>> I would ask that the election by laws be put into anonymous read only
>>> mode as it's in the PDF of the official OWASP by laws, but no one can
>>> see it right now without being granted permission:
>>> https://docs.google.com/a/owasp.org/document/d/1A16CEWCebTC_vadzSsaGFsuvBD94HhkbgHKBZr6shII/edit
>>> thanks
>>> Andrew
>>> On Thu, Oct 16, 2014 at 3:21 AM, Eoin Keary <eoin.keary at owasp.org> wrote:
>>> > Please Board, do not get involved in this process!!
>>> > Stay away and let our great staff deal with this.
>>> >
>>> >
>>> > Eoin Keary
>>> > Owasp Global Board
>>> > +353 87 977 2988
>>> >
>>> >
>>> > On 15 Oct 2014, at 15:26, Tobias <tobias.gondrom at owasp.org> wrote:
>>> >
>>> > +1 for Josh.
>>> > I can fully support Josh's statements.
>>> >
>>> > I know things may look calm on the outside, but let me assure you the whole
>>> > team (incl. the board) takes this as the highest priority and there is very
>>> > high activity on the inside by everyone pulling together to get this
>>> > analysed and fixed ASAP.
>>> >
>>> > As you know the election is still open for another 9 days until Oct-24
>>> > (https://www.owasp.org/index.php/2014_Board_Elections), so please have a
>>> > little more patience and give our team a chance to fix it. And based on the
>>> > findings we will decide on what to do in addition - hopefully we know more
>>> > in a few hours.
>>> >
>>> > Best wishes, Tobias
>>> >
>>> >
>>> > Tobias Gondrom
>>> > OWASP Global Board Member
>>> >
>>> >
>>> > On 15/10/14 15:10, Josh Sokol wrote:
>>> >
>>> > Andrew,
>>> >
>>> > I had at least half a dozen emails back and forth yesterday related to my
>>> > issue with not receiving the voting email and Kelly was well engaged with me
>>> > and SimplyVoting.  They tracked my particular issue down to having
>>> > unsubscribed to a SimplyVoting email during the WASPY awards process.  My
>>> > issue was just one of many reported and being worked on.  Kate, who was in
>>> > training this week, was pulled from it in order to work on these issues.
>>> > This is item #1 on the ops team's plate and they are laser focused on making
>>> > sure this process is being handled professionally and without missing votes.
>>> > Your concerns are very valid and are all being investigated.   If there is
>>> > cause to pause the election process, I assure you that it will be done.  I
>>> > do want to say, however, that this is an operations issue and Board
>>> > involvement beyond supporting the ops team could constitute tampering with
>>> > the election process.  We need to work diligently, yet judiciously, in order
>>> > to ensure the process is fair for everyone involved.  There were several
>>> > emails on this topic yesterday along with a TON of ops team activity, and an
>>> > update is planned for today.  Keep in mind that its early morning on day 2
>>> > here in the US where the ops team is based.  I'm not saying that there isn't
>>> > a problem, but patience is definitely a virtue when you want to make sure
>>> > that things are handled properly.  Please give the ops team a chance to
>>> > research what happened and communicate it out before assuming that the issue
>>> > is just being ignored.  Thank you.
>>> >
>>> > Sincerely,
>>> >
>>> > Josh Sokol
>>> >
>>> > On Oct 15, 2014 7:16 AM, "Andrew van der Stock" <vanderaj at owasp.org> wrote:
>>> >>
>>> >> Michael and the Board,
>>> >>
>>> >> I write to you formally to request a status update on the global OWASP
>>> >> Board of Directors election process, in particular, I implore the
>>> >> current Board to take affirmative action to investigate and manage a
>>> >> resolution to the technical hitches in membership and balloting, and
>>> >> if necessary delay the election, so that all eligible members can
>>> >> vote. There is no activity on the Board list to address this issue,
>>> >> and this, too, needs to be addressed.
>>> >>
>>> >> Members need to have trust of the integrity of the balloting
>>> >> (enfranchisement) and voting processes. There are rules posted
>>> >> regarding the process and deadlines, and for at least some (and
>>> >> possibly many) members, these deadlines have been missed by the OWASP
>>> >> Foundation. There is no current membership list. Members have expired
>>> >> and not been renewed or processed and have missed out on receiving
>>> >> their vote to the election. It is entirely possible that some of the
>>> >> candidates, through no fault of their own, are not in good standing.
>>> >> We just don't know.
>>> >>
>>> >> The only semi-official message in relation to my queries so far is
>>> >> "please don't be inflammatory". That is simply not good enough. I am
>>> >> not sledging the ops team - that is not my intent - but I am saying
>>> >> there is an critical issue and it is not being managed or communicated
>>> >> properly, and that requires Board oversight.
>>> >>
>>> >> In Australia, we recently had to send an entire state back to re-vote
>>> >> their senate because our electoral commission lost 1300 votes, which
>>> >> was more votes than the winning margin. I don't ever recall any open
>>> >> source project or Foundation ever having this type of problem before.
>>> >> I hope that it's a small issue that can be addressed in a timely and
>>> >> comprehensive fashion.
>>> >>
>>> >> Please as a matter of urgency, please work out and communicate with
>>> >> all the members, (and not just those on the leaders list):
>>> >>
>>> >> * What is the Board's position on challenges to the election,
>>> >> postponing or delaying the vote to get the membership and balloting
>>> >> right, or doing a re-run?
>>> >>
>>> >> * Were renewal notices sent out to expiring and expired members in a
>>> >> timely fashion to make the September 30 renewal eligibility deadline?
>>> >>
>>> >> * If not, will OWASP be e-mailing or making contact with all expired
>>> >> members to see if they wanted to renew and give them a vote in the
>>> >> election? If so, when will this occur? Will it occur by the time
>>> >> voting closes?
>>> >>
>>> >> * Are all current Board candidates in good standing? If not, will the
>>> >> Board reach out to the candidates in question, and offer them back
>>> >> dated honorary membership to comply with the bylaws? Or will they be
>>> >> ineligible to stand?
>>> >>
>>> >> * Are all membership renewals (paid, lifetime, and honorary) submitted
>>> >> prior to September 30 now processed?
>>> >>
>>> >> * If so, is there an up to date membership list that does not date
>>> >> back to April 8, 2014? Can this be added to the OWASP Board 2014
>>> >> elections page?
>>> >>
>>> >> * As the CRM process wasn't working for some time, what steps are the
>>> >> Board putting into place to ensure that it is fixed and monitored for
>>> >> the next election?
>>> >>
>>> >>
>>> >> These questions have to be answered. No answer is simply not an
>>> >> option. I don't mind if you take these on notice and reply in pieces,
>>> >> but please communicate frequently, openly and honestly with us.
>>> >>
>>> >> I know the vote is open until next week, but I feel that even if there
>>> >> are only a handful of members piping up on the Leaders mailing list
>>> >> today, the CRM process has been broken for at least two months, which
>>> >> covers about 15% of members. It may have been broken as far back as
>>> >> April 8 when the membership list was seemingly last generated, which
>>> >> covers around 45-50% of the members.
>>> >>
>>> >> Simply enrolling those who pipe up in one venue misses those who don't
>>> >> hang out on the Leaders list and disenfranchises those who might have
>>> >> wanted a say in OWASP's future. If this is actually a small issue, it
>>> >> should be easy to determine: compare July, August's and September's
>>> >> membership totals with that from the year before. If the totals are
>>> >> reduced, then there is a problem of a known magnitude. But without an
>>> >> accurate and up to date membership list, we cannot determine if there
>>> >> are disenfranchised members or how many have been potentially
>>> >> disenfranchised.
>>> >>
>>> >> I gave the ops team nearly two month's notice that something wasn't
>>> >> right, and stayed in fairly constant communication during that time. I
>>> >> even gave a heads up about my fellow candidates, who I sincerely hope
>>> >> have their membership sorted so OWASP members have a geographically
>>> >> varied and interesting selection of candidates to choose from.
>>> >>
>>> >> I've been here since very nearly the beginning, I don't think I've
>>> >> ever seen such disarray in our internal processes, especially such key
>>> >> processes that directly elect the Board.
>>> >>
>>> >> I implore the Board to take this very seriously. Please communicate
>>> >> clearly and frequently with us on next steps. If the Board or the
>>> >> Foundation needs time - more time than there exists until the end of
>>> >> voting, I am more than willing to give the benefit of the doubt to
>>> >> ensure that we have an open, transparent membership and voting system
>>> >> with integrity for a vote to be open to all members, not just those
>>> >> unaffected by the technical glitches. I can't speak for the other
>>> >> candidates, but please ask them too. I'd rather this be done right.
>>> >>
>>> >> I am reachable on +61 451 057 580 if you want a chat, but I am UTC+11,
>>> >> which makes it tricky during US business hours.
>>> >>
>>> >> thanks,
>>> >> Andrew
>>> >> _______________________________________________
>>> >> Owasp-board mailing list
>>> >> Owasp-board at lists.owasp.org
>>> >> https://lists.owasp.org/mailman/listinfo/owasp-board
>>> >
>>> >
>>> >
>>> > _______________________________________________
>>> > Owasp-board mailing list
>>> > Owasp-board at lists.owasp.org
>>> > https://lists.owasp.org/mailman/listinfo/owasp-board
>>> >
>>> >
>>> > _______________________________________________
>>> > Owasp-board mailing list
>>> > Owasp-board at lists.owasp.org
>>> > https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20141016/31514b52/attachment-0001.html>

More information about the OWASP-Leaders mailing list