If you read through the various parts of the Community, you will find posts where I have asked for things like:
I've been told that ISC2 has a policy not to release this information.
I've asked for a copy of the policy as it was adopted by the Board, to include the adoption date, and the staff has refused to provide me with that policy. Apparently, we are to take them at their word.
In the past, other members have asked for the Minutes of the Board meetings to be posted. To date they have not. According to past Board member Diana Contesti, during her term, the Board voted on a resolution and passed it, that required the posting of the minutes. Yet, they still remain unposted.
The By-Laws are posted at https://www.isc2.org/-/media/Files/2017-Amended-and-Restated-Bylaws.ashx, but I have not found a copy of the Articles of Organization of the Corporation.
There is a Policies and Procedures section of the ISC2 website, https://www.isc2.org/Policies-Procedures, but the policies referenced above are not posted.
My question is why the Board of Directors and the Staff of ISC2 are so insistent upon secrecy of the operations of the Corporation that they will not even release copies of the policies that are referred to when declining to provide other information? This just does not make any sense to me, and I feel the Membership deserves better.
Stephen M. Mencik
CISSP, ISSAP, ISSEP #10288
Note: Originally posted to Member Talk, but folks were having difficulty accessing it there.
This is a good test for this "Community". Does this Community mean anything? Is it genuinely intended to create effective dialog? If so, we will see a response to this simple and very reasonable request. If not, then we can regress to the petition (500 letters) process.
I have shared all of your feedback internally, but wanted to provide an update on the additional steps the organization is taking.
Regarding policies, including those related to the election, we are working on enhancing our FAQs, as well as looking to create additional content for our members to better understand how these activities are managed. We want to ensure that members who wish to learn more have this information available to them.
On the question of organizational updates, we are looking at ways to better communication to the members, and hope that moving into 2021 you will see some additional content about the organization on a more frequent basis. While we are still trying to validate any motion regarding minutes, we think these more frequent updates will help lessen the concerns on organizational activities.
Finally, we already discussed why we cannot release the individual vote totals. However, to better gauge the interest of the membership, we are happy to provide some additional detail around our most recent election. The following link should take you to the Member Talk page where we have updated this communication with the vote totals.
We are happy to report that this year was one of our most successful years for voting, and based on similar organizations we are above the average for participation. That is a testament to the interest of our members.
Moving forward, we recognize your desire to see more communication from the organization on its activity. It is our hope that moving into 2021 we can improve our standing with you. Thanks again for your time and feedback.
This is a good start, and I hope it continues. I will note that updating a FAQ, while a good thing, is not the same as publishing policies. If the ISC2 Staff or Board cite policy as the reason not to release some kind of information, then the person citing the policy better be able to produce a copy of that policy and show who adopted it and when. Failure to produce said policy is indictive of the fact that no such policy really exists.
It is for that main reason that I want the Members only section of the ISC2.org website to have a spot for all such policies to be posted, along with the minutes of the Board and Membership meetings. The minutes should clearly indicate when a particular policy was voted on and adopted.
Thank-you for your help in this matter. I'm only replying to this post, and not the other two places where you posted the same message.
CISSP, ISSAP, ISSEP #10288