On Wed, Aug 16, 2006 at 12:09:45PM +0300, Kalle Kivimaa wrote: > I haven't been following this thread too well lately, but what are > your thoughts on this? I'm willing to volunteer, as I do have some > experience in non-professional accounting and auditing [...] Sweet! > Monetary assets: Bank statements for the auditing period provide > enough information in the normal case. It's more complicated than this, because we have multiple accounts in multiple countries, and the accounts are generally used for more than just Debian. As a first step, it would be really good to have a public accounting of: (a) expenditures - how much money - got paid from where to where - for what purpose - on whose authority - did it work out? (b) income - how much money - donated by whom - for what purpose - held by whom (c) balances - who holds money for Debian - how much do they hold - who is authorised to get them to use the money - how does that get managed That really just means setting up a web site that keeps track of those things, and making sure the DPL and others keep you in the loop about what's going on. Personally, I think that's the minimum we ought to expect, but IME it's also a hell of a lot more work than it should be, and it'll require a chunk of effort from someone to actually make it happen. > Hardware: For servers on the Internet, SSH access to those should > provide enough information as to their configuration. Many of the machines are restricted; so anyone but DSA getting ssh access to all of them is unlikely; more likely is having the machines report the interesting statistics to LDAP and being able to query that. Knowing where machines are hosted, who they're owned by (the original sponsor? SPI? whoever's hosting them?), who the appropriate contact people are (replacement parts? hosting? local admin?) are important here. Definitely a second priority though. Cheers, aj
Attachment:
signature.asc
Description: Digital signature