couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joan Touzet <jo...@lrtw.org>
Subject Re: [REQUES] Review proposed bylaws (Was: Re: [DISCUSS] Project bylaws)
Date Tue, 27 May 2014 17:52:21 GMT
A good template for specifying delgation of duties is RACI:

Responsible
Accountable
Consulted
Informed

Often a RACI Matrix is made up, showing for each activity, the set of roles involved and the
expected level of involvement (R A C I).

Examples:

  http://racichart.org/
  https://en.wikipedia.org/wiki/Responsibility_assignment_matrix

-Joan

----- Original Message -----
From: "Dave Cottlehuber" <dch@jsonified.com>
To: dev@couchdb.apache.org
Sent: Tuesday, May 27, 2014 4:38:15 AM
Subject: Re: [REQUES] Review proposed bylaws (Was: Re: [DISCUSS] Project bylaws)

> On 20 May 2014 23:43, Jan Lehnardt <jan@apache.org> wrote: 
>> 2.4. I’d say handling security issues are the responsibility of the committers
in a private forum. That bit should be moved to 2.3. At least that’s what we’ve been doing
in the past, would be good to reflect that.  
>  
> Ultimately, it falls on the PMC to make sure this is addressed, with  
> non-required help from the committers. I propose to leave it as it is,  
> unless you have an edit for the committers section to mention that  
> they can be involved in security response procedures.  

Understood, I find it confusing that we define things here and then act differently, and I
fear it might confuse future (and existing) contributors.  

Correct me if I am wrong, but I am seeing the bylaws as a specialised subclass of the rules
we get from the ASF (and a formalisations of the various guidelines from the ASF as we deem
them fit for this project). As per the ASF, the PMC is responsible for making sure security
stuff is taken care of (same for releases), but in our bylaws, we can specify that the responsibility
actually lies with the committers. Even though from an ASF perspective the PMC is responsible,
the PMC delegates this one level down.  

A good way of describing this is to use accountability and responsibility.

    e.g. my children are responsible for tidying their rooms, but I remain accountable.

You can’t delegate accountability, only responsibility. I think this is what you want.

Also +1 to you & Joan’s comments wrt COPDOC. Let’s make this as acronym-free as practical,
and a reasonably short list. Rule of thumb is what would happen if this list were wrong, too
short etc? Not catastrophic.

A+
Dave

Mime
View raw message