Invitation to review User Experience for Conflict of Interest tool

[Craig Russell <ap...@gmail.com>]

In March 2020 the board adopted a Conflict of Interest policy for the foundation.

http://www.apache.org/foundation/records/minutes/2020/board_minutes_2020_03_18.txt
https://svn.apache.org/repos/private/documents/conflict-of-interest/2020/template.txt

My action item from the board is to document a process that will facilitate officers and directors to sign the annual affirmation and to track who is required to sign and whether they have signed or not.

I have worked with the members of the Whimsy team to prepare a tool that will keep a permanent record of everyone who signs the affirmation. The tool is in its final stages of implementation. I invite all of you to review the tool for accuracy, usability, and utility.

https://whimsy.apache.org/officers/coi.cgi

To keep the discussion focused, I would prefer comments to be posted only to dev@whimsical. There should not be any board-level issues with the tool since it is designed to be descriptive and not prescriptive.

Thanks,
Craig

Craig L Russell
clr@apache.org

Re: Invitation to review User Experience for Conflict of Interest tool

[Craig Russell <ap...@gmail.com>]

Hi Justin,

Thanks for taking time to review this. There are DRAFT DRAFT DRAFT notices scattered about. 

> On Jun 27, 2020, at 5:10 PM, Justin Mclean <ju...@classsoftware.com> wrote:
> 
> Hi,
> 
> Look fine to me. Currently the link in "You can review Your Conflict of Interest affirmation as now checked in to svn.” gives a 404 but I assume that’s intentional?

Nothing has been checked in and so the links will not work until we enable svn commit. We will let everyone know once the tool is alive.

But feel free to come back and play with it some more. 404 on the links but you can still see a draft of the email that will be generated.

Regards,
Craig

> 
> Justin
> 

Craig L Russell
clr@apache.org

Re: Invitation to review User Experience for Conflict of Interest tool

[Justin Mclean <ju...@classsoftware.com>]

Hi,

Look fine to me. Currently the link in "You can review Your Conflict of Interest affirmation as now checked in to svn.” gives a 404 but I assume that’s intentional?

Justin

Re: Invitation to review User Experience for Conflict of Interest tool

[Craig Russell <ap...@gmail.com>]

Hi Greg,

Thanks for your review.

> On Jun 27, 2020, at 4:17 AM, Greg Stein <gs...@gmail.com> wrote:
> 
> I received the test email, but have a couple points of feedback:
> 
> * it says From:gstein@gmail ... yah, no. I did not send that. Gmail
> highlighted that wrongness. I would suggest emailing from <
> secretary@apache.org>

I believe in sending mail from: the person who actually sends it. In this case, the plan is to send from: user@apache.org and cc: secretary@apache.org. 

> * there is no body in the email. just an attachment. Some amount of body
> text would be great. Especially something like, "if you didn't make this
> affirmation, then please reply to secretary@, so we can determine what
> happened."

There was a bug in the code that did not actually include the body that it should have. Currently, it reads
This year's Conflict of Interest affirmation is attached.
It has been checked into the foundation repository at
#{COI_CURRENT_URL}/#{user_filename}.\n
Regards,\n
#{USERNAME}\n\n"

I'm not sure that your warning is really needed. "you didn't make this affirmation" is probably the least likely error that might pop up here.

Regards,
Craig
> 
> Cheers,
> -g
> 
> 
> On Sat, Jun 27, 2020 at 6:08 AM Greg Stein <gs...@gmail.com> wrote:
> 
>> On Fri, Jun 26, 2020 at 12:31 PM Craig Russell <ap...@gmail.com>
>> wrote:
>>> ...
>> 
>>> I have worked with the members of the Whimsy team to prepare a tool that
>>> will keep a permanent record of everyone who signs the affirmation. The
>>> tool is in its final stages of implementation. I invite all of you to
>>> review the tool for accuracy, usability, and utility.
>>> 
>>> https://whimsy.apache.org/officers/coi.cgi
>> 
>> 
>> I would like to see a column on that page specifying "Why me?" Basically,
>> what role/hat do I have which causes this to apply to me? I'd suggest
>> something like, one of: [Director, President, EVP, Treasurer, Secretary,
>> Asst $foo, Officer, VP $bar]
>> 
>> I mean... I know why I'm supposed to make the affirmation. But Members
>> performing review may not understand why a given person is on the list.
>> Shoot... even somebody on the list who gets a reminder may not have read
>> all the background emails and Board minutes, to understand "you're VP $bar,
>> so this applies to you".
>> 
>> After reading it, I was thinking that I might append to my "gstein.txt"
>> output with a further declaration. I've got svn skills to go hit the file
>> and do the edits (which may be an interesting concern for audit trail
>> purposes). I'd append to clarify/disclose my investment(s), and further
>> affirm they are immaterial to the ASF.
>> 
>> So that leads to: should there be a "further declarations" section? Or
>> would that just confuse things? And/or just let people hit svn directly to
>> do such? Which also leads to: should people be allowed to edit their file
>> via svn? That records an audit trail, so it isn't really a big deal. But
>> likely something to explicitly consider.
>> 
>> Cheers,
>> -g
>> 
>> ps. I'm not subscribed to this list. if you need me to see a reply, then
>> cc: me, please
>> 
>> 

Craig L Russell
clr@apache.org

Re: Invitation to review User Experience for Conflict of Interest tool

[Greg Stein <gs...@gmail.com>]

I received the test email, but have a couple points of feedback:

* it says From:gstein@gmail ... yah, no. I did not send that. Gmail
highlighted that wrongness. I would suggest emailing from <
secretary@apache.org>
* there is no body in the email. just an attachment. Some amount of body
text would be great. Especially something like, "if you didn't make this
affirmation, then please reply to secretary@, so we can determine what
happened."

Cheers,
-g


On Sat, Jun 27, 2020 at 6:08 AM Greg Stein <gs...@gmail.com> wrote:

> On Fri, Jun 26, 2020 at 12:31 PM Craig Russell <ap...@gmail.com>
> wrote:
> >...
>
>> I have worked with the members of the Whimsy team to prepare a tool that
>> will keep a permanent record of everyone who signs the affirmation. The
>> tool is in its final stages of implementation. I invite all of you to
>> review the tool for accuracy, usability, and utility.
>>
>> https://whimsy.apache.org/officers/coi.cgi
>
>
> I would like to see a column on that page specifying "Why me?" Basically,
> what role/hat do I have which causes this to apply to me? I'd suggest
> something like, one of: [Director, President, EVP, Treasurer, Secretary,
> Asst $foo, Officer, VP $bar]
>
> I mean... I know why I'm supposed to make the affirmation. But Members
> performing review may not understand why a given person is on the list.
> Shoot... even somebody on the list who gets a reminder may not have read
> all the background emails and Board minutes, to understand "you're VP $bar,
> so this applies to you".
>
> After reading it, I was thinking that I might append to my "gstein.txt"
> output with a further declaration. I've got svn skills to go hit the file
> and do the edits (which may be an interesting concern for audit trail
> purposes). I'd append to clarify/disclose my investment(s), and further
> affirm they are immaterial to the ASF.
>
> So that leads to: should there be a "further declarations" section? Or
> would that just confuse things? And/or just let people hit svn directly to
> do such? Which also leads to: should people be allowed to edit their file
> via svn? That records an audit trail, so it isn't really a big deal. But
> likely something to explicitly consider.
>
> Cheers,
> -g
>
> ps. I'm not subscribed to this list. if you need me to see a reply, then
> cc: me, please
>
>

Re: Invitation to review User Experience for Conflict of Interest tool

[Craig Russell <ap...@gmail.com>]

Hi Greg,

Thanks for taking the time to give feedback here.

> On Jun 27, 2020, at 4:08 AM, Greg Stein <gs...@gmail.com> wrote:
> 
> On Fri, Jun 26, 2020 at 12:31 PM Craig Russell <ap...@gmail.com> wrote:
>> ...
> 
>> I have worked with the members of the Whimsy team to prepare a tool that
>> will keep a permanent record of everyone who signs the affirmation. The
>> tool is in its final stages of implementation. I invite all of you to
>> review the tool for accuracy, usability, and utility.
>> 
>> https://whimsy.apache.org/officers/coi.cgi
> 
> 
> I would like to see a column on that page specifying "Why me?" Basically,
> what role/hat do I have which causes this to apply to me? I'd suggest
> something like, one of: [Director, President, EVP, Treasurer, Secretary,
> Asst $foo, Officer, VP $bar]

I got the list of people from the web page before Sam provided code. I think it might be better to provide a link to the "Who We Are" page which everyone should know how to use. The list of "BOARD MEMBERS and OFFICERS" should be very straightforward and no additional code is needed.
> 
> I mean... I know why I'm supposed to make the affirmation. But Members
> performing review may not understand why a given person is on the list.
> Shoot... even somebody on the list who gets a reminder may not have read
> all the background emails and Board minutes, to understand "you're VP $bar,
> so this applies to you".

I expect that once we are happy with this, an email sent to every required signer will make it clear who is on the list.d
> 
> After reading it, I was thinking that I might append to my "gstein.txt"
> output with a further declaration.

What?

> I've got svn skills to go hit the file
> and do the edits (which may be an interesting concern for audit trail
> purposes). I'd append to clarify/disclose my investment(s), and further
> affirm they are immaterial to the ASF.

Not the place to do this. Disclosure of possible/actual COI is another project.
> 
> So that leads to: should there be a "further declarations" section? Or
> would that just confuse things?

This.

> And/or just let people hit svn directly to
> do such?

If we choose to allow this, we will need to be very specific about what the requirements are. But I'd like to wait until someone complains that this process is too easy.

> Which also leads to: should people be allowed to edit their file
> via svn? That records an audit trail, so it isn't really a big deal. But
> likely something to explicitly consider.

No changes should be needed or allowed to the file once checked in. I'm sure your svn foo will come in handy here. ;-)

Regards,
Craig
> 
> Cheers,
> -g
> 
> ps. I'm not subscribed to this list. if you need me to see a reply, then
> cc: me, please

Craig L Russell
clr@apache.org

Re: Invitation to review User Experience for Conflict of Interest tool

[Greg Stein <gs...@gmail.com>]

On Fri, Jun 26, 2020 at 12:31 PM Craig Russell <ap...@gmail.com> wrote:
>...

> I have worked with the members of the Whimsy team to prepare a tool that
> will keep a permanent record of everyone who signs the affirmation. The
> tool is in its final stages of implementation. I invite all of you to
> review the tool for accuracy, usability, and utility.
>
> https://whimsy.apache.org/officers/coi.cgi


I would like to see a column on that page specifying "Why me?" Basically,
what role/hat do I have which causes this to apply to me? I'd suggest
something like, one of: [Director, President, EVP, Treasurer, Secretary,
Asst $foo, Officer, VP $bar]

I mean... I know why I'm supposed to make the affirmation. But Members
performing review may not understand why a given person is on the list.
Shoot... even somebody on the list who gets a reminder may not have read
all the background emails and Board minutes, to understand "you're VP $bar,
so this applies to you".

After reading it, I was thinking that I might append to my "gstein.txt"
output with a further declaration. I've got svn skills to go hit the file
and do the edits (which may be an interesting concern for audit trail
purposes). I'd append to clarify/disclose my investment(s), and further
affirm they are immaterial to the ASF.

So that leads to: should there be a "further declarations" section? Or
would that just confuse things? And/or just let people hit svn directly to
do such? Which also leads to: should people be allowed to edit their file
via svn? That records an audit trail, so it isn't really a big deal. But
likely something to explicitly consider.

Cheers,
-g

ps. I'm not subscribed to this list. if you need me to see a reply, then
cc: me, please