The CIPS Vancouver Security Special Interest Group (Security SIG) is a group of information system security professionals dedicated to promoting awareness of issues and to furthering professional development in information systems. Founded in 1983, the Security SIG is a not-for-profit organization affiliated with the Canadian Information Processing Society (CIPS), a national association of information technology professionals.

Charter

Description of the Organization

The Canadian Information Processing Society (CIPS) Vancouver Security Special Interest Group (SIG) is an informal, non-profit, association of Information Technology professionals whose career interests are in information security. It is affiliated with CIPS and is officially recognized as one of its many SIGs.

Objective

The main objective of this organization is to: Provide a regular forum for informal confidential discussion regarding information security related topics. Facilitate sharing of ideas and for members to share experiences and learn from each other via value discussions provided by roundtables and networking.

Direction

• Focus on security and IT professionals active in the infosec field.
• Facilitate educational and developmental opportunities for members (eg: Westcoast Security Forum host organization, arranging for local education/development).
• Inform members about educational/development opportunities.
• Promote security awareness (eg: combined awareness campaigns).
Community focused - extending to the larger community (eg: home users, small business).

Values

• Community
• Integrity
• Mentoring/giving back
• Confidentiality
• Education
• Professional development

Executive Committee

A volunteer Executive Committee is set up annually for a one-year term. The Executive Committee makes decisions and runs the organization on behalf of the members. It meets quarterly to plan for, organize the activities of the group and discuss any outstanding issues. There will be a maximum of 15 on the Executive Committee, but sub-committees can be formed. Director level positions also liase with CIPS, ISSA, and ISACA. A person must have security-related job experience in order to be accepted as a member of the Executive Committee. The precedent is that a person will be promoted through the following positions on the Executive Committee: Vice-President -> President -> Past-President.

The Executive Committee consists of the following members:

• President - provides leadership and chairs the Executive Committee Meeting.
• Past President - provides experience to the Executive Committee.
• Vice President - assists the President and takes over in his/her absence.
• Membership Director - maintains the membership list and updates members on upcoming events.
• Program Director - overall responsibility for the monthly sessions.
• Web Director - overall responsibility for the SIG's website.
• Webmaster/Email Group Coordinator - maintains the SIG's website and the Executive Committee's email list.
• Treasurer - maintains the group's accounts and prepares the financial statements
• Auditor - audits the financial statement
• Secretary - maintains records of the group including attendance at the monthly meetings and prepares the minutes of the Executive Committee meetings.
• Marketing and Communications Director - responsible for marketing for the SIG.
• Social Director - plans networking events for the group.
• Member(s) at Large - provide experience from previous positions held on the Executive Committee.

Annual General Meeting (AGM)

An annual general meeting must be held during which the members of the Executive Committee are confirmed and an Annual Report is made to general membership. A notice to members shall be sent out at least one month prior to this event.

Membership Fee

No membership fees shall be required to join this organization.

Membership Criteria

Anyone who is interested in information security topics or learning about information security may join this organization. Membership is by sponsorship, or by introduction by an existing member, or by confirmed references. CIPS membership is not a requirement to join this SIG.

To obtain a student memberships in the CIPS SIG, the student must provide a faculty letter to the CIPS SIG Membership Committee.

If a CIPS SIG member has not attended a CIPS SIG monthly meeting for 12 months, the member will be deleted from the membership list. If circumstances do not allow a CIPS SIG member to attend meetings for this period of time, the member must notify the membership committee that he/she would like to remain on the membership list.

The Executive Committee may terminate membership at any time as a result of inappropriate conduct or behaviour, or disclosure of confidential information.

Membership List

The Membership Director shall maintain the list of members. This list may not be distributed in any form, sold to outside parties, or used to advertise vendor events. Any information specific to individual members may not be released unless specifically authorized by those members.

Monthly Meetings

The group shall conduct a session monthly to address specific security topics, products, issues, practices and solutions. During these sessions, presentations will be held dealing with these items. The speakers will be either members, vendors, or other parties; whose ideas, products or services are of interest to the group.

The Executive Committee shall establish a list of topics to be covered during the monthly sessions as well as arrange the hosts for these events in advance. Pre-arranged topics may be replaced in instances when speakers are unable to attend or when a more urgent or more interesting topic arises.

The Membership Director must send out a notice of each meeting at least one month prior to each event. A topic abstract along with speaker bio should be included as part of this notice.

Attendees must be CIPS SIG members, invited guests, or have confirmed references.

Vendors and other organizations may sponsor food and beverages at the monthly meetings in exchange for recognition and brochures at the sponsored meeting.

Presentations by External Parties

Vendors, software producers, service providers, and CIPS SIG members may present their approach and solution to security problems at no cost to the group. However, they may not use their presentations specifically to advertise and sell their products. The objective of having vendors present is so that members may learn new ideas and become aware of various solutions to security problems. Presenters may, however, deal individually with attendees after their presentations to discuss and market their products or services.

Finances

This SIG may, for the purposes of meeting its objectives, conduct activities that involve raising funds. The net amount of such funds raised shall be deposited in a bank account approved by the Executive Committee and maintained by the SIG's Treasurer. The bank account may be held for the CIPS SIG by the parent CIPS Vancouver Chapter. Two signatories from the Executive Committee shall be required to withdraw or dispense any amount from this account for purposes approved by the Executive Committee. Two of the following shall be required for withdrawal transactions from this account:

• President
• Vice President
• Treasurer

The Treasurer shall report to the Executive Committee the financial status of the account for review and approval at each Executive Committee meeting, and publish a financial statement, audited by the SIG's auditor, for presentation at the AGM.

Website

An Internet website shall be maintained representing this SIG. This website shall contain information about the group including: upcoming and previous SIG events, Executive Committee contacts, security community events, and other relevant information. No personal information about any members shall be posted on this site. Maintenance of the website is the responsibility of the SIG Web Director.

Confidentiality and Liabilities

Because of the nature of the discussions during the meetings, all in attendance shall be advised and be required to maintain confidentiality of information discussed, especially when they relate to specific members and their organizations.

The Executive Committee shall not be liable to damage or harm incurred by members or other parties as a result of actions by its members.