Do you think a RACI table would be good at the end of the textual descriptions of the roles?
On 27 May 2014 19:52, Joan Touzet <[email protected]> wrote: > A good template for specifying delgation of duties is RACI: > > Responsible > Accountable > Consulted > Informed > > Often a RACI Matrix is made up, showing for each activity, the set of roles > involved and the expected level of involvement (R A C I). > > Examples: > > http://racichart.org/ > https://en.wikipedia.org/wiki/Responsibility_assignment_matrix > > -Joan > > ----- Original Message ----- > From: "Dave Cottlehuber" <[email protected]> > To: [email protected] > Sent: Tuesday, May 27, 2014 4:38:15 AM > Subject: Re: [REQUES] Review proposed bylaws (Was: Re: [DISCUSS] Project > bylaws) > >> On 20 May 2014 23:43, Jan Lehnardt <[email protected]> wrote: >>> 2.4. I’d say handling security issues are the responsibility of the >>> committers in a private forum. That bit should be moved to 2.3. At least >>> that’s what we’ve been doing in the past, would be good to reflect that. >> >> Ultimately, it falls on the PMC to make sure this is addressed, with >> non-required help from the committers. I propose to leave it as it is, >> unless you have an edit for the committers section to mention that >> they can be involved in security response procedures. > > Understood, I find it confusing that we define things here and then act > differently, and I fear it might confuse future (and existing) contributors. > > Correct me if I am wrong, but I am seeing the bylaws as a specialised > subclass of the rules we get from the ASF (and a formalisations of the > various guidelines from the ASF as we deem them fit for this project). As per > the ASF, the PMC is responsible for making sure security stuff is taken care > of (same for releases), but in our bylaws, we can specify that the > responsibility actually lies with the committers. Even though from an ASF > perspective the PMC is responsible, the PMC delegates this one level down. > > A good way of describing this is to use accountability and responsibility. > > e.g. my children are responsible for tidying their rooms, but I remain > accountable. > > You can’t delegate accountability, only responsibility. I think this is what > you want. > > Also +1 to you & Joan’s comments wrt COPDOC. Let’s make this as acronym-free > as practical, and a reasonably short list. Rule of thumb is what would happen > if this list were wrong, too short etc? Not catastrophic. > > A+ > Dave -- Noah Slater https://twitter.com/nslater
