Myself, Diana Contesti, and Richard Nealon are all trying to get onto the ballot for the upcoming ISC2 Board of Directors Election and need your support. For information about us and how you can help, see:
Stephen Mencik petition
Diana Contesti petition
Thanks for your support.
Stephen Mencik
CISSP, ISSEP, ISSAP
Thanks Diana,
you're right, but I must observe a couple of things:
1 - Members do not own the association, nor they have any influence in the governance/administration. In fact, CEO, directors, etc. are hired directly by the Association, which is legally represented (and owned) by someone why are not allowed to know (unless you do a little investigation...😉). A respectable and transparent association would never have a general counselor among its staff...
2 - You have been in the BoD for a long time in the past. You did noticeable things, but that was not enough. In fact, you agree transparency is a mandatory requirement, but why you did not succeed in that task when on the Board?
Association needs a complete revision. All members are upset, but they need to stay in because it's the only possibility to maintain their certifications.
Let's start with this: have members knowing the truth, by disclosing the real organization (who they are) and what they do with our money. If you want to pursue this tough task, I'm at your side
Good luck
Claudio
Morning Claudio
Sorry but on point one you are incorrect. The membership does own the organization and not one individual. From (ISC)2 history website:
“The Consortium” was formed among several professional organizations to create a global information security certification process for professionals and to address the need for standardized curriculum for the burgeoning profession. A series of strategy and planning meetings were held at Idaho State University and in Salt Lake City starting in November.
The initial groups that joined together to form (ISC)² included: the Canadian Information Processing Society, the Computer Security Institute, the Data Processing Management Association (two special interest groups), Idaho State University, the Information Systems Security Association, and the International Federation for Information Processing.
(ISC)² is incorporated in the Commonwealth of Massachusetts under the authority of
Massachusetts General Laws c.180 and the Articles of Organization of the Corporation
(“Charter”)
Point 2, yes I was on the board for a while and along with others moved the organization down a path. Some good, some maybe not so good......as to transparency, whilst I was on the board we did pass a motion that the minutes of board meetings would be posted for the membership. However, as my last year on the board was 2015, I cannot say why that has not been done but it would be on my agenda to determine what or why it is not being done.
As to your last point, ANY member is free to ask for and receive copies of the Articles of Organization as well as reviewing the Massachusetts General Laws c: 180. A request to Graham Jackson should be all you need to do. Additionally as (ISC)2 is a 501c6, it must post its 990s to the IRS along with financials. The 990s can be located on GUIDESTAR.ORG. These documents show where the money is and what is being done with it. This document also details what folks get paid.
The Board are intended to be the voice of the membership and have one employee (the CEO). As this is the case, the Board should be listening to the members and maybe spending some of the cash that is being put away.
So to answer the last question, you as part of the membership own a piece of the organization.
Best
d
@claudiocilli Claudio, there's a couple of corrections that are worth pointing out, although you're absolutely correct on some points
1. My understanding is that Members absolutely own the association. The articles of association are public and can be found at https://corp.sec.state.ma.us/CorpWeb/CorpSearch/CorpSearchViewPDF.aspx
Members do have a huge influence in the governance/administration - it's the members who vote and elect the Directors in the BoD elections every year, and it's the responsibility of those Directors to represent all members best interests.
In the same way as we elect our various governments, it's incumbent on members to vote for Directors who's policy they support. It's also incumbent on members to influence change through their vote when they feel Directors haven't been performing.
The CEO is hired by, and reports direcly to, the Board. The Board are responsible for all governance and oversight of the organisation.
My understanding is that many large corporations with assets in excess of $100m retain a lawyer / general council. I don't think (ISC)2 is unusual in that regard.
2 - Diana, Dan Houser, Jill Slay, David Melnick, Wim Remes and myself have all been Board members in the past. We've also been volunteers in other areas (some of us for over 30 years). I introduced a change when I was Chair of the Bylaws Committee in 2014 that members could not serve more than 6 years as a Director in any 10. My understanding is that Diana has not been a board member since 2015 (she may correct me) but she has every right (as do all members) to petition for a place on the Board now so that she can influence much needed change.
There are normally 13 Board members. Each director only has one vote. They can't make any change they want on their own, but they can influence change through dialogue and debate.
I fully agree with your further point "Association needs a complete revision. All members are upset, but they need to stay in because it's the only possibility to maintain their certifications."
In relation to what they do with our money, I'd refer you to the auditors report at the end of https://www.isc2.org/-/media/ISC2/About/Leadership/Annual-Reports/ISC2-Annual_Report-2021.ashx? and the 2020 I990 filing at https://pdf.guidestar.org/PDF_Images/2020/043/064/2020-043064434-202111329349304676-9O.pdf?
We greatly appreciate your support
Adding my name to upcoming BoD petition process so that members will have some choice when it comes to the voting
Please visit https://sites.google.com/view/RN-petition-isc2-board
I have the Articles of Incorporation downloaded from the Massachusetts website. Visit https://sites.google.com/view/smm-petition/isc2-articles-of-incorporation to view them.
Thanks for the reply.
Among the other (I expressed only my thoughts ), one thing is absolutely true: (ISC)2 lacks, or has never had, transparency.
The discussion in this community is the proof.
I understand some past Board Members tried to follow the right path, but the situation is the one under our eyes, and it's the same since when the Association has been created:
- members are passive. The perception is that to be involved in the (ISC)2 governance is almost impossible. Maybe this is not true, but this is what they think
- (ISC)2 does nothing to members but to ask money, a lot of money, to have their certification(s) alive
How long do you expect this situation can continue? Many other valid certifications are on the rise, and IS security professionals are seriously considering leaving CISSP, etc. to embrace those. There's a need to change and the first step is to involve members, not only organizing workshops aimed to write exam questions.
But (ISC)2 governance thinks different...
@claudiocilli wrote:
Among the other (I expressed only my thoughts ), one thing is absolutely true: (ISC)2 lacks, or has never had, transparency.
The discussion in this community is the proof.
Exactly this. Note that for all the different posts on this issue in the various threads in the Community, there has not been even one response to any of them from any Board Member, or Staff Member. Their response is to stay stonily silent, and this will blow over, and everyone will go away. The only way this is going to change is if the IRS investigates and removes not-for-profit status. Given the lack of resources of the IRS, it is doubtful that would ever happen.
@TrickyDicky wrote:Adding my name to upcoming BoD petition process so that members will have some choice when it comes to the voting
Please visit https://sites.google.com/view/RN-petition-isc2-board
"Our huge cache of monies should be ploughed back into re-engaging with the membership" - or maybe into reducing the AMF? This isn't a case of "we have to pull in lots of money from members, now let's try to work out what to do with it"/
It's the same in Italy. The Agency lack of resources and they prefer using them in fighting the real criminals. After all, how can't we approve this approach?
A possible solution - again, it's only a personal proposal - would be to start a massive (and COORDINATED) campaign trying to bring these things to attention of members and opening their eyes. The petition process is frustrating and, even some of you were successful, you need to be voted and - moreover - what can you do alone once in the Board?
If we (and this time I add myself in) build an influencer group of knowledgeable professionals, I don't think the (ISC)2 could continue to ignore the membership basis once they start questioning them.
I know it's hard, but I did in other situation and at the end I succeeded
Responded today with my endorsement, for what it is worth.
I really hope one or more of the three of you are allowed represent the ordinary members.
This election feels like a watershed moment for long standing members like me, who are no longer supportive of the current Board or their policies.