Merge pull request #3 from cottage14/patch-1
Update index.md
diff --git a/content/pages/cc_policy.md b/content/pages/cc_policy.md
index a0109b6..05f4e99 100644
--- a/content/pages/cc_policy.md
+++ b/content/pages/cc_policy.md
@@ -11,26 +11,26 @@
<div class="card-body">
-## PURPOSE
+## Purpose
-The Apache Software Foundation, a recognized 501(c)(3) charitable foundation, whose mission entails using sponsor funds responsibly. The ASF will, from time to time, issue organization credit cards to certain individuals for use in their roles. This policy sets out the acceptable and unacceptable uses of such credit cards.
+The Apache Software Foundation is a recognized 501(c)(3) charitable foundation whose mission entails using sponsor funds responsibly. The ASF will, from time to time, issue organization credit cards to certain individuals for use in their roles. This policy sets out the acceptable and unacceptable uses of such credit cards.
-## POLICIES
+## Policies
-* Use of ASF-issued credit cards is a privilege, which the ASF may withdraw at any time
-* Any credit card the ASF issues to an individual must be used for business purposes only, in conjunction with the individual's duties
-* Expenses need to be appropriate, proportionately and statutory/in accordance with the ASF's bylaws
-* Expenses must be for approved budget items only and any items not budgeted or outside what is typically paid for in the cardholders role must be authorized in advance by the President or Board of Directors
-* Entertaining government officials requires prior approval by the President or Board of Directors
-* Cash advances on credit cards require prior approval by the President or Board of Directors and usage must be documented, e.g. through receipts
-* Personal purchases of any type are strictly prohibited
-* The cardholder is responsible for all charges made to the card and will be held liable for any unauthorized items appearing on the credit card statement
-* Cardholders are required to sign the "cardholder agreement" indicating they accept these terms. Individuals who do not adhere to these policies risk revocation of their credit card privileges and/or disciplinary action
-* These terms may change in the future at which point the cardholder will be notified of the updated policies and asked to acknowledge receipt
+* Use of ASF-issued credit cards is a privilege, which the ASF may withdraw at any time.
+* Any credit card the ASF issues to an individual must be used for business purposes only, in conjunction with the individual's duties.
+* Expenses need to be appropriate, proportionate and statutory/in accordance with the ASF's bylaws.
+* Expenses must be for approved budget items only. Any items not budgeted or outside what is typically paid for in the cardholder's role must be authorized in advance by the President or Board of Directors.
+* Using the credit card to entertain government officials requires prior approval by the President or Board of Directors.
+* Cash advances on credit cards require prior approval by the President or Board of Directors and usage must be documented, e.g. through receipts.
+* Personal purchases of any type are strictly prohibited.
+* The cardholder is responsible for all charges made to the card and will be held liable for any unauthorized items appearing on the credit card statement.
+* Cardholders are required to sign the "cardholder agreement" indicating they accept these terms. Individuals who do not adhere to these policies risk revocation of their credit card privileges and/or disciplinary action.
+* These terms may change in the future, at which point the cardholder will be notified of the updated policies and asked to acknowledge receipt.
-## CARDHOLDER AGREEMENT
+## Cardholder agreement
-I, _____________________________, understand that improper use of the ASF-issued credit card may result in disciplinary action as well as personal liability for any improper use. I acknowledge receipt of the Credit Card Policies and confirm that I understand the terms and conditions. I agree to comply with the terms and conditions of this agreement and the Credit Card Policies for The Apache Software Foundation. As a cardholder, I agree to accept the responsibility and accountability for the protection and proper use of the card. I understand that the card is not to be used for personal purchases. If the card is used for personal purchases or for purchases for any other entity, the ASF will be entitled to reimbursement from me of such purchases. The ASF shall be entitled to pursue legal action, if required, to recover the cost of such purchases, together with costs of collection and reasonable attorney fees.
+I, _____________________________, understand that improper use of the ASF-issued credit card may result in disciplinary action as well as personal liability for any improper use. I acknowledge receipt of the Credit Card Policies and confirm that I understand the terms and conditions. I agree to comply with the terms and conditions of this agreement and the Credit Card Policies for The Apache Software Foundation. As a cardholder, I agree to accept the responsibility and accountability for the protection and proper use of the card. I understand that the card is not to be used for personal purchases. If the card is used for personal purchases or for purchases for any other entity, the ASF will be entitled to reimbursement from me for such purchases. The ASF shall be entitled to pursue legal action, if required, to recover the cost of such purchases, together with costs of collection and reasonable attorney fees.
Signature ___________________________________ Date _________________ (Cardholder)
diff --git a/content/pages/financial_systems_access_policy.md b/content/pages/financial_systems_access_policy.md
index f965921..e5002cd 100644
--- a/content/pages/financial_systems_access_policy.md
+++ b/content/pages/financial_systems_access_policy.md
@@ -13,10 +13,10 @@
## Purpose
-The Apache Software Foundation, is a recognized 501(c)(3) charitable foundation. The Treasurer's office is responsible for multiple systems which
-provide control over ASF funds, and data which verifies that control. Many of these systems contain private information for donors, employees, and
-volunteers of The ASF. It is important that we be able to both protect privacy, and maintain an appropriate level of auditability and oversight in
-these systems. It is also important that when new volunteers step up to serve as Treasurer, or Assistant Treasurer, that we be able to facilitate
+The Apache Software Foundation is a recognized 501(c)(3) charitable foundation. The Treasurer's office is responsible for multiple systems which
+provide control over ASF funds, and data which verifies that control. Many of these systems contain private information about donors, employees, and
+volunteers of The ASF. It is important that we be able to both protect privacy and maintain an appropriate level of auditability and oversight in
+these systems. It is also important that, when new volunteers step up to serve as Treasurer or Assistant Treasurer, we be able to facilitate
these transitions. Similarly, it is important that the Foundation not become to dependent on a single vendor.
This policy explains how and for whom user accounts within these systems can be provisioned, and how passwords and user names are to be managed in
@@ -26,9 +26,9 @@
Financial systems can be accessed by:
* The Treasurer and Assistant Treasurer
-* Employees of the accounting firm which the Treasurer has tasked with keeping the Foundation's books.
+* Employees of the accounting firm which the Treasurer has tasked with keeping the Foundation's books
* Upon request: board members
-* Upon request or if needed: The President, and Executive Vice President
+* Upon request or if needed: The President and Executive Vice President
* If needed: The Infrastructure Administrator
* If needed: The Secretary and Assistant Secretary
* If needed: VP Fundraising and VP Sponsor Relations
@@ -37,7 +37,7 @@
## Organizational accounts and Individual user accounts vs. Role-based accounts
-Many financial systems offer organizational or tenant accounts. In such systems, multiple user accounts can access the system. Frequently actions of those
+Many financial systems offer organizational or tenant accounts. In such systems, multiple user accounts can access the system. Frequently, actions of those
users such as viewing data or changing data create an audit trail uniquely associated with that user. This audit trail helps to protect The ASF against
mistakes and malicious behavior by making some actions reversable, and all actions discoverable.
@@ -52,7 +52,7 @@
Infra has provided Treasurer and Fundraising offices with access to a central
password manager. If you are performing services for the Treasurer's office and need access to our password manager, please create a Jira ticket with
-Infra. Infra will then confirm with the treasurer's office before providing access to any password vaults.
+Infra. Infra will then confirm with the Treasurer's office before providing access to any password vaults.
## Policies
@@ -61,15 +61,15 @@
* If a system contains private information for donors, employees, or volunteers, we *never* use role-based accounts within that system. If the system
contains private information and does not offer organizational accounts, we will seek alternatives to using that system.
* If a system makes it possible to move money, we *never* use role-based accounts within that system.
-* You *must* use a password manager for your user account passwords. Those passwords *must not* be visible to anyone but yourself
+* You *must* use a password manager for your user account passwords. Those passwords *must not* be visible to anyone but yourself.
* If an account offers some form of Two Factor Authentication, you are *required* to activate it.
* For role-based accounts, you *must* use the central passord manager provided, and place passwords in the appropriate vaults.
* For systems with organizational accounts, at least the Treasurer and Assistant Treasurer *must* have access.
Ideally a third and fourth person should also have access for continuity.
-* User accounts will be provisioned with minimum a range of capabilities appropriate to the role of the person who is accessing the system. For example, the
- accountant requires read access to our bank account, but does not need the ability to transfer funds. For example, VP Fundraising may need access to
+* User accounts will be provisioned with the minimum range of capabilities appropriate to the role of the person who is accessing the system. For example, the
+ accountant requires read access to our bank account, but does not need the ability to transfer funds. VP Fundraising may need access to
certain donor data but does not need access to employee data.
-* A complete list of ASF Financial systems will be maintained by the Treasurer under the <a href="https://cwiki.apache.org/confluence/display/ASFP/Treasurer+Internal">Treasurer's Wiki</a>.
+* A complete list of ASF Financial systems will be maintained by the Treasurer on the <a href="https://cwiki.apache.org/confluence/display/ASFP/Treasurer+Internal">Treasurer's Wiki</a>.
</div>
