SIGs Framework

Framework for FIRST Special Interest Groups

Definition and Acronyms

• SIG Special Interest Groups (SIGs) exist to provide a forum where FIRST Members can discuss topics of common interest to the Incident Response community. A SIG is a group of individuals composed of FIRST Members and invited parties, typically coming together to explore an area of interest or specific technology area, with a goal of collaborating and sharing expertise and experiences to address common challenges.
• The FIRST Board of Directors The governing body of FIRST, responsible for charter approvals, rechartering approvals and review of all SIG activities and deliverables.
• The FIRST Board SIG Liaison (Board SIG Liaison) A FIRST Board member appointed to act as the point of contact between the FIRST Board and each SIG. Responsibilities include:
  • Managing SIG budgets and approvals.
  • Providing guidance on charter development and periodic rechartering.
  • Ratify SIG Chair elections.
  • Serving as the point of contact for SIG Chairs regarding strategic or governance-related matters which include organizing quarterly meetings with SIG Chairs.
  • Keep a record of progress, actions and issues to take back to the Board. A FIRST Board member appointed by the FIRST Board to manage SIG budgets and to liaise between the FIRST Board and the SIGs.
• Charter
  The document defining the purpose of a SIG.
• SIG Advisory Chair A volunteer appointed by the board that acts as liaison between the SIG Chairs, SIG Support, and SIG Liaison. Has the ability to be an impartial voice for the SIGs. In the absence of a SIG Advisory Chair, these responsibilities will fall to the Board liaison. Responsibilities:
  • Runs quarterly SIG chair meetings
  • Reports back to the Board SIG Liaison (if not in attendance)
  • Works with Board SIG Liaison to coordinate board updates and make recommendations
  • Session Chair for the SIG Updates (at FIRSTCON or an alternate time)
  • Organizes SIG contributions for newsletter
  • Keep a record of progress, actions and issues to take back to the Board liaison.
  • Shepherd role (if needed) for the creation of new SIGs.
• SIG Support A FIRST staff or designated support resource assigned to assist SIG Chairs with operational and administrative needs. Responsibilities include:
  • Assisting with select meeting agendas, note-taking and scheduling.
  • Supporting onboarding of new SIGs and SIG participants.
  • Providing day-to-day administrative support and answering questions.
  • Serving as the first point of contact for SIG Chairs on logistical or procedural matters. Responsibilities include:
  • Assisting with select meeting agendas, note-taking and scheduling.
  • Supporting onboarding of new SIGs and SIG participants.
  • Providing day-to-day administrative support and answering questions.
  • Serving as the first point of contact for SIG Chairs on logistical or procedural matters.
• SIG Chair / Co-Chair Representatives selected by the SIG who lead the group's activities and serve as its voice to the FIRST Board via the Board SIG Liaison. Responsibilities include:
  • Reviews Join Requests on a monthly basis.
  • Review the charter, chairs and list of SIG participants biannually in May. Perform clean-up and updates based on criteria defined in the charter.
  • Update work space (example wiki) with SIG work and resources.
  • Encourage participation and collaboration among participants.
  • Report on SIG progress and outcomes to the SIG Advisory Chair, Board SIG Liaison and SIG Support.
  • Coordinate with SIG Support on communications and administrative needs - including organizing meetings and agendas.
  • Ensure that summaries are recorded and are made available electronically to the entire SIG participants, preferably within two weeks after the meeting. Depending on the matters discussed, publicly available information may be redacted and some material may be removed.
  • Ensuring that all participants comply with FIRST's Code of Conduct
• SIG Participant
  • Anyone approved and/or invited to participate in the work of the SIG.
  • Depending on the SIG and its own rule, a participant can either be a FIRST member or non-member. For non-members the individual must apply for participation and be approved by the SIG Chair or rules of the SIG.
  • A participant can be suspended or excluded from the SIG by a vote of the Board of Directors.
  • All participants are expected to comply with the policies of FIRST.

Sig Chair Terms

Chairs/co-Chairs shall serve two-year terms. The following process is recommended unless an alternative approach is approved by the FIRST Board in advance.

• Nomination and election
  • SIGs must have at least one Chair and may elect one or more co-Chair(s) or a vice-Chair.
  • A candidate should be nominated by any participant of the SIG or self-nominating.
  • The Chairs will be selected by a process noted in the Charter. The charter and process will be reviewed and updated biannually.
  • Annual review shall take place biannually in May or in the event of a vacancy.
  • The SIG chair will notify the Board of the selection results. The Board will ratify Chair selection at their next meeting.
• Who has the right to vote? Every SIG participant has the right to vote unless the SIG has its own membership rules. If a group has its own membership rules noted in the approved charter these will be applied.

Purpose and Role of SIGs

Special Interest Groups (SIGs) provide a forum where FIRST Members and the security community can collaborate on topics of shared interest within the incident response community. Each SIG focuses on a specific area with the goal of sharing expertise, developing solutions, and advancing best practices.

• SIGs:
  • Charter will define their mission, goals, and scope within the boundaries of the FIRST mission.
  • Facilitate discussion, knowledge exchange, and presentations from participants or invited guests.
  • Are encouraged to host meetings at FIRST Conferences, Technical Colloquia, or other events, though they may also meet independently.
  • Are encouraged to publish documents to the community with a formal process which includes at least the four following steps: creation, review, validation, publication. Statements and views expressed within SIGs are those of individual participants and do not represent the official position of FIRST or its members. All participants are expected to follow the FIRST Code of Conduct.

Publications and Deliverables

SIGs may produce papers, reports, or other publications to share insights and recommendations. These materials are distributed by FIRST but do not represent the official position of FIRST or its members. All publications must include the following disclaimer: This publication presents a discussion of technology issues considered in a Special Interest Group of FIRST. The contents are provided to promote discussion in the computer industry on this topic and do not necessarily represent the official position of the FIRST organization. IPR - SIGs requiring an IPR will follow the policy.

Special Interest Groups

Special Interest Groups exist to provide a forum where FIRST Members can discuss topics of common interest to the Incident Response community. A SIG is a group of individuals composed of FIRST Members and invited parties, typically coming together to explore an area of interest or specific technology area, with a goal of collaborating and sharing expertise and experiences to address common challenges.

Special Interest Groups define their own missions and goals, and serve as a forum of the FIRST Members to discuss technologies, challenges and solutions in specific areas of mutual interest, including hearing relevant presentations from SIG participants and Invited Guests. SIG meetings are free to build their own meeting schedule but are also encouraged to co-locate meetings with FIRST Conferences, Technical Colloquia or other events. The views expressed in connection with SIGs are those of the individual authors or disclosers themselves. Neither the SIGs nor First.Org, Inc. make any representations regarding the validity, utility, or Intellectual Property rights or other rights in connection with any statements or disclosures made. You are advised that you are solely responsible and liable for any use you may make of any such statements or disclosures.

SIGs can generate papers and publications for the industry covering their area of interest. While these papers and publications shall be distributed by the FIRST, they do not represent the official position of the FIRST members, or the FIRST itself. Any publication distributed by the FIRST shall include a cover page with the following statement:

This publication presents a discussion of technology issues considered in a Special Interest Group of the FIRST. The contents of this publication are presented to create discussion in the computer industry on this topic. and does not necessarily represent the official position of the FIRST organization.

Charter Process

1. A proposed SIG must submit a Charter that outlines its mission, objectives, membership scope, deliverables and planned activities.
2. The Charter should include the initial Chair(s) or process to elect.
3. A Motion to Charter a SIG can only be considered at a FIRST Board meeting if all supporting materials are provided in advance and included on the agenda.
4. The SIG is formally chartered by a majority vote of the FIRST Board in accordance with the FIRST Bylaws.

Review process

The FIRST Board will review each SIG once every two years to assess:

• The group's activity level and engagement.
• Continued alignment with its original charter and the FIRST mission - the SIG may choose to recharter.
• Whether restructuring, merging with another SIG, or sunsetting is appropriate. If a SIG is found to be inactive or misaligned, the Board may vote to take corrective action, including sunsetting, merging, or restructuring the SIG. Motions to dissolve or amend a SIG’s Charter require at least two weeks’ notice to the SIG Chair(s) before the vote.

Rechartering

Special Interest Groups (SIGs) are required to resubmit their charter every two years including Chairs for each subsequent period. The ops team will provide each SIG Chair with their charter and request a redline version if updated that is submitted to the board to approve.

Meetings

SIGs may determine their own meeting cadence and format. While many choose to meet alongside FIRST events, independent meetings are encouraged. SIG Chairs may work with SIG Support to set up a meeting cadence. Meetings should be hosted on the online audio/video selected tool FIRST selected solution and accounts. SIG Chairs may work with the SIG Support to share meeting announcements, agendas, and notes.

Special Interest Group Chairperson

A representative, selected by a SIG, who is responsible for leading the activities of that SIG as well as representing the SIG to the FIRST Board SIG Liaison and FIRST Board of Directors.

The Chairperson of a SIG is responsible for organizing the activities of that SIG, including:

• Arranging meetings at times and places convenient for the SIG membership.
• Announcing meeting arrangements to the SIG members, including initial agenda for the meeting. The Board SIG Liaison may send out the broaden announcement if being appropriate.
• Encouraging participation of the FIRST membership as broadly and openly as possible.
• Ensuring that summaries are recorded and are made available electronically to the entire SIG participants, preferably within two weeks after the meeting. Depending on the matters discussed, publicly available information may be redacted and some material may be removed.
• Reporting on SIG activities to the FIRST SIG Liaison.
• Assisting with creation of public relations statements in regards to the activities of the SIG. This may also include the possibility of representing the SIG in press articles.

FIRST Resource

FIRST provides the communication and collaboration infrastructure for all SIGs, including:

• Communication channels - Collaboration tools to promote SIG activity - Administrative and technical support through SIG Support.

Funding

A SIG should strive to operate on a cost recovery basis in order to keep costs low for FIRST, but the FIRST Board may decide to waive this goal and fund SIGs that are not recovering cost. Funds collected by a SIG should attempt to cover any administrative expenses FIRST may incur while supporting the SIG.

All SIG revenues will be managed by the FIRST parent organization.

Each SIG will jointly work with the FIRST Board Liaison to create a yearly SIG budget which will be reviewed quarterly. By default, the size of SIGs budget will be equal to the amount of the SIG's funds held by FIRST along with projected SIG income for the next year. Any spending above that limit will be negotiated with the FIRST Board of Directors.

Sponsorship

SIGs may seek sponsorships to support their activities, either independently or jointly with FIRST.

• Sponsorship funds are collected and managed by FIRST operations team.
• Sponsors of SIG-specific activities may have their logo displayed on SIG web pages.

Summary of Roles and Relationships

Role	Primary Responsibilities	Reports To / Coordinates With
SIG Chair / Co-Chair or Vice-Chair	Lead SIG activities, organize meetings, report progress	SIG Advisory Chair & SIG Support
SIG Advisory Chair	Organizes newsletters, runs regular meetings, acts as a voice for the SIGs	Board SIG Liaison
Board SIG Liaison	Bridge between SIG Advisory Chair and FIRST Board, manage budgets and charters	FIRST Board
SIG Support	Assist with administration, logistics, and participant onboarding	SIG Advisory Chair, Board SIG Liaison & FIRST Secretariat
SIG Participant	Contribute expertise, discussions, and collaboration	SIG Chair(s)