cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Newcomer II

Re: Why does ISC2 insist on secrecy of its operations?

All,

 

Lets also be upfront that with the annual fee's paid to the organization:

 

# of active members some with multiple certificates x $125 [or more] = a significant amount of money.  

 

It seems to me that we are not receiving products and services that would be expected for this level of revenue.  

 

Respectfully,

 

- Joe Duffy

CISSP - 319540

 

 

Community Champion

Re: Why does ISC2 insist on secrecy of its operations?

@Joe_Duffy wrote:

 

All,

 

Lets also be upfront that with the annual fee's paid to the organization:

 

# of active members some with multiple certificates x $125 [or more] = a significant amount of money.  

 

It seems to me that we are not receiving products and services that would be expected for this level of revenue.  

 

Respectfully,

________________________________________________

 

Not to be negative but I know that it would help both management and the board, greatly if we could articulate what products and services we expect for any price.

 

Moons ago, the organization adopted a membership focused strategy and we are seeing that come to realization with the lowering of membership fees (I used to pay $330 (roughly) a year for my certs, I now pay $125 (hmmm that's about $200 a year USD (so $275 CDN) savings for me), they created PDI which provides free training to members, the journal, etc.

 

So if there is specific training that you believe that is needed feed that back to your local chapter, Members support and/or a board member.

 

If for instance, you would like to see the journal published more frequently, tell them.

 

I agree with Steve Mencik in that there should be more transparency between the board (they are the folks that we elected to oversee the running of the organization) and the membership.  However, I believe we need to fully articulate what we are missing in terms of goods and services from the organization.

 

I for one would love to see a Security Best Practices Guide (similar to COBIT or GAAP).

 

Okay everyone can now throw stones at my head.

 

d

 

 

 

 

Newcomer II

Re: Why does ISC2 insist on secrecy of its operations?

"Something is rotten in the state of Denmark" Shakespeare, Hamlet. Act I, Scene 4.

 

I dissociate myself from what I have just posted. Also I do not guarantee the relevance of the comment to this thread.

 

This is my policy, for today.

Contributor I

Re: Why does ISC2 insist on secrecy of its operations?

Before this thread gets out of hand, I want to clear something up before anyone puts words in my mouth.

I do not suspect, nor have I ever accused, anyone on the Board of Directors or the Officers and Staff of ISC2 of financial malfeasance. For those that might be concerned about that, I urge you to start by reading the Annual Reports, all of which contain audited financial statements for the organization. These reports are posted on the website, though not where you might expect to find them. You can find them here. 

As far as information on what ISC2 is doing, the Annual Reports also provide a lot of really useful material on that as well.

So, then what is my gripe? 

For years, members have asked the Board of Directors to post the minutes of their meetings for viewing. If they were ever posted anywhere, I don't know about it, and as far as I know, they are not posted  anywhere now. 

What specifically set me off to start this and other threads, is secrecy around voting totals for the Board of Directors Elections, and secrecy about official policies of the ISC2. I asked for the vote totals received by each candidate in the most recent election. I was told that was against policy to release that information. I asked for the total number of members voting vs. the total number of people eligible to vote. Again, I was told that it was against policy to release that information.

I then asked to see the policy or policies that stated the voting information could not be released, and who authorized that policy and when. My request for those policy documents was ignored.

I personally cannot think of any good reason to hiding the voting information. However, if a policy really has been adopted not to publish that data, I'm okay with that. Just show me the policy, when it was adopted, and by whom. There are procedures in the ISC2 By-Laws for either getting an item aded to the agenda at an annual meeting or for calling a special meeting of the membership. Proposals to change policy that the members don't like can be entertained at that time. The issue is that if we don't know what the policies actually say because they have never been released, it becomes difficult to create a proposal to amend such a policy.

Anyway, my complaints have to do with the release of what I think ought to be available to the members as a matter of course. It does not concern anything with the financials, or the coduct of the Board, Officers and Staff with regard to financials. Please do not imply that's what I was trying to say.

Thanks,

Steve Mencik

Contributor I

Re: Why does ISC2 insist on secrecy of its operations?

I made a post clarifying my intent of this thread this morning. It already had received at least 1 kudo. That post has now been removed. Why?

I composed a similar note last night, and thought I posted it, but it was not there this morning. Was that also removed? If so, why?

UPDATE: Post has been restored. Moderators took care of restoring. Not sure why removed.

Newcomer II

Re: Why does ISC2 insist on secrecy of its operations?

 

 

Yes I agree that we as membership should clearly ask for what we expect as products and services from the organizations we belong to.    Its a good point to consider and @dcontesti statement should challenge us to be good stewards of this.

 

 

I also want to agree with @mencik and apologize that I do not suspect or accuse anyone of financial misconduct.  

 

I was trying to make the point that with the fees we pay to the organization there should not be a resource issue in its being transparent to it members with any and all information about the organization 

 

Respectfully,

 

- Joe Duffy

Newcomer III

Re: Why does ISC2 insist on secrecy of its operations?

Some of the discontent over financial transparency may be quelled if, along with the annual report, someone could give a simple and approximate breakdown of how the $125 AMF is used. The information may all be in the report, but most members aren't accountants, and can't necessarily decipher it.

Newcomer II

Re: Why does ISC2 insist on secrecy of its operations?

Financials?? 

"Frankly, my dear, I don't give a damn" - Rhett Butler (Gone with the Wind, 1939).

 

It's all about voting and the information around that.

 

"When will people learn: Democracy doesn't work!" - Homer Simpson after Preposition 24 passes by overwhelming support in "Much Apu About Nothing".

 

and in any case:

“Being at a loss to resolve these questions, I am resolved to leave them without any resolution.”
Fyodor Dostoyevsky, The Brothers Karamazov

 

 

Community Champion

Re: Why does ISC2 insist on secrecy of its operations?

@mencik @Jill_slay @DavidMelnick @ @LoriRossONeil @Wintermute-1 @scleung 

 

To those board members who have participated in the forum, would one or all of you read Stephen's request to have the minutes of board meetings published in a members only directory.

 

Stephen is in the process of attempting to have the issue brought to the board meeting but there is growing concern on the transparency .

 

Hoping that one or all of you will pick this up and discuss at the next board meeting.

 

Regards

 

d

 

Contributor I

Re: Why does ISC2 insist on secrecy of its operations?

I attempted to get 500 letters to force this onto the annual meeting agenda, but there was not sufficient time to do so. If the Board will bring this issue up and either allow this info to be disseminated or at the very least explain why it needs to be kept secret, then I'll stop. If the Board is not willing to do so, then I'll just set out on getting 500 letters to force a special meeting of the members. There is no time limit for me to collect those. I'd hate to see the organization waste the money to hold a special meeting though.

In summary, I'd like to see the following posted to the member restricted website:

  • Board meeting minutes
  • All policies officially adopted
  • Organization By-Laws (already posted) and Articles of Incorporation (available from Massachusetts)
  • Other information pertinent to members, such as the vote totals received by each candidate in the Board elections, and the percentage of eligible members that actually voted.

I don't think any of these requests are unreasonable, and various people have asked for all of these before. The lack of transparency into these matters has been an issue for as long as I have been certified, which is more than 20 years now.

 

Steve Mencik
CISSP, ISSAP, ISSEP #10288