Policy, Standards, Regulations and Compliance Mailing List - Charter V1.0

Objective
Whilst the Policy, Standards, Regulations and Compliance (PSRC) list is an open and free discussion forum, in order to make the list fair and accessible to all while maintaining relevancy, we have developed this list charter. This charter sets out the lists operating rules for both posting and moderating.

Information about subscribing, unsubscribing and the archives can be found at the end of this charter.

Background
The PSRC mailing list hosted at securityfocus.com was founded in late 2005. The list is moderated by Mark Curphey (mark@curphey.com).

What is appropriate content?
The list is an open discussion forum for most things related to information security policies, standards, regulations and compliance. Appropriate posts would fall into the following three main categories:

News
Specific news stories about policies, standards, regulations and compliance or related topics. News can be of a global or regional nature (although must be in English).

Discussions
Discussions about specific related topics of interest. These may include discussion about requirements, trends, implementation guidance or a poster sharing his/her experience with the list.

Requests for Advice

Requests for advice on specific topics. Please ensure that all requests for help are generic and not traceable to your specific business for your own safety.

Announcements
Whitepapers, conferences and speaking events that deal with policies, standards, regulations and compliance or closely related topics maybe posted. Papers that require a user to register before downloading or receiving the paper must NOT be posted and will be rejected. Commercial papers that require a fee to download will also be rejected.

Guidelines for Posting

· All postings should be polite, non-personal and contain no defamatory or derogatory comments or foul language

· All posting must be commercial / marketing free (discrete footnotes and email signatures are acceptable)

· All postings must be in English

· Everyone has an equal voice and all posts will be approved as long as they post within the bounds of this charter.

· Discussions about the merits or experiences of specific commercial tools are allowed but should be conducted objectively.

· No posting should contain or discuss information relating to vulnerabilities in an actual company.

· Only posts in text will be approved. No HTML!

Guidelines for Moderating
The moderator has sole and full discretion over what is appropriate content and what is not. We reserve the right to reject any message however in general all posts will be approved as long as they post within the bounds of this charter.

Conflict Resolution
From time to time people may feel that a post was either approved that shouldn't have been or a post was not approved that should have been. The appropriate way to deal with all moderation and list management issues is to:

1. Refer to this charter.
2. If you still feel a mistake has been made then you should mail the moderator (mark@curphey.com) offline, explain your concerns and discuss the issue.
3. If you still a mistake has been made you should send the offline email discussion thread with the moderator along with your reasons why you feel this is not appropriate to Al Huger (ah@securityfocus.com) and copy the moderator.

If you are ever unsure if you should post or feel there is a justified reason why you are posting outside of the charters scope, you can mail the moderator for advice prior to posting.

List Management

How do I subscribe?
Send an e-mail message to psrc-subscribe@securityfocus.com. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer.

How do I unsubscribe?
Send an e-mail message to psrc-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

How do I disable mail delivery temporarily?
Unsubscribe from the list and resubscribe to start receiving mailing list traffic again.

Is the list available in a digest format?
Yes.

How do I subscribe to the digest?
Send an e-mail message to psrc-digest-subscribe@securityfocus.com. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer.

How do I unsubscribe from the digest?
Send an e-mail message to psrc-digest-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer.

I seem to not be able to unsubscribe. What is going on?
You are probably subscribed from a different address than that from which you are sending commands to the list from. Either send email from the appropriate address or email listadmin@securityfocus.com to be unsubscribed manually.

Can you add a tag like "[PSRC]" to the subject line of each message? Not at this time.

How can I tell whether I am subscribed to the list?
Send an e-mail message to psrc-query@securityfocus.com. If you want to test whether you are subscribed to the digest send an e-mail message to psrc-digest-query@securityfocus.com.