Establish Security Team #33
Labels
has:approval
bisq.wiki/Project_management#Approval
to:Improve Security
was:delivered
bisq.wiki/Project_management#Closing_as_delivered
Projects
Description
"In the wake of the Apr 7th security incident, it's clear that we need to take our security practices to the next level. " (cbeams)
The purpose of this project is to create and follow a roadmap to establish a security team in terms of management structure, its duties, authority and responsibilities.
Rationale
I propose and drive the following strategy to get to a point where a "security team" can be effective:
short intro video I will create a short video presentation where I introduce the idea of a security team by taking a look at the past and also by taking a look at the future, what happened already, what will happen eventually. In the course of the presentation I will be asking questions on how such a security team can look like, in terms of definitions, agenda and also how it can integrate with the Bisq DAO.
call agenda I will create a (template) gdoc accompanying the presentation where everyone is welcome to share their thoughts on the questions I asked. This very gdoc will become the agenda for the kickoff-call held week 20/2020.
call The call will have discussions and decisions on the agenda points. One followup call can be held if the discussion needs regrouping. I will host and moderate these calls.
let the DAO decide The outcome of the call(s) is going to be formed into a Bisq proposal ready to be accepted or rejected by the Bisq DAO in cycle 13 (around May 20th, 2020).
done If and only if the DAO approves the proposal, the information will be transcribed into the Bisq wiki and the security team can take up its work.
Why should it be done now?
bisq-network/admin#75
Criteria for delivery
Tasks
- [ ] schedule and hold follow-up call if necessaryNotes
I set the labels according to the progress that is already made. Please adjust if necessary. Also, I skipped some headline because it seemed to me that it is already decided that we do this project and cannot guess why the admin team wants the security team.
The text was updated successfully, but these errors were encountered: