Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bylaws policy election #117

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Bylaws policy election #117

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
1919558
Update election.md
vanderaj Aug 17, 2022
483fc10
Update election.md
vanderaj Aug 17, 2022
3cf185f
Merge branch 'bylaws-policy-election' of https://github.com/OWASP/www…
vanderaj Oct 7, 2022
c45358b
Nearly done, merge with master
vanderaj Oct 7, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
128 changes: 105 additions & 23 deletions operational/election.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,28 +1,75 @@
---

title: Elections Policy
title: Elections Policy (DRAFT WIP)
layout: col-document
document: Rules of Procedure
tags: Rules of Procedure
notice: 2020-08-05
notice: 2022-10-07

---
Adopted by the Board on 20-Oct-2020

{% include draft-notice.html %}

## Overview

The OWASP Foundation is a community-led organization where some leadership roles are filled with individuals elected by Membership. While the following policy is specifically written for Board of Directors Elections, it should be used as a model for other OWASP elections. Generally, elections should be conducted in a fair and transparent manner which include:
The OWASP Foundation is a community-led organization where some leadership roles are elected by Membership. Free and fair elections are central to OWASP's core values of openness, innovation, integrity, and global collaboration.

## Voter Qualifications

Voters must be Voting Members of the OWASP Foundation. Voting lists are determined no later than the start of each election. Voting members are qualified to vote on any voting matter. Voting is optional.

Accurate voting lists are the responsibility of the OWASP Foundation. If there is any technical reason for the voter list is inaccurate, the Foundation will make every effort to correct the list before the election begins, and the affected parties will be notified and given the opportunity to vote and correct any errors.

## Leader Qualifications

The OWASP Foundation sources its leadership from the community in a democratic process, elected by voting members. Leaders, Officers, and Directors must be Voting Members, with a strong commitment to the mission of the Foundation.

Nominees for Director positions must be Voting Members for at least one year prior to the election.

Directors must be paid financial members by the time they assume their seat, pending any grace period.

Diversity candidates are strongly encouraged to participate in the leadership of the OWASP Foundation.

Leader qualifications will be verified by the OWASP Foundation no later than certification of the election by the Executive Director.

## Private method of Voting

The OWASP Foundation shall maintain a voting system that provides a private method of voting, with verification of the voter's identity, such that voters can cast only one ballot.

## Committee, Chapter, Project, or Event Leadership Elections

Committee officer, chapter, project, or event leadership are preferably elected by "viva voce" elections - that is "show of hands", with the results being recorded. If there are serious concerns about running "viva voce" elections, the leadership team can elect to use e-ballot.

### Announcement of the Election

A public meeting shall be convened by the existing leadership team, with at least seven days written notice on the OWASP website and Leaders mailing list, and optionally social media announcements, such as #owasp-community in the OWASP Slack, the chapter or project group, or the OWASP Twitter account. The announcement shall include the following:

- Date and time of the meeting
- Positions open for election

Announcements shall be made on a business day closest to the dates outlined above.

### Nomination Process

Leadership nominations shall be called from the floor at a publicly announced chapter meeting, project meeting, or event leadership meeting, per Robert's Rules of Order 46:6, stating the position that is open. Nominees shall state if they accept the nomination, and the reasons why they should be elected.

### Voting Process

If there is more than one nomination, the Voting process is "Viva Voce" elections - or a show of hands from the assembled members, as outlined in Roberts Rules of Order 46:37. An alternative method is to submit the nominations to the OWASP Foundation to run an e-Ballot. Winners are those with the most votes of those present or voted. In the case of a tie, a run off election of the two top candidates shall be held until a clear winner is determined.

### Election Results

- Sufficient notice period for nominations and voting
- Concise candidate and electorate qualifications
- Publicly available timelines on the OWASP website
- Open process for community to meet candidates
- Private method of voting
- Publication of full voting results
Election Results shall be published on the OWASP Website and on the OWASP Slack. A ticket to change the leadership team shall be submitted by the current or outgoing leadership team. The OWASP Foundation will validate the OWASP Membership of the new or updated leadership team.

## Process
## Amending or Replacing Bylaws of the Foundation

No later than two months prior to an election, a timeline will be publicly available that is minimally shared on the OWASP website. On the nearest business day, the timeline will include notices, important dates, and milestones to be gazetted on the OWASP website prior to the election process starting.
Bylaws may be amended or replaced by a two-thirds vote of the Board of Directors. The Board of Directors may also amend or replace the Bylaws by a 50% vote of all Voting Members, in a poll that runs for thirty (30) days. The simple majority of voters in the poll determine the outcome of the amendment or replacement. The proposed amendment or replacement must be submitted to the Board of Directors at least 30 days prior to the vote.

## Board of Directors Election

The Board of Directors election is held annually, with alternating years of three seats and then four seats being available. The Board of Directors is elected by the Voting Members of the OWASP Foundation. The Board of Directors is responsible for the governance of the OWASP Foundation, and is the ultimate authority of the OWASP Foundation.

### Timelines

For the OWASP Board of Directors those annual milestones are:

Expand All @@ -34,28 +81,59 @@ For the OWASP Board of Directors those annual milestones are:
- Election Voting Closes, October 30
- Results announced to the community, November 1

Elections shall include a method for the electorate to get to know the candidates and their position on topical matters. For the Board of Directors election, this method will minimally include a (1) two week call for questions from the community where a final list sorted by popularity for up to six questions will be provided to candidates, and (2) each candidate will post an online video linked on the Foundation’s website to a candidate community page.
Elections shall include a method for the electorate to get to know the candidates and their position on topical matters.

Email sent to Members shall be the official and primary communication method to engage candidates and Members for OWASP elections. Members shall receive no less than three (3) email notices for the following: (1) call for candidates, (2) call for questions, (3) notice that in order to vote you must be a Member, and (4) notice to vote. Timelines for elections may include courtesy notices through other channels including social media and mailing lists; however, they are not required and should not be expected for official communications from the OWASP Foundation to Members and the community at large.
For the Board of Directors election, this method will minimally include:

1. a two week call for questions from the community where a final list sorted by popularity for up to six questions will be provided to candidates, and
2. each candidate will post an online video linked on the Foundation’s website to a candidate community page.

### Call for Candidates

No later than two months prior to an election, a timeline will be publicly available that is, at the minimum, shared on the OWASP website. On the nearest business day, the timeline will include notices, important dates, and milestones to be gazetted on the OWASP website prior to the election process starting.

### Board of Director Term Limits

Board of Directors are elected for a two-year term which starts January 1 of the calendar year following the election. Directors may hold office twice in any 10 year period.

### Appointment versus Election

If there are fewer candidates than the number of open vacancies, candidates in good standing who complete all other necessary qualifications will be appointed to the Board, and no election will be held.

## Qualifications
Any remaining vacancies will be filled by the Board of Directors per the OWASP Bylaws vacancy provisions once the new Board has taken office.

The OWASP Foundation sources its leadership from the community in a democratic process. There are no specific qualifications other than Membership and a strong commitment to the mission of the Foundation. Diversity candidates are strongly encouraged to participate in the leadership of the OWASP Foundation.
### Membership Day

Membership Day, September 30th of each year, is the primary deadline for Board of Director election qualifications. It is the day of that year’s election for which Membership is required to be an eligible elector, and it is the day the previous year for which candidates must have maintained continuous Membership in good standing to be a qualified candidate.
Membership Day (see timeline) is the primary deadline for

As an example for the 2020 Board Elections:
- Determining the Voting Membership list for electors
- Determining if a candidate is a Voting Member and has maintained Voting Membership for at least one year prior to the election

- Members continuously in good standing since September 30, 2019 are qualified to run for Board of Directors seat
- Members in good standing on September 30, 2020 are eligible to vote
Candidates who do not meet the Membership Day qualifications will be removed from the ballot.

In the case of the Board of Directors, Members are elected for a two-year term which starts January 1 of the calendar year following the election. It is the responsibility of each Director on the Board to continuously maintain Membership in good standing while serving the Foundation.
### Sufficient notice period for nominations and voting

Additionally, some leadership positions may additionally require winning candidates to execute various agreement(s) prior to assuming office. Failure to execute those agreement(s) will result in the censor and removal from the position.
Elections shall have a notice period of no less than 30 days prior to the running of the election

### Concise candidate and electorate qualifications

Candidates are required to provide a short biography and a statement of their qualifications for the position, including a video statement. Failure to provide a written or video statement is grounds for disqualification.

## Official Communications

Email sent to Members shall be the official and primary communication method to engage candidates and Members for OWASP elections. Members shall receive no less than three (3) email notices for the following: (1) call for candidates, (2) call for questions, (3) notice that in order to vote you must be a Member, and (4) notice to vote. Timelines for elections may include courtesy notices through other channels including social media and mailing lists; however, they are not required and should not be expected for official communications from the OWASP Foundation to Members and the community at large.

## Good standing and grace provisions

Leaders and Directors are responsible for and must maintain continuous OWASP Membership in good standing while serving the Foundation. Directors must be paid financial members by the time they assume their seat. The OWASP Foundation is responsible for maintaining the membership system, which will send out regular reminders of upcoming membership expiration dates, but is not responsible for the failure of a member to renew their membership.

If for any reason, a Leader or Director's membership lapses, they will be given a grace period of seven (7) days to renew their membership. If they do not renew their membership within the grace period, they will be removed from their position. During the grace period, they are considered to be in good standing for the purposes of voting and actions taken.

If the OWASP Foundation's systems are inoperative or dysfunctional, membership lapses during this time will be excused and not count towards the grace period nor against the Director or Leader in determining if the Director or Leader had good standing in the lead up to the election.

## Voting

Voting in elections shall be of secret ballot of Members. Balloting shall be open for no less than fourteen (14) and no more than (20) days. Voting closes at 11:59pm US-Pacific Time on the election voting end date. In the case of Board Elections, staff will ensure current Members of the Foundation receive a serialized ballot. Members can vote only once in each election per election cycle. Fraudulent behavior and efforts to either suppress or influence votes shall not be tolerated.
Voting in elections shall be of secret ballot of Members. Balloting shall be open for no less than fourteen (14) and no more than thirty (30) days. Voting closes at 11:59pm US-Pacific Time on the election voting end date. In the case of Board Elections, staff will ensure current Members of the Foundation receive a serialized ballot. Members can vote only once in each election per election cycle. Fraudulent behavior and efforts to either suppress or influence votes shall not be tolerated.

In situations where an election will be selecting more than one candidate, such is the case when Directors are elected to the Board, ballots will be designed to allow electors to cast as many votes as are allowed on one ballot. Electors are not required to cast the full number of votes allowed and can only vote for a single candidate once.

Expand All @@ -65,6 +143,10 @@ All OWASP elections shall fully report the results of balloting in no more than

The Executive Director or their designee shall certify an election result. Member voting history is private, so no one other than the Member shall know their vote.

## Leadership Agreements

Some leadership positions, particularly the Board of Directors, may additionally require winning candidates to execute various agreement(s) prior to assuming office. Failure to execute necessary agreement(s) will result in the censure and removal from the position, with any vacancies filled per the OWASP Foundation's Bylaws.

## Sole Election Policy

Regardless of the information presented throughout the OWASP website or conveyed by its Leaders, members, staff or Directors, this page while also being subject to the OWASP Foundation By-Laws and Articles of Incorporation, is the sole and authoritative Election policy of the OWASP Foundation, Inc.