[Global_chapter_committee] FW: DEF CON Reimbursement

Jason Li jason.li at owasp.org
Wed Aug 31 21:57:33 EDT 2011 

Tom,

I don't think that's what Lorna is saying at all!

I don't want to put words in her mouth, so I'll simply state my observation.

The Chapters Committee is responsible for setting policies in support of
chapters. The Conferences Committee is responsible for setting policies in
support of conferences. The Projects Committee is responsible for setting
policies in support of projects.

As I vocalized on the last Board call, while these committees all ostensibly
work for the good of OWASP, our roles within our respective individual areas
of responsibility preclude us from fully appreciating or seeing the impact
of the Foundation as a whole.

I don't think these types of issues can be solved by any one committee alone
- such policies and guidance regarding OWASP expenditures affect all of
OWASP.

I believe the ongoing and repeated issues that are brought to the Board by
the Chapters/Conferences committees are indicative of the fact that these
types of issues cannot be solved at the committee level.

Finances are an area where we need a body in higher authority (i.e. the
Board) to set a direction and policy for the organization as a whole. What
are the priorities for OWASP and how do we decide what's "best for OWASP"?
In the absence of such guidance, we will continue to see issues bubble up to
the Board (think exceptions and overturned policies).

The need to establish such policy and priorities is one of the reasons I
have been pushing hard to get the Board and Committee Chairs together at
AppSec USA.

-Jason

On Wed, Aug 31, 2011 at 8:59 PM, Tom Brennan <tomb at owasp.org> wrote:

> Excellent points.  So you would agree that this is a committee issue for
> the GCC - hence the purpose of the global committee
>
> https://www.owasp.org/index.php/Global_Chapter_Committee
>
>
> On Aug 31, 2011, at 8:52 PM, "Lorna Alamri" <lorna.alamri at owasp.org>
> wrote:
>
> > As a chapter leader and an OWASP Fund Raiser, I'm uncomfortable with not
> > having tight controls and limits around how chapter funds are used for
> > Chapter leaders travel. In development you put in a separation of duties
> as
> > a control and I think something similar should be done within OWASP for
> > Chapter Funds being used for travel as well.
> >
> > I don't think it's appropriate that I raise funds, and then approve using
> > those funds for my OWASP related travel. The corporate sponsors and
> members
> > of our chapter have donated funds because they want us to be able to
> bring
> > in great speakers for meetings, hold training and conference events. I
> feel
> > there is a strong argument for funding Chapter leaders to travel for
> OWASP
> > from chapter funds.
> >
> > However, thought needs to be put into how chapter funds could be misused
> and
> > policies put in place to mitigate the risk. It would be very damaging to
> > OWASP as a whole if chapter funds were misused and the OWASP Foundation
> > needs to think about the ramifications if allegations are made regarding
> > chapter funds misuse as though it would be a local incident it could have
> > much further impact than just regional.
> >
> > As OWASP is a growing organization it must be kept in mind that we are
> > setting precedent with these decisions. I think Dave is right to hold up
> a
> > flag and say wait we need to think this through.
> >
> > Regards,
> > Lorna
> >
> >
> > -----Original Message-----
> > From: global_chapter_committee-bounces at lists.owasp.org
> > [mailto:global_chapter_committee-bounces at lists.owasp.org] On Behalf Of
> Dave
> > Wichers
> > Sent: Wednesday, August 31, 2011 7:27 PM
> > To: 'Christian Heinrich'
> > Cc: global_chapter_committee at lists.owasp.org
> > Subject: Re: [Global_chapter_committee] FW: DEF CON Reimbursement
> >
> > My question has nothing to do with what Richard does, or where he works.
> > It's simply a question of whether this type of chapter expense is
> something
> > we want to allow. I'm not hard over here. I'm just interested in people's
> > opinions. I personally don't think it’s the best use of a chapter's
> funds,
> > and I'm not really sure it's an appropriate use either, but that’s my
> > opinion. Best use is the chapter's responsibility and I fully support
> their
> > freedom to choose.
> >
> > Appropriate use is an OWASP chapter expense guidelines question, which is
> > the question I posed.
> >
> > -Dave
> >
> > -----Original Message-----
> > From: Christian Heinrich [mailto:christian.heinrich at owasp.org]
> > Sent: Wednesday, August 31, 2011 8:20 PM
> > To: Dave Wichers
> > Cc: global_chapter_committee at lists.owasp.org
> > Subject: Re: [Global_chapter_committee] FW: DEF CON Reimbursement
> >
> > Dave,
> >
> > I wish to highlight that since Richard is employed by the Los Angeles
> County
> > Department of Public Health i.e. an end user and *not* a vendor and/or
> > consultancy, then in my opinion there is no perceived conflict of
> interest
> > or exploitation of OWASP.
> >
> > On Thu, Sep 1, 2011 at 4:55 AM, Dave Wichers <dave.wichers at owasp.org>
> wrote:
> >> Guys,
> >>
> >> I'm not trying to make a mountain of out nothing here, but I don't
> >> know if I would consider this an appropriate chapter expense. And on
> >> top of that, the chapter was already represented by at least two other
> >> members being there already.
> >>
> >> I'd like to get the entire committee's thoughts on the appropriateness
> >> of this type of expense. I've never seen an expense like this for OWASP
> > before.
> >> I know Tin's opinion since he approved this for his local chapter in
> >> the first place, so I'm interested in the rest of the committee's
> > thoughts.
> >>
> >> -Dave
> >>
> >> -----Original Message-----
> >> From: Alison McNamee [mailto:alison.mcnamee at owasp.org]
> >> Sent: Wednesday, August 31, 2011 2:29 PM
> >> To: Dave Wichers
> >> Cc: Kate Hartmann
> >> Subject: FW: DEF CON Reimbursement
> >>
> >> Dave,
> >>
> >> Please see Tin's response below concerning Richard Greenberg's
> >> reimbursement from the LA Chapter funds for travel to DEF CON.  Is it
> >> ok to go ahead and mail this check?
> >>
> >> Thanks,
> >>
> >> Alison Shrader
> >> The OWASP Foundation
> >> 9175 Guilford Road, Suite 300
> >> Columbia, MD 21046
> >> 1-301-575-0197
> >> 1-443-283-4021 (Fax)
> >>
> >> -----Original Message-----
> >> From: Tin Zaw [mailto:tin.zaw at owasp.org]
> >> Sent: Tuesday, August 30, 2011 3:38 PM
> >> To: Alison McNamee
> >> Cc: Richard Greenberg
> >> Subject: Re: DEF CON Reimbursement
> >>
> >> Alison,
> >>
> >> Richard was not presenting OWASP material at the conference, but
> >> Richard is instrumental in recruiting speakers and sponsors for LA
> chapter
> > meetings.
> >> DEFCON is a perfect ground for such event, and he got good leads there.
> >> Cassio and I were there too but we were lucky enough to be sponsored
> >> by our employers, but Richard was not, and hence we decided to support
> his
> > trip.
> >>
> >> Thank you.
> >>
> >> On Tue, Aug 30, 2011 at 12:26 PM, Alison McNamee
> >> <alison.mcnamee at owasp.org>
> >> wrote:
> >>> Hi Tin,
> >>>
> >>> I just want to verify why the LA chapter is paying for Richard's
> >>> travel to DEF CON.  Was he presenting on OWASP there?
> >>>
> >>> Thanks!!
> >>>
> >>> Alison Shrader
> >>> The OWASP Foundation
> >>> 9175 Guilford Road, Suite 300
> >>> Columbia, MD 21046
> >>> 1-301-575-0197
> >>> 1-443-283-4021 (Fax)
> >>>
> >>> -----Original Message-----
> >>> From: Tin Zaw [mailto:tin.zaw at owasp.org]
> >>> Sent: Tuesday, August 23, 2011 9:06 PM
> >>> To: alison mcnamee
> >>> Cc: Richard Greenberg; Cassio Goldschmidt
> >>> Subject: Fwd: DEF CON Reimbursement
> >>>
> >>> Alison,
> >>>
> >>> Please reimburse Richard with $533.98 from LA chapter funds.
> >>>
> >>> Thank you.
> >>>
> >>>
> >>> ---------- Forwarded message ----------
> >>> From: Richard Greenberg <richard.greenberg at owasp.org>
> >>> Date: Mon, Aug 22, 2011 at 2:41 PM
> >>> Subject: DEF CON Reimbursement
> >>> To: Tin Zaw <tin.zaw at owasp.org>
> >>>
> >>>
> >>> Tin,
> >>>
> >>> Please find attached my travel expenses for DEF CON. I have not
> >>> billed for food or admittance to the conference.
> >>>
> >>> Airfare: $215
> >>> Hotel: $119.08
> >>> Taxi: $199.90
> >>> Total: $533.98
> >>>
> >>> My mailing address is:
> >>> 5920 Stoneview Dr
> >>> Culver City, Ca 90232
> >>>
> >>> Thank you.
> >>>
> >>> --
> >>> Richard Greenberg, CISSP
> >>> Board of Directors, OWASP Los Angeles, www.owaspla.org Board of
> >>> Directors, ISSA Los Angeles, www.issa-la.org OWASP Global Conference
> >>> Committee
> >>> LinkedIn:  http://www.linkedin.com/in/richardagreenberg
> >>>
> >>>
> >>>
> >>> --
> >>> Tin Zaw, CISSP, CSSLP
> >>> Chapter Leader and President, OWASP Los Angeles Chapter Chair, OWASP
> >>> Global Chapter Committee Google Voice: (213) 973-9295
> >>> LinkedIn: http://www.linkedin.com/in/tinzaw
> >>>
> >>>
> >>
> >>
> >>
> >> --
> >> Tin Zaw, CISSP, CSSLP
> >> Chapter Leader and President, OWASP Los Angeles Chapter Chair, OWASP
> >> Global Chapter Committee Google Voice: (213) 973-9295
> >> LinkedIn: http://www.linkedin.com/in/tinzaw
> >>
> >>
> >> _______________________________________________
> >> Global_chapter_committee mailing list
> >> Global_chapter_committee at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/global_chapter_committee
> >>
> >
> >
> >
> > --
> > Regards,
> > Christian Heinrich
> > http://www.owasp.org/index.php/user:cmlh
> >
> > _______________________________________________
> > Global_chapter_committee mailing list
> > Global_chapter_committee at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/global_chapter_committee
> >
> > _______________________________________________
> > Global_chapter_committee mailing list
> > Global_chapter_committee at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/global_chapter_committee
> _______________________________________________
> Global_chapter_committee mailing list
> Global_chapter_committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global_chapter_committee
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_chapter_committee/attachments/20110831/6a9479e3/attachment-0001.html

More information about the Global_chapter_committee mailing list