Wikimedia Security Team/Council

This Charter establishes and defines the Wikimedia Foundation’s Security Council.  The Security Council’s purpose and functions include, but are not limited to:

1. Providing input to the Foundation’s Information Security Program.
2. Helping prioritize security-related projects and initiatives based on Mission needs, goals, and available resources.
3. Reviewing and approving Foundation information security policies and standards at certain established points in the policy creation and approval process.
4. Helping plan and enforce ways to fully integrate sound and effective information security processes and best practices throughout the Foundation.
5. Discuss and, when necessary, authoritatively resolve disputes involving IT security- and risk-related matters.
6. Providing transparency and updates to security initiatives.  

The Wikimedia Foundation Security Council shall (at a minimum) consist of:

• The Director of Security
• At least one designated stakeholder (Sr. Engineer, Manager or higher representative) from:
  • Site Reliability Engineering
  • Legal
  • Technical Engagement
  • Engineering Productivity
  • Office IT
  • Talent & Culture
  • Trust & Safety
  • Product Department

Initial cadence of the Security Council will be monthly.