[Global_chapter_committee] All things Schwag - "open" requests and processing

Mark Bristow mark.bristow at owasp.org
Tue Jul 5 12:17:17 EDT 2011


Jason,

Does Amazon support custom buisness processes?  I.E. could the GCCs put a
hook in the process to authorize orders before they go out?

On Tue, Jul 5, 2011 at 12:30 PM, Kate Hartmann <kate.hartmann at owasp.org>wrote:

> This is exactly the kind of thing I am researching.  I had not considered
> Amazon.  I am waiting currently for a connection with our current vendor to
> hopefully leverage our existing relationship.
>
>
> Kate Hartmann
> OWASP Operations Director
>
>
> On Jul 5, 2011, at 11:35 AM, Jason Li <jason.li at owasp.org> wrote:
>
> All,
>
> At the risk of once again stepping into the fray of a discussion that I
> don't have all the context for (i.e. membership), I'd like to make the
> following proposal.
>
> Note that I'm literally composing this off the top of my head - so I
> haven't thought through all the details - but I think it's a reasonable idea
> for us to consider as an organization.
>
> Here are what I see as the current challenges to distributing OWASP schwag:
>
> * Storage of schwag - my understanding is that we store schwag instead of
> ordering it on demand because (1) we get bulk pricing and (2) most producers
> won't create micro-orders
>
> * Distribution of schwag - since we're storing the schwag, we need to be
> able to send it promptly to events.
>
> * Expense tracking - schwag costs money - plain and simple. In order to
> make sure we are not exhausting OWASP resources, we need to be smart about
> how much schwag we give away at events. Local event planners are in the best
> position to decide how much and what type of schwag they need and they are
> also in a position to look at how the costs of that schwag can be supported
> by their event budget (I am assuming that local events pay for the schwag
> out of their budgets?). So we need a way to accurately track what is being
> sent to local event organizers.
>
> * Inventory tracking - we need to accurately know how much schwag we have
> so we know when supplies are low. It's also helpful to see what items are
> popular and what aren't so we don't order them again in the future.
>
> I would like to propose that we leverage Fulfillment by Amazon (<http://www.amazon.com/gp/help/customer/display.html?nodeId=200229160>
> http://www.amazon.com/gp/help/customer/display.html?nodeId=200229160) to
> help us with these challenges.
>
> Using this strategy, I would envision the following:
> -1) Setup an OWASP Amazon store
> 0) Support staff sends all of our current inventory to Amazon Fulfillment
> and works with CCCs to establish appropriate pricing
> 1) Conf/Chapt Committees (CCCs) work with support staff to identify future
> desirable OWASP schwag items
> 2) Support staff researches vendors to supply such schwag in bulk and
> presents to CCCs
> 3) CCCs selects from available options and support staff orders items and
> ships directly to Amazon Fulfillment
> 4) Items are priced at cost (including Amazon transaction and storage fees)
> 5) Event organizers browser the OWASP store on Amazon to find descriptions
> and prices of what they want so they can fit it into their budget
> 6) CCCs and support staff provide individualized coupon codes to event
> organizers so that they don't have to pay directly. Instead, the expense is
> incurred by the OWASP Store which is backed by the Foundation budget
> 7) Event organizers use this code to  purchase items directly from Amazon
> which tracks inventory and manages delivery
> 8) Invoice gets generated by Amazon so we have an accurate amount to charge
> back to the event budget
>
> This strategy has the following benefits:
> * Can be done *immediately* with our current inventory, while the CCCs look
> for partnerships with new vendors and schwag producers
> * We leverage a service that has the power/experience to perform
> distribution and inventory
> * We get detailed invoices and expenses done automatically
> * We get accurate inventory management
> * And now *anyone* can "buy" OWASP promotional material - and as long as we
> are diligent about pricing the items correctly, it can even be a potential
> source of fundraising revenue (instead of a $50 membership, buy a $5 OWASP
> pen or a $15 OWASP cap!)
>
> Again, I don't expect this strategy to solve all of our problems, and I am
> jumping into this discussion without full context or history. But I would
> like to see some creative, constructive solutions rather than bicker about
> policy and areas of responsibility.
>
> -Jason
>
> On Tue, Jul 5, 2011 at 10:51 AM, Kate Hartmann < <kate.hartmann at owasp.org>
> kate.hartmann at owasp.org> wrote:
>
>> Mark, I am not disagreeing with you other than to say that we need a
>> better solution than having one person responsible for this.  Considering
>> our global scope and increasing size, it makes more sense to allocate our
>> resources to more important problems than pens and lanyards.****
>>
>> ** **
>>
>> I am looking for a long term, global solution.  Asking Sarah to manage
>> this is about as appropriate as asking you to do it.  There are more
>> important and mission critical things she can be doing.  Having done this
>> for several years, I know that it sounds like it’s really easy to manage
>> goodie requests (or at least it should be), but when you factor in trying to
>> navigate different pricing schemes from different vendors, working on
>> setting up a European storehouse, worrying about which budget it comes from
>> or if it needs to be billed to a committee, chapter, person, vendor,
>> sponsor, etc, not to mention if it’s attached to an event (local or global)
>> – it’s bigger than you think.****
>>
>> ** **
>>
>> It’s not the right thing to do to just push this off onto Sarah.  OWASP
>> resources are too valuable.  So, I will continue to lick stamps and send out
>> what you tell me to until a better solution can be arranged.  ****
>>
>> ** **
>>
>> Kate Hartmann****
>>
>> Operations Director****
>>
>> 301-275-9403****
>>
>> www.owasp.org ****
>>
>> Skype:  Kate.hartmann1****
>>
>> ** **
>>
>> *From:* Mark Bristow [mailto: <mark.bristow at owasp.org>
>> mark.bristow at owasp.org]
>> *Sent:* Tuesday, July 05, 2011 10:13 AM
>> *To:* Kate Hartmann
>>
>> *Subject:* Re: All things Schwag - "open" requests and processing****
>>
>> ** **
>>
>> FYI I see this AS "outsourcing" it to Sarah.****
>>
>> On Tue, Jul 5, 2011 at 10:11 AM, Mark Bristow < <mark.bristow at owasp.org>
>> mark.bristow at owasp.org> wrote:****
>>
>> Sara is doing that as well with new stock items (not the existing stuff).
>> But some things are coming directly from vendors and it's causing confusion
>> who has sent what, when etc....****
>>
>> ** **
>>
>> On Tue, Jul 5, 2011 at 9:39 AM, Kate Hartmann < <kate.hartmann at owasp.org>
>> kate.hartmann at owasp.org> wrote:****
>>
>> What's your point?  I am saying, we need to solve the confusion globally,
>> and that I will, since I have access to everything now, send out what I'm
>> told.  Until we can outsource order fulfillment I will lick the stamps.  Who
>> else is doing that?****
>>
>>
>>
>> Kate Hartmann****
>>
>> OWASP Operations Director****
>>
>> ** **
>>
>>
>> On Jul 5, 2011, at 9:19 AM, Mark Bristow < <mark.bristow at owasp.org>
>> mark.bristow at owasp.org> wrote:****
>>
>> Kate,
>>
>> Actually right now we have two people doing a similar task.  I believe
>> consolidating will help improve tracking and efficiency.
>>
>> -Mark****
>>
>> On Tue, Jul 5, 2011 at 9:29 AM, Kate Hartmann < <kate.hartmann at owasp.org>
>> kate.hartmann at owasp.org> wrote:****
>>
>> Moving the requests from one person to another, does not solve the
>> problem, it only moves it.  The idea of outsourcing this has come up before
>> so I am revisiting that.  ****
>>
>> ** **
>>
>> In the meantime, since I have easier access to the items, just tell me
>> what needs to go where and I will send it out.  You can track it however
>> works best for you.
>>
>> Kate Hartmann****
>>
>> OWASP Operations Director****
>>
>> ** **
>>
>>
>> On Jul 2, 2011, at 10:09 AM, Sarah Baso < <sarah.baso at owasp.org>
>> sarah.baso at owasp.org> wrote:****
>>
>> Kate,****
>>
>> Yesterday was a long day with lots of email flying around.  I am sorry if
>> I came off as rude, that was not my intent. At the core, I think you and I
>> are trying to accomplish the same thing - an efficient and accurate way to
>> make sure everyone who requests promo merch (within reason) gets what they
>> request in a timely manner. Additionally, we need to be tracking the proper
>> amount to bill the chapter, conference, or committee appropriately. ****
>>
>> ** **
>>
>> Maybe I am the only one that thinks the system we have isn't working well?
>> Do you feel like things are going ok?  I thought part of the intent in me
>> taking over this was also to alleviate you of some of the work associated
>> with schwag requests, but I don't think that is happening (I really am not
>> the one who can answer this though).****
>>
>> ** **
>>
>> *To do: for sarah to follow up with committees*****
>>
>> We need a list of merchandise that we are consistently "reordering" and
>> separate that from "closeout" merch that we are not reordering ****
>>
>> ** **
>>
>> *Merchandise request workflow*****
>>
>> ** **
>>
>> 1. Individual submits request for merch on form****
>>
>> 2. Sarah checks form and estimates cost****
>>
>>     a. If a conference related request, make sure event is entered into
>> OCMS and has been approved by the conference committee****
>>
>>     b. If a chapter-related request, clear it through the chapter
>> committee (the committee decided that requests under $200 can be approved by
>> Tin and   over must be approved by the committee)****
>>
>> ** **
>>
>> 3. Sarah follows up with person making request to let them know we
>> received request and status (if need to enter into OCMS, if waiting on
>> committee approval, need additional info, or ready to be mailed, etc) and
>> CC's Kate****
>>
>> ** **
>>
>> 4. Sarah sends another email if confirmation of request was not processed
>> in step #3 - letting them know we have everything we need and will ship, CC
>> Kate****
>>
>> ** **
>>
>> 5. Kate sends merchandise and ...****
>>
>> a. CCing recipient and Sarah with Shipping info****
>>
>> b. Email Sarah confirming what and how much was shipped - email can be as
>> simple as "Sent what was requested on form."****
>>
>> ** **
>>
>> I feel like items #4 and #5b need some work. When there are follow up
>> items on their request list,  I am not sending follow up emails in a timely
>> fashion; when things are shipped, I am not sure on what things were actually
>> shipped.  I see 3 solutions: first, we try this workflow again, second, we
>> revise the spreadsheet so you can enter the information directly when you
>> send, or third, I send out the merchandise.****
>>
>> ** **
>>
>> Mark would clearly prefer the 3rd option and I tend to agree, but am
>> willing to hear your input on this if you would rather go forward with
>> something else.****
>>
>> ** **
>>
>> Regards,****
>>
>> Sarah****
>>
>> ** **
>>
>> On Fri, Jul 1, 2011 at 2:48 PM, Kate Hartmann < <kate.hartmann at owasp.org>
>> kate.hartmann at owasp.org> wrote:****
>>
>> So, propose your solution and I will work within those guidelines as long
>> as it supports our mission and our chapter leaders.****
>>
>>  ****
>>
>> Kate Hartmann****
>>
>> Operations Director****
>>
>> 301-275-9403****
>>
>> <http://www.owasp.org/>www.owasp.org ****
>>
>> Skype:  Kate.hartmann1****
>>
>>  ****
>>
>> *From:* Sarah Baso [mailto: <sarah.baso at owasp.org>sarah.baso at owasp.org]
>> *Sent:* Friday, July 01, 2011 3:31 PM
>> *To:* Kate Hartmann
>> *Cc:* Mark Bristow; Tin Zaw; alison mcnamee****
>>
>>
>> *Subject:* Re: All things Schwag - "open" requests and processing****
>>
>>  ****
>>
>> Yes, you did tell me that all those items were what was "in stock" but
>> also was not aware that we had decided not to reorder them.. clearly some
>> are reordered and others are not (i.e. pens and notepad are
>> reordered...green polos from appsec x in 2xxx will not be reordered), I
>> wasn't clear on the podcast DVDs so that is why I am asking for
>> clarification.. when you say "I gave you all the podcast dvds during appsec
>> eu" does that mean we can't get more or don't want to get more? ****
>>
>>  ****
>>
>> Also re: final costs, yes i understand that you need that info from the
>> vendor.. however, for the other items that you sent Nick like pens and
>> lanyards, I just need confirmation that you sent 150 of each (which is what
>> he specified on the form) + he requested 150 notepads (did you send these
>> too)? As a general rule, just a confirmation (in addition to the shipping
>> info, which i have been receiving), some confirmation that you either sent
>> what was requested or how you modified it would be great.****
>>
>>  ****
>>
>> Finally regarding ordering the schwag and shipping it, I am not going to
>> order stuff myself to have here if you are also stocking up on it.. that
>> seems pointless. Shouldn't we have one of us ordering/reordering instead of
>> duplicating efforts?****
>>
>>  ****
>>
>> Thanks****
>>
>> Sarah****
>>
>> On Fri, Jul 1, 2011 at 2:12 PM, Kate Hartmann < <kate.hartmann at owasp.org>
>> kate.hartmann at owasp.org> wrote:****
>>
>> Sarah, when this was set up, we reviewed standard items and recordable
>> items.  I took an inventory of what we had “in stock” and out of that came
>> the request form.  I copied you on the ups deliveries for the items sent.
>> We had discussed shipping out what was “in stock” first and I believe it was
>> fairly clear when discussing the DVDs for AppSec EU that they would be
>> purchased by the Industry Committee.  ****
>>
>>  ****
>>
>> I don’t know final costs until I get an invoice from the vendor – I have
>> also said that before.  An estimate was given prior to the order.  this was
>> clarified with Nick who choose to order the black shirts for an additional
>> cost rather than receiving shipment of the “in stock” polo shirts.  Just got
>> the vendor invoice from New Zealand last week – thus the notification of the
>> $121 with clarification from Alison.  The estimate for the bottle openers
>> was sent around and approved as well – prior to them being ordered.****
>>
>>  ****
>>
>> You can order whatever you want to.  I had given you the introduction to
>> Susan at Konik two months ago (as well as doing the same for Lorna for
>> AppSec US)  I think I also did this for John Payton at Rocksports.  If not,
>> I will be sure to do that.****
>>
>>  ****
>>
>> What else would you like me to do?  I believe I have been compliant and
>> responsive.  ****
>>
>>  ****
>>
>>  ****
>>
>> Kate Hartmann****
>>
>> Operations Director****
>>
>> 301-275-9403****
>>
>> <http://www.owasp.org>www.owasp.org ****
>>
>> Skype:  Kate.hartmann1****
>>
>>  ****
>>
>> *From:* Sarah Baso [mailto: <sarah.baso at owasp.org>sarah.baso at owasp.org]
>> *Sent:* Friday, July 01, 2011 3:01 PM
>> *To:* Kate Hartmann
>> *Cc:* Mark Bristow; Tin Zaw****
>>
>>
>> *Subject:* Re: All things Schwag - "open" requests and processing****
>>
>>  ****
>>
>> So does that mean we can't get more or aren't getting more?  We really
>> need a standard list of what we are reordering and what we aren't. This is
>> something I would like the permission to work out with both conferences and
>> chapters -- what would they like us to keep on hand as standard items.  Does
>> this work for you if I coordinate it with those committees?****
>>
>>  ****
>>
>>  ****
>>
>> On Fri, Jul 1, 2011 at 1:51 PM, Kate Hartmann < <kate.hartmann at owasp.org>
>> kate.hartmann at owasp.org> wrote:****
>>
>> I gave you all the podcast DVD during AppSec EU****
>>
>>  ****
>>
>> Kate Hartmann****
>>
>> Operations Director****
>>
>> 301-275-9403****
>>
>> <http://www.owasp.org>www.owasp.org ****
>>
>> Skype:  Kate.hartmann1****
>>
>>  ****
>>
>> *From:* Tin Zaw [mailto: <tin.zaw at owasp.org>tin.zaw at owasp.org]
>> *Sent:* Friday, July 01, 2011 1:48 PM
>> *To:* Sarah Baso
>> *Cc:* Mark Bristow; Kate Hartmann
>> *Subject:* Re: All things Schwag - "open" requests and processing****
>>
>>  ****
>>
>> I got the items I requested.  Thanks!****
>>
>> On Jul 1, 2011 12:55 PM, "Sarah Baso" < <sarah.baso at owasp.org>
>> sarah.baso at owasp.org> wrote:
>> > Kate -
>> > Here are the open OWASP merchandise requests that i have questions on:
>> >
>> > 1. Nick Freeman - what did you send him and what were the final costs of
>> the
>> > special items you ordered?
>> >
>> > 2. Mohd Fazli - lets send 150 of each pens, notepads and stickers (total
>> > $277.50), then if we can work out to order him 5 books to raffle (est
>> $60)
>> > that would be perfect. Obviously it will be a higher shipping cost for
>> this
>> > event. Just let me know what the total number of each item is that you
>> > send.
>> >
>> >
>> > 3. Martin Knobloch - what have you sent him (i.e. for the Chaos
>> > Communication Camp) that should be charged to either chapters or
>> > conferences?
>> >
>> > 4. Tin Zaw - did you send the items as requested on the spreadsheet (or
>> were
>> > the items/quantity of items different)?
>> >
>> > 5. Blackhat/Defcon - total cost of the $3000 bottle openers?
>> >
>> > 5. Lucas Ferreira - 100 stickers ($25.00) and 5 OWASP books to raffle
>> off
>> > (approx. $12.00/each = $60) = total $85.00 - OWASP outreach at the
>> seginfo
>> > conference in Rio de Janeiro, Brazil, bill to Conf. Committee.
>> >
>> > 6. Josh Sokol - requested for LASCON - 2 black shoulder bags (@$4.00
>> each =
>> > $8.00), 2 khaki ball caps (@$11.00 each = $22.00), 100 pens (@$0.75 each
>> =
>> > $75.00), 100 notepads ($0.85 each = $85.00), 10 podcast DVDs (@5.00/each
>> =
>> > $50), 100 stickers ($0.25 - $25.00) = *TOTAL $265.00 (Bill to Lascon)*
>> >
>> >
>> > Thanks in advance for clarifying on each of these.
>> >
>> > Sarah
>> >
>> > --
>> > Dir: 312-869-2779
>> > skype: sarah.baso****
>>
>>
>>
>>
>> --
>> Dir: 312-869-2779****
>>
>> skype: sarah.baso****
>>
>>  ****
>>
>>
>>
>>
>> --
>> Dir: 312-869-2779****
>>
>> skype: sarah.baso****
>>
>>  ****
>>
>>
>>
>>
>> --
>> Dir: 312-869-2779****
>>
>> skype: sarah.baso****
>>
>> ** **
>>
>>
>>
>>
>> --
>> Mark Bristow
>> (703) 596-5175
>> <mark.bristow at owasp.org>mark.bristow at owasp.org
>>
>> OWASP Global Conferences Committee Chair - <http://is.gd/5MTvF>
>> http://is.gd/5MTvF
>> OWASP DC Chapter Co-Chair - <http://is.gd/5MTwu>http://is.gd/5MTwu
>> AppSec DC Organizer - <https://www.appsecdc.org>https://www.appsecdc.org*
>> ***
>>
>>
>>
>>
>> --
>> Mark Bristow
>> (703) 596-5175
>> <mark.bristow at owasp.org>mark.bristow at owasp.org
>>
>> OWASP Global Conferences Committee Chair - <http://is.gd/5MTvF>
>> http://is.gd/5MTvF
>> OWASP DC Chapter Co-Chair - <http://is.gd/5MTwu>http://is.gd/5MTwu
>> AppSec DC Organizer - <https://www.appsecdc.org>https://www.appsecdc.org*
>> ***
>>
>>
>>
>>
>> --
>> Mark Bristow
>> (703) 596-5175
>>  <mark.bristow at owasp.org>mark.bristow at owasp.org
>>
>> OWASP Global Conferences Committee Chair - <http://is.gd/5MTvF>
>> http://is.gd/5MTvF
>> OWASP DC Chapter Co-Chair - <http://is.gd/5MTwu>http://is.gd/5MTwu
>> AppSec DC Organizer - <https://www.appsecdc.org>https://www.appsecdc.org*
>> ***
>>
>> _______________________________________________
>> Global_chapter_committee mailing list
>>  <Global_chapter_committee at lists.owasp.org>
>> Global_chapter_committee at lists.owasp.org
>>  <https://lists.owasp.org/mailman/listinfo/global_chapter_committee>
>> https://lists.owasp.org/mailman/listinfo/global_chapter_committee
>>
>>
>


-- 
Mark Bristow
(703) 596-5175
mark.bristow at owasp.org

OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
AppSec DC Organizer - https://www.appsecdc.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_chapter_committee/attachments/20110705/c13c5e46/attachment-0001.html 


More information about the Global_chapter_committee mailing list