Other Business - Debian audit

Stefano Zacchiroli leader at debian.org
Tue Jul 24 10:19:39 UTC 2012 

On Thu, Jul 12, 2012 at 11:40:19PM +1000, Robert Brockway wrote:
> Hi all.  Debian is waiting on information from SPI to conclude an
> internal financial audit.  The possibility of having Martin
> Michlmayr (debian auditor) work with Michael Schultheiss to complete
> this has been discussed in the past.
> 
> I'm conscious of the workload expected of a treasurer.  While
> Michael may need to complete some of the work, I believe quite a lot
> of it could be offloaded to someone who has the right access to the
> records.

Given the struggle we've been going through in Debian to get access to
our transaction records (still unsolved), I'd be totally in favor of
this. But of course I've some sort of conflict of interest in this,
given that I'm also Debian liaison at SPI. FWIW, I'd have no objection
if other projects hosted by SPI wish to have access to Debian
transactions, as they're meant (from the Debian POV at least) to be
fully public anyhow.

> As such, I suggest that at this point we appoint Martin Michlmayr as
> an assistant treasurer for a fixed period (say, 90 days) if he is
> still interested so that he can extract the information from the
> financial records that Debian needs.

To be more precise on this, Debian has as an auditor team, formed ATM by
two people: Martin Michlmayr and Martin Wuertele. They can both be
reached via the auditor at debian.org (Cc:-ed) role address. We'd like to
get "role" access to Debian transaction, so that members of the team
could both get access to "our" data, without adding new SPOF, this time
on our side.

The Debian auditor team is pretty stable, so it'd be totally fine for us
to give nominal access to both Martin-s for the time being. But I guess
that giving one role access to the individual SPI projects that ask for
one could be a more scalable solution in the long run.


Thanks a lot for caring about this issue, Robert.
Cheers.
-- 
Stefano Zacchiroli     zack@{upsilon.cc,pps.jussieu.fr,debian.org} . o .
Maître de conférences   ......   http://upsilon.cc/zack   ......   . . o
Debian Project Leader    .......   @zack on identi.ca   .......    o o o
« the first rule of tautology club is the first rule of tautology club »
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 828 bytes
Desc: Digital signature
URL: <http://lists.spi-inc.org/pipermail/spi-general/attachments/20120724/96848bf4/attachment.pgp>

More information about the Spi-general mailing list