Working Groups with necessary bylaw changes #153
+82
−1
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There was a problem hiding this comment.
Pull Request Overview
This PR introduces a new Working Groups Policy and updates existing policies to support the rapid creation and dissolution of working groups, as well as making necessary adjustments to the bylaws.
- Introduces a new Working Groups policy document outlining structure, governance, and operational procedures.
- Updates the Committees policy document to clarify that Working Groups guidance takes precedence for WG matters.
- Modifies the bylaws to include Working Groups and delegates authority to create or disband Committees or Working Groups.
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| operational/working-groups.md | New draft policy for Working Groups, including detailed guidelines for establishment and operation. |
| operational/committees.md | Added notice indicating that the Working Groups policy takes precedence during the review period. |
| legal/bylaws.md | Revised clause (b) and added clause (d) to incorporate Working Groups and assign related authority. |
kingthorin
reviewed
Apr 28, 2025
| @@ -339,10 +339,12 @@ Each member of a Board Committee shall serve for such term as shall be establish | |||
|
|
|||
| (a) A Project Committee of the Foundation is hereby established, which may have such Sub-Groups as from time to time may be approved by the Board of Directors. The Project Committee and its Sub-Groups shall be the principal Member-level forum for the discussion and preliminary adoption of technical strategy and standards, subject to the review, and within the strategic direction established by, the Board of Directors and such Member Committee shall otherwise have such rights and privileges as shall from time to time be established by the Board of Directors, or as set forth in such Project Committee charter, rules, and policies as shall have been previously adopted by the Board of Directors. The Project Committee may make technical recommendations to the Board of Directors concerning technical strategy and other technical work products of the Foundation and may undertake such other tasks as may from time to time be established by the Board of Directors, provided that all strategies and standards may only be finally adopted by the Board of Directors | |||
|
|
|||
| (b) From time to time, the Board of Directors may establish additional Member Committees. Each Member, so long as it remains a Member in good standing, shall be entitled to appoint such representatives to each such Member Committee, with such voting rights (if any), as set forth in Article II. Unless otherwise specified in these By-laws or by the Board of Directors, each Member Committee may have such sub-groups, working groups, and other groups as from time to time may be approved by such Member Committee, within the strategic direction established by the Board of Directors (each a "Sub-Group") | |||
There was a problem hiding this comment.
I know this text wasn't modified but I'm left wondering:
Each Member, so long as it remains a Member in good standing
Is this supposed to be about people? If so then a better word than "it" should be used IMHO.
|
|
||
| ## Operations and Decision-Making | ||
|
|
||
| Working Groups must maintain transparent, consensus-driven decision-making processes. Regular meetings shall be scheduled with clear agendas distributed in advance, concise documentation of decisions, and prompt follow-up of assigned actions. Meetings should be operationally efficient, action-oriented, and inclusive. |
There was a problem hiding this comment.
action-oriented, inclusive, and public.
?
Comment on lines
+53
to
+55
| WG Chairs are required to submit quarterly Chairs Reports to the Executive Director and OWASP Board, providing concise updates on achievements, challenges, and upcoming objectives. | ||
|
|
||
| The Chairs report will directly inform decisions to be made by the Executive Director regarding WG continuation, modification, or sunset. |
There was a problem hiding this comment.
Capital on "Reports" or not? To be consistent between the two sentences.
owaspbil
reviewed
Apr 29, 2025
| @@ -339,10 +339,12 @@ Each member of a Board Committee shall serve for such term as shall be establish | |||
|
|
|||
| (a) A Project Committee of the Foundation is hereby established, which may have such Sub-Groups as from time to time may be approved by the Board of Directors. The Project Committee and its Sub-Groups shall be the principal Member-level forum for the discussion and preliminary adoption of technical strategy and standards, subject to the review, and within the strategic direction established by, the Board of Directors and such Member Committee shall otherwise have such rights and privileges as shall from time to time be established by the Board of Directors, or as set forth in such Project Committee charter, rules, and policies as shall have been previously adopted by the Board of Directors. The Project Committee may make technical recommendations to the Board of Directors concerning technical strategy and other technical work products of the Foundation and may undertake such other tasks as may from time to time be established by the Board of Directors, provided that all strategies and standards may only be finally adopted by the Board of Directors | |||
|
|
|||
| (b) From time to time, the Board of Directors may establish additional Member Committees. Each Member, so long as it remains a Member in good standing, shall be entitled to appoint such representatives to each such Member Committee, with such voting rights (if any), as set forth in Article II. Unless otherwise specified in these By-laws or by the Board of Directors, each Member Committee may have such sub-groups, working groups, and other groups as from time to time may be approved by such Member Committee, within the strategic direction established by the Board of Directors (each a "Sub-Group") | |||
| (b) From time to time, the Board of Directors may establish additional Member Committees, or Working Groups, and additionally, delegate the authority to create or disband Committees or Working Groups to the Executive Director. Each Member, so long as it remains a Member in good standing, shall be entitled to appoint such representatives to each such Member Committee, with such voting rights (if any), as set forth in Article II. Unless otherwise specified in these By-laws or by the Board of Directors, each Member Committee may have such sub-groups, working groups, and other groups as from time to time may be approved by such Member Committee, within the strategic direction established by the Board of Directors (each a "Sub-Group"). | |||
There was a problem hiding this comment.
Doesn't seem like the Board can disband committees, might want to change it to read "may establish or disband"
owaspbil
reviewed
Apr 29, 2025
| @@ -339,10 +339,12 @@ Each member of a Board Committee shall serve for such term as shall be establish | |||
|
|
|||
| (a) A Project Committee of the Foundation is hereby established, which may have such Sub-Groups as from time to time may be approved by the Board of Directors. The Project Committee and its Sub-Groups shall be the principal Member-level forum for the discussion and preliminary adoption of technical strategy and standards, subject to the review, and within the strategic direction established by, the Board of Directors and such Member Committee shall otherwise have such rights and privileges as shall from time to time be established by the Board of Directors, or as set forth in such Project Committee charter, rules, and policies as shall have been previously adopted by the Board of Directors. The Project Committee may make technical recommendations to the Board of Directors concerning technical strategy and other technical work products of the Foundation and may undertake such other tasks as may from time to time be established by the Board of Directors, provided that all strategies and standards may only be finally adopted by the Board of Directors | |||
|
|
|||
| (b) From time to time, the Board of Directors may establish additional Member Committees. Each Member, so long as it remains a Member in good standing, shall be entitled to appoint such representatives to each such Member Committee, with such voting rights (if any), as set forth in Article II. Unless otherwise specified in these By-laws or by the Board of Directors, each Member Committee may have such sub-groups, working groups, and other groups as from time to time may be approved by such Member Committee, within the strategic direction established by the Board of Directors (each a "Sub-Group") | |||
| (b) From time to time, the Board of Directors may establish additional Member Committees, or Working Groups, and additionally, delegate the authority to create or disband Committees or Working Groups to the Executive Director. Each Member, so long as it remains a Member in good standing, shall be entitled to appoint such representatives to each such Member Committee, with such voting rights (if any), as set forth in Article II. Unless otherwise specified in these By-laws or by the Board of Directors, each Member Committee may have such sub-groups, working groups, and other groups as from time to time may be approved by such Member Committee, within the strategic direction established by the Board of Directors (each a "Sub-Group"). | |||
There was a problem hiding this comment.
Each Member, so long as it remains a Member in good standing, shall be entitled to appoint such representatives to each such Member Committee, with such voting rights (if any), as set forth in Article II.
As written, any OWASP member can appoint representatives. Is it supposed to be Board Members? Or members of the committee/group/etc? And whoever it is that appoints, should they also be able to rescind?
|
|
||
| Working Groups are proposed by OWASP Members. Proposals to create a WG must be clearly aligned with OWASP’s strategic priorities and demonstrate tangible benefit to the OWASP community. | ||
|
|
||
| Proposals must be submitted in the form of a Scope and Programme of Work and submitted to the OWASP Executive Director. The Scope and Programme of Work shall clearly describe: |
There was a problem hiding this comment.
"Programme" is a UK spelling. Not sure if we care here?
|
|
||
| Operational responsibility for vetting potential WG Chairs lies with the OWASP Executive Director or an appointed staff representative. Candidates must demonstrate sufficient expertise, relevant professional experience, and alignment with OWASP’s core values. | ||
|
|
||
| The Executive Director is responsible for confirming appointments of WG Chairs following successful vetting, formally documenting decisions, and communicating appointments clearly to all parties involved. |
There was a problem hiding this comment.
Who can remove Chairs? Should Chairs be re-confirmed annually? Should there be term limits to enable fresh perspectives? Or annual votes within the committee for Chair?
|
|
||
| ## Working Group Participation | ||
|
|
||
| Participation in Working Groups is open to anyone with relevant interest and willingness to actively contribute, including non-members of OWASP. WG Chairs are responsible for clearly communicating participant expectations, maintaining a welcoming environment, and ensuring adherence to OWASP’s Code of Conduct. |
There was a problem hiding this comment.
Sounds like anyone can participate. Is there a mechanism to remove / bar participants that are disruptive?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR creates the necessary framework for working groups, and minimally updates the bylaws to allow the rapid creation and dissolution of working groups.
Please comment by no later than May 28, 2025, so this can be brought to a vote in the May Board meeting.