Myself, Diana Contesti, and Richard Nealon are all trying to get onto the ballot for the upcoming ISC2 Board of Directors Election and need your support. For information about us and how you can help, see:
Stephen Mencik petition
Diana Contesti petition
Thanks for your support.
Stephen Mencik
CISSP, ISSEP, ISSAP
So when I talk about transparency, I am thinking about letting the membership (who own the organization) know how their monies will be spent or saved. The organization is sitting on huge monies and yet, very little is being done. Sure they are offering a million free entries to the new certification but what they do not say is that one million times $125 membership fee will bring $125,000,000 per year into the organization......wow not bad for a not-for-profit.
Or they do not tell you that they are going to augment trainings available to you as a member or that customer service will be improved such that it does not take four days to have a password change done nor that the letter you receive from them is useless.
The current strategy was developed in 2011 and seems to have stalled. In Business, we know that corporate strategies are reviewed, revamped and sometimes even change direction over time. When was the last time, the organization offered a certificate or certification that would improve your career?
As to Ethics, I have already said that the Canons as written in 1987 still stand the test of time but how/when/why they are implemented/applied may have changed. Remember back in 1987, hackers were not to be associated with, now we see organizations actively hiring staff that have those skills and will use them for the betterment of their organizations. The Ethics committee is now comprised of six (6) board members and two (2) non-board contrary to the By-Laws.
The current election is a prime example of the Board not following it's own governance. There are five slots open for election, and the board has effectively removed the memberships choice of representation. They are mandating the candidates. Graham Jackson wrote a note stating that there were 85 people who self-nominated, yet the board could only find five folks suitable??? That really begs the question of what are they looking for. Yes I did not self-nominate and NO I am not suffering from sour grapes. I am annoyed that they could not find ten (10) folks to stand for the slots. I also question why two of the current board members who could have run are not on the slate?
So a bit about me, I am here on the Community, sometimes talking about security related issues, sometimes, offering advice to folks, sometimes answering specific questions.
During the elections, folks come onto this forum and others and STATE, I am here for you but when is the last time that you have seen one of them (Dan Houser and James Packer are the latest).
So come November, you will be asked to cast your ballot (really why bother) for five (5) for five (5) slots that will make promises of this/that or another thing and YOU will never hear from them again.
Okay, off my soap box and back to work
Best
d
>> "When I was on the Board, and I believe the same goes for @dcontesti and @TrickyDicky , we understood that the Bylaws were written succinctly and quite openly. It was our policy to take a very conservative reading of the Bylaws. Most recently the Board seems to have reversed that and it currently applies a very liberal reading of the Bylaws. Running a slate with only 5 candidates for 5 open seats is an example of that. It is not strictly against the Bylaws but it is definitely against the spirit of the Bylaws. This also goes for the composition of the Ethics committee and the merging of the Ethics and the Bylaws committee. These are 3 governance actions that are questionable at best considering all limiting factors mentioned above. If the association continues on this path, ISO17024 accreditation and 501c6 status may even be impacted."
Fully agree @wimremes. I even felt at one stage, that our Articles of Association drafted in 1989 by some very wise men and women, were at risk of being broken. Similarly, they are being followed by the Board and Management to the letter, rather than the spirit. I'm ashamed to say that when I brought the new Bylaws to the board for approval back in 2014, I was cautious not to change too much but just fix what was then seen to be broken. In retrospect, I should have fixed much more that might have prevented the shambles that has since ensued.
The link to the Articles of Association is a "no documents found" page.
@gidyn wrote:
I can buy from Walmart without the foggiest idea or care of how they're governed. That's how the overwhelming majority of "members" view ISC2. Not as a membership organisation, but a certification vendor.
I'd say the main difference is that you're not a Walmart shareholder (or if you might be, the value of your shares is not the same as every board member). The (ISC)2 was started as a non-profit corporation owned by the members. It's a simple, cost-effective, and low-risk way of starting something. That said, today the (ISC) has more than $70 million in net assets with a net positive cash flow in 2021 of almost $14 million. Those are fantastic resources - what are we going to do with them? And how does that financial opulence align with the original (or even current) mission?
For the sake of argument, these numbers don't seem greatly out of whack with some other associations (e.g., ISACA). But I think your assertion is spot on. Most of the membership sees (ISC)2 as a vendor.
First of all, it's quite surprising that people who stayed into the BoD for a VERY long time in the past, are now trying to be elected again. They all were able - thanks to the election mechanism - to be nominated more and more times.
I would have preferred not doing this, to leave space to new generations.
Everybody knows the nominating system is unethical as it works today. Only 5 people were selected to cover the just five vacancies. That means that even they do not get any vote, they will be elected anyway!
I don’t know why there’s such a run for securing a seat, but the system is designed to be a close-circle: this is obvious.
It was said they received about 85 self-nominations. After checking that the requirements of all were satisfied, why don’t leave members the liberty to choose and publish the entire list?
I have some considerations to share:
- it's quite surprising an Association spends members' money to pay a general counselor, so strongly committed so serve the interest of someone, although not clear who they are. No such figure is present in any other association I'm aware of
- it's worth to mention that the Board was entitled to self-nominate themselves. In other words, they nominated for the next election round the existing members. Only after A LOT of years (nine if I remember well) a board member couldn't be re-elected. They just waited for one year and then jumped on the Board again. This is easily retrievable in their papers and in Internet
- Some members (e.g.: Dan Houser) are still there after 10 years, using this trick
I don't know why this happens in this Association, which is unique under this point of view, but that is. They simply don't want "undesirable" people.
Before someone brings it to the community attention, let's tell my personal story. I did try to jump in the Board with a petition. I was able to get more that 500 endorsements. The general counselor, a couple of days before the deadline, emailed me saying that after a careful check of the emails, he found ten of them not aligned with the petition requirements (members used a different email from the registered one because they changed the provider), so invalidating my petition. In addition, after submitting the whole package (copy of the emails, an Excel sheet summarizing them, etc.) it is not possible to integrate them.
And this is democracy?
Therefore, it doesn't surprise why (ISC)2 is losing credibility...
The Board implemented term limits eventually. A board member can now serve a maximum of 6 years in a 10 year period instead of the previous 6 years in a 7 year period. This particularly to allow "new blood" to be added. Ideally a board is composed of experienced members and new members with new ideas to maintain organizational memory. There is no silver bullet to solve the challenges as term limits come with their own problems.
Hi Wim,
we discussed a lot in the past years. I appreciate what you did to change the recruitment process. Unfortunately, I must see nothing changed since then. The same persons are still there. Something should have gone wrong, this is for sure