[Global_chapter_committee] All things Schwag - "open" requests and processing

Jason Li jason.li at owasp.org
Tue Jul 5 12:20:22 EDT 2011


I'll be honest and say that I'm not sure.

I think that if they are doing the order fulfillment directly from their
warehouses, then the answer is probably no...

I'd be happy to look into it though - it'll keep me busy and away from the
mailing lists for awhile ;-)

-Jason

On Tue, Jul 5, 2011 at 12:17 PM, Mark Bristow <mark.bristow at owasp.org>wrote:

> Jason,
>
> Does Amazon support custom buisness processes?  I.E. could the GCCs put a
> hook in the process to authorize orders before they go out?
>
>
> On Tue, Jul 5, 2011 at 12:30 PM, Kate Hartmann <kate.hartmann at owasp.org>wrote:
>
>> This is exactly the kind of thing I am researching.  I had not considered
>> Amazon.  I am waiting currently for a connection with our current vendor to
>> hopefully leverage our existing relationship.
>>
>>
>> Kate Hartmann
>> OWASP Operations Director
>>
>>
>> On Jul 5, 2011, at 11:35 AM, Jason Li <jason.li at owasp.org> wrote:
>>
>> All,
>>
>> At the risk of once again stepping into the fray of a discussion that I
>> don't have all the context for (i.e. membership), I'd like to make the
>> following proposal.
>>
>> Note that I'm literally composing this off the top of my head - so I
>> haven't thought through all the details - but I think it's a reasonable idea
>> for us to consider as an organization.
>>
>> Here are what I see as the current challenges to distributing OWASP
>> schwag:
>>
>> * Storage of schwag - my understanding is that we store schwag instead of
>> ordering it on demand because (1) we get bulk pricing and (2) most producers
>> won't create micro-orders
>>
>> * Distribution of schwag - since we're storing the schwag, we need to be
>> able to send it promptly to events.
>>
>> * Expense tracking - schwag costs money - plain and simple. In order to
>> make sure we are not exhausting OWASP resources, we need to be smart about
>> how much schwag we give away at events. Local event planners are in the best
>> position to decide how much and what type of schwag they need and they are
>> also in a position to look at how the costs of that schwag can be supported
>> by their event budget (I am assuming that local events pay for the schwag
>> out of their budgets?). So we need a way to accurately track what is being
>> sent to local event organizers.
>>
>> * Inventory tracking - we need to accurately know how much schwag we have
>> so we know when supplies are low. It's also helpful to see what items are
>> popular and what aren't so we don't order them again in the future.
>>
>> I would like to propose that we leverage Fulfillment by Amazon (<http://www.amazon.com/gp/help/customer/display.html?nodeId=200229160>
>> http://www.amazon.com/gp/help/customer/display.html?nodeId=200229160) to
>> help us with these challenges.
>>
>> Using this strategy, I would envision the following:
>> -1) Setup an OWASP Amazon store
>> 0) Support staff sends all of our current inventory to Amazon Fulfillment
>> and works with CCCs to establish appropriate pricing
>> 1) Conf/Chapt Committees (CCCs) work with support staff to identify future
>> desirable OWASP schwag items
>> 2) Support staff researches vendors to supply such schwag in bulk and
>> presents to CCCs
>> 3) CCCs selects from available options and support staff orders items and
>> ships directly to Amazon Fulfillment
>> 4) Items are priced at cost (including Amazon transaction and storage
>> fees)
>> 5) Event organizers browser the OWASP store on Amazon to find descriptions
>> and prices of what they want so they can fit it into their budget
>> 6) CCCs and support staff provide individualized coupon codes to event
>> organizers so that they don't have to pay directly. Instead, the expense is
>> incurred by the OWASP Store which is backed by the Foundation budget
>> 7) Event organizers use this code to  purchase items directly from Amazon
>> which tracks inventory and manages delivery
>> 8) Invoice gets generated by Amazon so we have an accurate amount to
>> charge back to the event budget
>>
>> This strategy has the following benefits:
>> * Can be done *immediately* with our current inventory, while the CCCs
>> look for partnerships with new vendors and schwag producers
>> * We leverage a service that has the power/experience to perform
>> distribution and inventory
>> * We get detailed invoices and expenses done automatically
>> * We get accurate inventory management
>> * And now *anyone* can "buy" OWASP promotional material - and as long as
>> we are diligent about pricing the items correctly, it can even be a
>> potential source of fundraising revenue (instead of a $50 membership, buy a
>> $5 OWASP pen or a $15 OWASP cap!)
>>
>> Again, I don't expect this strategy to solve all of our problems, and I am
>> jumping into this discussion without full context or history. But I would
>> like to see some creative, constructive solutions rather than bicker about
>> policy and areas of responsibility.
>>
>> -Jason
>>
>> On Tue, Jul 5, 2011 at 10:51 AM, Kate Hartmann <<kate.hartmann at owasp.org>
>> kate.hartmann at owasp.org> wrote:
>>
>>> Mark, I am not disagreeing with you other than to say that we need a
>>> better solution than having one person responsible for this.  Considering
>>> our global scope and increasing size, it makes more sense to allocate our
>>> resources to more important problems than pens and lanyards.****
>>>
>>> ** **
>>>
>>> I am looking for a long term, global solution.  Asking Sarah to manage
>>> this is about as appropriate as asking you to do it.  There are more
>>> important and mission critical things she can be doing.  Having done this
>>> for several years, I know that it sounds like it’s really easy to manage
>>> goodie requests (or at least it should be), but when you factor in trying to
>>> navigate different pricing schemes from different vendors, working on
>>> setting up a European storehouse, worrying about which budget it comes from
>>> or if it needs to be billed to a committee, chapter, person, vendor,
>>> sponsor, etc, not to mention if it’s attached to an event (local or global)
>>> – it’s bigger than you think.****
>>>
>>> ** **
>>>
>>> It’s not the right thing to do to just push this off onto Sarah.  OWASP
>>> resources are too valuable.  So, I will continue to lick stamps and send out
>>> what you tell me to until a better solution can be arranged.  ****
>>>
>>> ** **
>>>
>>> Kate Hartmann****
>>>
>>> Operations Director****
>>>
>>> 301-275-9403****
>>>
>>> www.owasp.org ****
>>>
>>> Skype:  Kate.hartmann1****
>>>
>>> ** **
>>>
>>> *From:* Mark Bristow [mailto: <mark.bristow at owasp.org>
>>> mark.bristow at owasp.org]
>>> *Sent:* Tuesday, July 05, 2011 10:13 AM
>>> *To:* Kate Hartmann
>>>
>>> *Subject:* Re: All things Schwag - "open" requests and processing****
>>>
>>> ** **
>>>
>>> FYI I see this AS "outsourcing" it to Sarah.****
>>>
>>> On Tue, Jul 5, 2011 at 10:11 AM, Mark Bristow < <mark.bristow at owasp.org>
>>> mark.bristow at owasp.org> wrote:****
>>>
>>> Sara is doing that as well with new stock items (not the existing
>>> stuff).  But some things are coming directly from vendors and it's causing
>>> confusion who has sent what, when etc....****
>>>
>>> ** **
>>>
>>> On Tue, Jul 5, 2011 at 9:39 AM, Kate Hartmann <<kate.hartmann at owasp.org>
>>> kate.hartmann at owasp.org> wrote:****
>>>
>>> What's your point?  I am saying, we need to solve the confusion globally,
>>> and that I will, since I have access to everything now, send out what I'm
>>> told.  Until we can outsource order fulfillment I will lick the stamps.  Who
>>> else is doing that?****
>>>
>>>
>>>
>>> Kate Hartmann****
>>>
>>> OWASP Operations Director****
>>>
>>> ** **
>>>
>>>
>>> On Jul 5, 2011, at 9:19 AM, Mark Bristow < <mark.bristow at owasp.org>
>>> mark.bristow at owasp.org> wrote:****
>>>
>>> Kate,
>>>
>>> Actually right now we have two people doing a similar task.  I believe
>>> consolidating will help improve tracking and efficiency.
>>>
>>> -Mark****
>>>
>>> On Tue, Jul 5, 2011 at 9:29 AM, Kate Hartmann <<kate.hartmann at owasp.org>
>>> kate.hartmann at owasp.org> wrote:****
>>>
>>> Moving the requests from one person to another, does not solve the
>>> problem, it only moves it.  The idea of outsourcing this has come up before
>>> so I am revisiting that.  ****
>>>
>>> ** **
>>>
>>> In the meantime, since I have easier access to the items, just tell me
>>> what needs to go where and I will send it out.  You can track it however
>>> works best for you.
>>>
>>> Kate Hartmann****
>>>
>>> OWASP Operations Director****
>>>
>>> ** **
>>>
>>>
>>> On Jul 2, 2011, at 10:09 AM, Sarah Baso < <sarah.baso at owasp.org>
>>> sarah.baso at owasp.org> wrote:****
>>>
>>> Kate,****
>>>
>>> Yesterday was a long day with lots of email flying around.  I am sorry if
>>> I came off as rude, that was not my intent. At the core, I think you and I
>>> are trying to accomplish the same thing - an efficient and accurate way to
>>> make sure everyone who requests promo merch (within reason) gets what they
>>> request in a timely manner. Additionally, we need to be tracking the proper
>>> amount to bill the chapter, conference, or committee appropriately. ****
>>>
>>> ** **
>>>
>>> Maybe I am the only one that thinks the system we have isn't working
>>> well? Do you feel like things are going ok?  I thought part of the intent in
>>> me taking over this was also to alleviate you of some of the work associated
>>> with schwag requests, but I don't think that is happening (I really am not
>>> the one who can answer this though).****
>>>
>>> ** **
>>>
>>> *To do: for sarah to follow up with committees*****
>>>
>>> We need a list of merchandise that we are consistently "reordering" and
>>> separate that from "closeout" merch that we are not reordering ****
>>>
>>> ** **
>>>
>>> *Merchandise request workflow*****
>>>
>>> ** **
>>>
>>> 1. Individual submits request for merch on form****
>>>
>>> 2. Sarah checks form and estimates cost****
>>>
>>>     a. If a conference related request, make sure event is entered into
>>> OCMS and has been approved by the conference committee****
>>>
>>>     b. If a chapter-related request, clear it through the chapter
>>> committee (the committee decided that requests under $200 can be approved by
>>> Tin and   over must be approved by the committee)****
>>>
>>> ** **
>>>
>>> 3. Sarah follows up with person making request to let them know we
>>> received request and status (if need to enter into OCMS, if waiting on
>>> committee approval, need additional info, or ready to be mailed, etc) and
>>> CC's Kate****
>>>
>>> ** **
>>>
>>> 4. Sarah sends another email if confirmation of request was not processed
>>> in step #3 - letting them know we have everything we need and will ship, CC
>>> Kate****
>>>
>>> ** **
>>>
>>> 5. Kate sends merchandise and ...****
>>>
>>> a. CCing recipient and Sarah with Shipping info****
>>>
>>> b. Email Sarah confirming what and how much was shipped - email can be as
>>> simple as "Sent what was requested on form."****
>>>
>>> ** **
>>>
>>> I feel like items #4 and #5b need some work. When there are follow up
>>> items on their request list,  I am not sending follow up emails in a timely
>>> fashion; when things are shipped, I am not sure on what things were actually
>>> shipped.  I see 3 solutions: first, we try this workflow again, second, we
>>> revise the spreadsheet so you can enter the information directly when you
>>> send, or third, I send out the merchandise.****
>>>
>>> ** **
>>>
>>> Mark would clearly prefer the 3rd option and I tend to agree, but am
>>> willing to hear your input on this if you would rather go forward with
>>> something else.****
>>>
>>> ** **
>>>
>>> Regards,****
>>>
>>> Sarah****
>>>
>>> ** **
>>>
>>> On Fri, Jul 1, 2011 at 2:48 PM, Kate Hartmann <<kate.hartmann at owasp.org>
>>> kate.hartmann at owasp.org> wrote:****
>>>
>>> So, propose your solution and I will work within those guidelines as long
>>> as it supports our mission and our chapter leaders.****
>>>
>>>  ****
>>>
>>> Kate Hartmann****
>>>
>>> Operations Director****
>>>
>>> 301-275-9403****
>>>
>>> <http://www.owasp.org/>www.owasp.org ****
>>>
>>> Skype:  Kate.hartmann1****
>>>
>>>  ****
>>>
>>> *From:* Sarah Baso [mailto: <sarah.baso at owasp.org>sarah.baso at owasp.org]
>>> *Sent:* Friday, July 01, 2011 3:31 PM
>>> *To:* Kate Hartmann
>>> *Cc:* Mark Bristow; Tin Zaw; alison mcnamee****
>>>
>>>
>>> *Subject:* Re: All things Schwag - "open" requests and processing****
>>>
>>>  ****
>>>
>>> Yes, you did tell me that all those items were what was "in stock" but
>>> also was not aware that we had decided not to reorder them.. clearly some
>>> are reordered and others are not (i.e. pens and notepad are
>>> reordered...green polos from appsec x in 2xxx will not be reordered), I
>>> wasn't clear on the podcast DVDs so that is why I am asking for
>>> clarification.. when you say "I gave you all the podcast dvds during appsec
>>> eu" does that mean we can't get more or don't want to get more? ****
>>>
>>>  ****
>>>
>>> Also re: final costs, yes i understand that you need that info from the
>>> vendor.. however, for the other items that you sent Nick like pens and
>>> lanyards, I just need confirmation that you sent 150 of each (which is what
>>> he specified on the form) + he requested 150 notepads (did you send these
>>> too)? As a general rule, just a confirmation (in addition to the shipping
>>> info, which i have been receiving), some confirmation that you either sent
>>> what was requested or how you modified it would be great.****
>>>
>>>  ****
>>>
>>> Finally regarding ordering the schwag and shipping it, I am not going to
>>> order stuff myself to have here if you are also stocking up on it.. that
>>> seems pointless. Shouldn't we have one of us ordering/reordering instead of
>>> duplicating efforts?****
>>>
>>>  ****
>>>
>>> Thanks****
>>>
>>> Sarah****
>>>
>>> On Fri, Jul 1, 2011 at 2:12 PM, Kate Hartmann <<kate.hartmann at owasp.org>
>>> kate.hartmann at owasp.org> wrote:****
>>>
>>> Sarah, when this was set up, we reviewed standard items and recordable
>>> items.  I took an inventory of what we had “in stock” and out of that came
>>> the request form.  I copied you on the ups deliveries for the items sent.
>>> We had discussed shipping out what was “in stock” first and I believe it was
>>> fairly clear when discussing the DVDs for AppSec EU that they would be
>>> purchased by the Industry Committee.  ****
>>>
>>>  ****
>>>
>>> I don’t know final costs until I get an invoice from the vendor – I have
>>> also said that before.  An estimate was given prior to the order.  this was
>>> clarified with Nick who choose to order the black shirts for an additional
>>> cost rather than receiving shipment of the “in stock” polo shirts.  Just got
>>> the vendor invoice from New Zealand last week – thus the notification of the
>>> $121 with clarification from Alison.  The estimate for the bottle openers
>>> was sent around and approved as well – prior to them being ordered.****
>>>
>>>  ****
>>>
>>> You can order whatever you want to.  I had given you the introduction to
>>> Susan at Konik two months ago (as well as doing the same for Lorna for
>>> AppSec US)  I think I also did this for John Payton at Rocksports.  If not,
>>> I will be sure to do that.****
>>>
>>>  ****
>>>
>>> What else would you like me to do?  I believe I have been compliant and
>>> responsive.  ****
>>>
>>>  ****
>>>
>>>  ****
>>>
>>> Kate Hartmann****
>>>
>>> Operations Director****
>>>
>>> 301-275-9403****
>>>
>>> <http://www.owasp.org>www.owasp.org ****
>>>
>>> Skype:  Kate.hartmann1****
>>>
>>>  ****
>>>
>>> *From:* Sarah Baso [mailto: <sarah.baso at owasp.org>sarah.baso at owasp.org]
>>> *Sent:* Friday, July 01, 2011 3:01 PM
>>> *To:* Kate Hartmann
>>> *Cc:* Mark Bristow; Tin Zaw****
>>>
>>>
>>> *Subject:* Re: All things Schwag - "open" requests and processing****
>>>
>>>  ****
>>>
>>> So does that mean we can't get more or aren't getting more?  We really
>>> need a standard list of what we are reordering and what we aren't. This is
>>> something I would like the permission to work out with both conferences and
>>> chapters -- what would they like us to keep on hand as standard items.  Does
>>> this work for you if I coordinate it with those committees?****
>>>
>>>  ****
>>>
>>>  ****
>>>
>>> On Fri, Jul 1, 2011 at 1:51 PM, Kate Hartmann <<kate.hartmann at owasp.org>
>>> kate.hartmann at owasp.org> wrote:****
>>>
>>> I gave you all the podcast DVD during AppSec EU****
>>>
>>>  ****
>>>
>>> Kate Hartmann****
>>>
>>> Operations Director****
>>>
>>> 301-275-9403****
>>>
>>> <http://www.owasp.org>www.owasp.org ****
>>>
>>> Skype:  Kate.hartmann1****
>>>
>>>  ****
>>>
>>> *From:* Tin Zaw [mailto: <tin.zaw at owasp.org>tin.zaw at owasp.org]
>>> *Sent:* Friday, July 01, 2011 1:48 PM
>>> *To:* Sarah Baso
>>> *Cc:* Mark Bristow; Kate Hartmann
>>> *Subject:* Re: All things Schwag - "open" requests and processing****
>>>
>>>  ****
>>>
>>> I got the items I requested.  Thanks!****
>>>
>>> On Jul 1, 2011 12:55 PM, "Sarah Baso" < <sarah.baso at owasp.org>
>>> sarah.baso at owasp.org> wrote:
>>> > Kate -
>>> > Here are the open OWASP merchandise requests that i have questions on:
>>> >
>>> > 1. Nick Freeman - what did you send him and what were the final costs
>>> of the
>>> > special items you ordered?
>>> >
>>> > 2. Mohd Fazli - lets send 150 of each pens, notepads and stickers
>>> (total
>>> > $277.50), then if we can work out to order him 5 books to raffle (est
>>> $60)
>>> > that would be perfect. Obviously it will be a higher shipping cost for
>>> this
>>> > event. Just let me know what the total number of each item is that you
>>> > send.
>>> >
>>> >
>>> > 3. Martin Knobloch - what have you sent him (i.e. for the Chaos
>>> > Communication Camp) that should be charged to either chapters or
>>> > conferences?
>>> >
>>> > 4. Tin Zaw - did you send the items as requested on the spreadsheet (or
>>> were
>>> > the items/quantity of items different)?
>>> >
>>> > 5. Blackhat/Defcon - total cost of the $3000 bottle openers?
>>> >
>>> > 5. Lucas Ferreira - 100 stickers ($25.00) and 5 OWASP books to raffle
>>> off
>>> > (approx. $12.00/each = $60) = total $85.00 - OWASP outreach at the
>>> seginfo
>>> > conference in Rio de Janeiro, Brazil, bill to Conf. Committee.
>>> >
>>> > 6. Josh Sokol - requested for LASCON - 2 black shoulder bags (@$4.00
>>> each =
>>> > $8.00), 2 khaki ball caps (@$11.00 each = $22.00), 100 pens (@$0.75
>>> each =
>>> > $75.00), 100 notepads ($0.85 each = $85.00), 10 podcast DVDs
>>> (@5.00/each =
>>> > $50), 100 stickers ($0.25 - $25.00) = *TOTAL $265.00 (Bill to Lascon)*
>>> >
>>> >
>>> > Thanks in advance for clarifying on each of these.
>>> >
>>> > Sarah
>>> >
>>> > --
>>> > Dir: 312-869-2779
>>> > skype: sarah.baso****
>>>
>>>
>>>
>>>
>>> --
>>> Dir: 312-869-2779****
>>>
>>> skype: sarah.baso****
>>>
>>>  ****
>>>
>>>
>>>
>>>
>>> --
>>> Dir: 312-869-2779****
>>>
>>> skype: sarah.baso****
>>>
>>>  ****
>>>
>>>
>>>
>>>
>>> --
>>> Dir: 312-869-2779****
>>>
>>> skype: sarah.baso****
>>>
>>> ** **
>>>
>>>
>>>
>>>
>>> --
>>> Mark Bristow
>>> (703) 596-5175
>>> <mark.bristow at owasp.org>mark.bristow at owasp.org
>>>
>>> OWASP Global Conferences Committee Chair - <http://is.gd/5MTvF>
>>> http://is.gd/5MTvF
>>> OWASP DC Chapter Co-Chair - <http://is.gd/5MTwu>http://is.gd/5MTwu
>>> AppSec DC Organizer - <https://www.appsecdc.org>https://www.appsecdc.org
>>> ****
>>>
>>>
>>>
>>>
>>> --
>>> Mark Bristow
>>> (703) 596-5175
>>> <mark.bristow at owasp.org>mark.bristow at owasp.org
>>>
>>> OWASP Global Conferences Committee Chair - <http://is.gd/5MTvF>
>>> http://is.gd/5MTvF
>>> OWASP DC Chapter Co-Chair - <http://is.gd/5MTwu>http://is.gd/5MTwu
>>> AppSec DC Organizer - <https://www.appsecdc.org>https://www.appsecdc.org
>>> ****
>>>
>>>
>>>
>>>
>>> --
>>> Mark Bristow
>>> (703) 596-5175
>>>  <mark.bristow at owasp.org>mark.bristow at owasp.org
>>>
>>> OWASP Global Conferences Committee Chair - <http://is.gd/5MTvF>
>>> http://is.gd/5MTvF
>>> OWASP DC Chapter Co-Chair - <http://is.gd/5MTwu>http://is.gd/5MTwu
>>> AppSec DC Organizer - <https://www.appsecdc.org>https://www.appsecdc.org
>>> ****
>>>
>>> _______________________________________________
>>> Global_chapter_committee mailing list
>>>  <Global_chapter_committee at lists.owasp.org>
>>> Global_chapter_committee at lists.owasp.org
>>>  <https://lists.owasp.org/mailman/listinfo/global_chapter_committee>
>>> https://lists.owasp.org/mailman/listinfo/global_chapter_committee
>>>
>>>
>>
>
>
> --
> Mark Bristow
> (703) 596-5175
> mark.bristow at owasp.org
>
> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
> AppSec DC Organizer - https://www.appsecdc.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_chapter_committee/attachments/20110705/478bb7e9/attachment-0001.html 


More information about the Global_chapter_committee mailing list