>From sob Thu Nov 18 21:41:05 2004 To: ietf@xxxxxxxx Subject: re: AdminRest: New version of IASA BCP document available some comments overall this document seems quite reasonable but I think there are some quite real problems mostly stemming from it trying to over proscribe future arrangements. I think the document needs to articulate philosophies but not get too deep into the details because it would reduce the ability of the IAD and IAOC to react to changed situations one example from section 3.1 - Although the approval of the ISOC President/CEO or ISOC Board of Trustees may be required for some contracts, their review should be limited to protecting ISOC's liabilities and financial stability. This says that the ISOC president (or accountant or lawyer) is not permitted to tell the IAD that they know that a proposed contractor is a dead beat and never gets anything done - or that they spotted a flaw in the bid that could double the cost - that seems very silly indeed - I see no reason that the ISOC folk can not be full partners in evaluation processes with the IAD (and IAOC) making the final decisions - anything less is willfully putting the IAD, IAOC and ISOC in a non optimum place. I understand that the general desire is for the IAD to operate without nitpicking from the ISOC folk but an bright line of separate thinking zones is far from the best way to do that I think this whole paragraph should be redone to something like In order to maximize the separation between fund raising and the actual operation of the standards process all final decisions on contractors, IETF meeting sponsors, and other IETF-specific business decisions are the responsibility of the IAD and IAOC. In particular, as long as proposed activities fit within the approved budget the ISOC President/CEO or the ISOC BoT cannot refuse to agree to a contract that has been agreed to by the IAD. The above is not meant to limit the ability of the IAD and IAOC to consult with all parties or the ability of ISOC personnel from expressing their opinions during the IAD's process of evaluating a contract or contractor. also from section 3.1 The IAD will prepare an annual budget, which will be reviewed and approved by the IAOC. The IAD will be responsible for presenting this budget to the ISOC Board of Trustees, as part of ISOC's annual financial planning process. The IAOC is responsible for ensuring the suitability of the budget for meeting the IETF community's administrative needs, but the IAOC does not bear fiduciary responsibility for ISOC. Therefore, the ISOC Board also needs to review and understand the budget and planned activity in enough detail to properly carry out their fiduciary responsibility. Each year, the complete IASA budget will published to the IETF community. This does not seem to admit to the possibility that the ISOC board might say 'wait a minute - you are asking for twice as much money as you got last year - we need to work with you to figure out a funding level that the ISOC can support' - i.e. it is not reasonable to assume that the ISOC BoT can carry out the above mentioned fiduciary responsibility without being able to engage in a dialogue over budget amounts. An open question in my mind is the degree of detail and itemization that the ISOC BoT needs to have to carry out the fiduciary responsibility - i.e. it seems like the ISOC might have a hard time with its auditors if what it approved is just a line item for the IETF expenditures with no breakdown. But on the other hand we do not want the ISOC BoT to be arguing over how many copies of the newcomer's presentation handouts get made. We need to figure out a reasonable process that permits the ISOC to understand what the money is going for, be able to suggest alternatives if they might be more efficient, and have an ability to have input to the review of RFP responses without limiting the ability and authority of the IAD/IAHC to make the final decisions (as long as they stay within a budget) question - what is the backup mechanism for the IAD? (if the IAD were to get truck fade for example) question - who gets to set the pay and bonuses for the IAD? a note - I did not see a specific statement that the IAD will be an ISOC employee (benefits, human resources dept etc) section 3.5 If voting is used and the votes are equally split, then the IAOC chair decides. my opinion - if we get to that point we are real deep do do - we don't permit a bare majority to control in the IETF why should we in this case? I suggest that a proposal needs at least 2/3 support in the IAOC to be approved. appeals of IAOC decisions will go to the IESG and continue up the chain as necessary (to the IAB and the ISOC Board)." note that IETF appeals to the ISOC board can only happen if the process (not the application of the process) is being challenged - i.e. in this case if this document is seen as unfair - I think that limitation needs to be here also - I do not want someone's appeal of the IAOC's decision to hire vendor A for a function to wind up on the ISOC BoT's plate. maybe we want to think about the types of decisions that could be appealed (for example maybe not vendor selection but maybe meeting location) section 4 There has been some question about whether the IAB Chair should be a liaison or a voting member of the IAOC. imo - yes also from section 4 The members of the IAOC will serve two year terms not the position-based members (the IAB & IETF chairs and the ISOC President/CEO) their terms are based on their other role also from section 4 Any appointed IESG member, including those I expect this is supposed to be "any IAOC member" not IESG section 5 I'm not that sure that this document should be so specific as to say that the IAOC has a separate bank account - seems to me that the following principals need to be established 1/ that all of the IETF-related funds have to be fully and transparently accounted for 2/ that the ISOC will ensure that there are adequate funds to cover the budgeted activities of the IAOC when they are needed 3/ the IAD (or another designated member of the IAOC in case of the disability or unavailability of the IAD) has an ability to commit funds (e.g. direct that checks be cut and sent - that could be by giving the IAD the right to sign checks or just the authority to direct that checks be signed - I do not think there is a difference in day to day operation) section 5.1 All meeting revenues go into the IASA account. note that there may be a startup phase where this is not the case because the existing systems will be in place until RFPs are created, responses evaluated, contractors hired and transition completed section 5.2 why not just say that the ISOC should not accept any in-kind donations for the IETF without the prior OK of the IAD/IAOC? sec 5.3 pp1 this is far to proscriptive - I do not think that the authors of this document or the general IETF community are accounts - lets establish the requirement that funds be available when needed but not try to dictate the best way for that to be done - let the accountants figure that out a simple point is that the document asks for quarterly deposits for a process that has peak funding needs 3 times a year - that does not mesh I could easily see that it would be better to not have a separate account and just use ISOC's regular processes - I would rather this document not make an assumption on what the ISOC external accountants might recommend (or insist on) for this sort of thing sec 5.3 pp2 see above - this should just fall under a general requirement that all ISOC funding etc related to the IETF (and IASA) must be fully and publicly accounted for - I see nothing special over insurance - any more than I would see that such a requirement would not cover office expenses if the IAD where to be located in an ISOC office (in the US or elsewhere) or cover any employee specific expenses like health benefits section 5.4 I think this is almost right - I think it should say that the aim is for there to be 6 months of non-meeting expenses available for the IASA - I suggest this because it does not limit how the reserve could be provided (maybe as part of a general ISOC line of credit, or immediately available investment account) sec 6 this document assumes a budget cycle of ISOC which does not match reality - I would suggest that this document needs to key of off the ISOC budget cycle and say that the various IAOC & IAD milestones must be at least X days before the ISOC budget approval time this section also implies that the ISOC President/CEO and BoT have no say in the size of the IETF budget which would not let the ISOC BoT exercise its fiduciary responsibilities (see above) sec 7 pp independence see above - the ISOC external auditors may not think this is a good idea (or they might) but I do not think this document should assume that it knows what the right structure to provide the independence is - or at least the external auditors should be consulted before making any assumptions pp removeability I'd change "BCP publication" to "using its normal consensus processes" (BCP is no magic term and may not survive the newtrk process) _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf