[Global_chapter_committee] [Owasp-board] Proposed Conferences/Chapters policy changes

Tin Zaw tin.zaw at owasp.org
Mon Mar 19 20:43:54 UTC 2012


+1 to that, Seba and Jim.

My official vote, if requested, is No.

Thanks.

On Mon, Mar 19, 2012 at 1:41 PM, Jim Manico <jim.manico at owasp.org> wrote:

> Seba++
>
> I'm am also getting worried about a growing federalist/centralized OWASP
> movement regarding communications, projects, conferences and chapters.
>
> Well said, Seba.
>
> --
> Jim Manico
> (808) 652-3805
>
> On Mar 19, 2012, at 9:31 PM, Seba <seba at owasp.org> wrote:
>
> All,
>
> As chapters committee member, I am also voting No.
> There are too many questions / remarks I have with the proposed policy:
>
>  Training: not part of the question (leave it up to the education
> committee)
>
> How many chapter have > € 5000 now? Aren't we trying to solve a challenge
> for the happy few with too many red tape for the upcoming chapters?
>
> Why > 10k board approval required?
>
> Handbook chapter 4 is guidance, not policy: if we want to make it
> mandatory we have to add it to the mandatory section
>
>
>
> Don't agree with "Have the responsibility and authority for supporting and
> managing all chapter meetings": Why?
>
> "single point of truth": why?
>
>
>
> I don't agree that a chapter who charges a fee for an event = event
> defacto "managed by the conferences committee"
>
> I don't agree with the "single point of truth" for the conference page
>
> Why "Global Conferences Committee will take a more active, direct role in
> the planning the marquee foundation events" : the original issue at hand
> (lascon) was not about the global appsec events: why this direct role?
>
> Why does the conferences committee set the branding rules for all the
> events?
>
> What business & authority does the conference committee have with the
> chapter budgets?
>
> I don't agree with "■It is the responsibility of the chapter to plan
> ahead appropriately to get this budget through the Global Chapters
> Committee approval process if they intend to use the event to generate
> chapter revenue" => that would mean each event that e.g. Generates extra
> chapter sponsoring requires the conferences approval: what are you trying
> to achieve here?
>
> Chapter sponsorship should be explicitly out of this policy: only governed
> by the chapters committee
>
> The split is not clear: 50/50 or policy per type of event (still to be
> decided?)
>
>
> I don't agree with the top-down management point of view in general: to be
> scalable our guidance/policies should encourage local responsability and
> empowerment.
>
> --seba
> On Wed, Mar 14, 2012 at 8:27 PM, Tin Zaw <tin.zaw at owasp.org> wrote:
>
>> Josh, Mark, and Sarah,
>>
>> Thank you for your hard work to come up with the draft.
>>
>> I intend to vote No on this as the new policies are not in agreement
>> with my philosophy of stronger chapters. In addition, they put much
>> more burden on the committee members (of both committees).
>>
>> I am for stronger, more independent chapters with the board and the
>> committees providing oversight, not routine management, to prevent bad
>> things from happening. The goal for the board and the committees
>> should not be to approve every decision by chapters.
>>
>> There are items in the proposal that I disagree more strongly with,
>> but at this point, I won't elaborate on it, because my intent on No
>> vote is based on philosophical standing.
>>
>> Thanks.
>>
>>
>>
>> On Tue, Mar 13, 2012 at 11:35 AM, Josh Sokol <josh.sokol at owasp.org>
>> wrote:
>> > For single-chapter events there would be two "buckets" each with a
>> target
>> > amount of the chapter budget.  For multi-chapter events we just add more
>> > buckets for the additional chapter budgets.  Once a chapter bucket is
>> full,
>> > they stop earning money from the event and the remaining amount goes to
>> the
>> > Foundation.  This ensures that the Foundation and the Chapter earn money
>> > from the event at an equal rate.  Your example of how the funds would
>> get
>> > split is correct.
>> >
>> > Budgets are only necessary if a chapter wants to receive money from an
>> event
>> > or if they have more than $5,000 in their bank account at the end of the
>> > year.  This was requested by the Board in the guiding objective which
>> states
>> > "We would like some sort of annual review, requirements, or rules to
>> address
>> > the issue of stale chapter funds in excessive amounts" as well as "We
>> would
>> > like some periodic recap on funds spent by chapters to help ensure
>> funds are
>> > appointed on items aligned with the OWASP Mission".  Yes, this does add
>> some
>> > additional operational work for our committee.
>> >
>> > ~josh
>> >
>> >
>> > On Tue, Mar 13, 2012 at 1:19 PM, Seba <seba at owasp.org> wrote:
>> >>
>> >> can you explain:
>> >> "Profit will be split 50/50 between the foundation and the chapter up
>> >> until the chapter has received an amount equal to the chapter annual
>> budget
>> >> amount"
>> >> My understanding is:
>> >> if in belgium we have an annual budget of € 10000, and we organize an
>> >> event with income resulting in a e.g. € 25000 the split would be €
>> 15000 to
>> >> the foundation and €10000 to the chapter?
>> >>
>> >> a general remark: it seems we are loading a lot of operational work on
>> the
>> >> committee in reviewing local budgets?
>> >>
>> >> --seba
>> >> On Tue, Mar 13, 2012 at 6:11 PM, Josh Sokol <josh.sokol at owasp.org>
>> wrote:
>> >>>
>> >>> Please discuss.  We will be taking this to a committee vote for
>> approval
>> >>> at the next Chapter Committee meeting next Monday, March 19th.
>> Please be
>> >>> sure to send me and Sarah your vote before that deadline if you will
>> be
>> >>> unable to attend the meeting.  Thank you.
>> >>>
>> >>> ~josh
>> >>>
>> >>>
>> >>> On Tue, Mar 13, 2012 at 12:05 PM, Sarah Baso <sarah.baso at owasp.org>
>> >>> wrote:
>> >>>>
>> >>>> Global Chapters Committee,
>> >>>>
>> >>>> (Note: same email send to Conference Committee on separate thread)
>> >>>>
>> >>>>
>> >>>>
>> >>>> In response to the guiding objectives by the board, the Conferences
>> and
>> >>>> Chapter Committee Chairs have worked together to formulate some
>> policy
>> >>>> changes that we believe will meet the direction of the board while
>> allowing
>> >>>> chapters and the foundation to grow and innovate.  These points have
>> been
>> >>>> discussed at length and now we wish to hear your input on the
>> matter.  We
>> >>>> have agreed on the outlined plan below and as a result each of us
>> will not
>> >>>> make comments here past clarifications to any questions any of you
>> have to
>> >>>> the proposed policy.  We would like to cap the debate on this topic
>> and take
>> >>>> the following to a committee vote on Monday, March 19th using a
>> majority
>> >>>> approval rule for both committees in order to meet the board's 45 day
>> >>>> deadline.
>> >>>>
>> >>>>
>> >>>>
>> >>>> The Global Chapters Committee shall:
>> >>>>
>> >>>> ●      Manage all chapter meetings or trainings that do not charge a
>> fee
>> >>>> for admission.
>> >>>>
>> >>>> ●      Establish an annual budget process for all chapters
>> >>>>
>> >>>> ○      At the end of each calendar year, a chapter with more than
>> $5,000
>> >>>> in it's bank account must submit a budget to be reviewed by the
>> Global
>> >>>> Chapters Committee to justify the rollover of any funds beyond that
>> amount.
>> >>>> In the event that the chapter does not submit a budget for the
>> remaining
>> >>>> funds or if any unbudgeted funds remain after December 31, the
>> chapter will
>> >>>> be given one month to determine another OWASP Chapter, Committee, or
>> Project
>> >>>> to allocate the unused funds toward.  If no designations are made
>> before
>> >>>> February 1, then all unused funds will be transferred to the OWASP
>> >>>> Foundation main account.
>> >>>>
>> >>>> ○      Any chapter with more than $10,000 must also obtain Board
>> >>>> approval for their annual budget.
>> >>>>
>> >>>> ○      The Global Chapters Committee will maintain "official"
>> budgets on
>> >>>> the wiki or via google docs where they are accessible to all OWASP
>> >>>> participants.
>> >>>>
>> >>>> ○      The Global Chapters Committee will update Chapter 4 - Section
>> 7
>> >>>> of the Chapter Handbook with the new budget policy.
>> >>>>
>> >>>> ●      Establish by June 1st chapter spending guidelines (These
>> should
>> >>>> be under Chapter 4 - Section 7.1 of the Chapter Handbook)
>> >>>>
>> >>>> ●      Have the responsibility and authority for supporting and
>> managing
>> >>>> all chapter meetings
>> >>>>
>> >>>> ○      The Chapter Handbook authored by the Global Chapters Committee
>> >>>> shall serve as the single point of truth for all chapter policies
>> >>>>
>> >>>> ○      The Global Chapters Committee shall set all chapter policies
>> >>>>
>> >>>>
>> >>>>
>> >>>> The Global Conferences Committee shall:
>> >>>>
>> >>>> ●      Manage all events that charge a fee for admission (voluntary
>> >>>> donations exempted) and any free event determined by the organizer
>> to be a
>> >>>> conference versus a chapter meeting
>> >>>>
>> >>>> ●      Have the responsibility and authority for supporting and
>> managing
>> >>>> all events
>> >>>>
>> >>>> ○      The Global Conferences Committee has the responsibility for
>> >>>> procuring and managing centralized assets such as, but not limited to
>> >>>> registration tools and financial management tools
>> >>>>
>> >>>> ○      The Global Conferences Committee policy page shall serve as
>> the
>> >>>> single point of truth for all event policies
>> >>>>
>> >>>> ○      The Global Conferences Committee shall set all event policies
>> >>>> with the exception of the profit sharing policy which requires the
>> >>>> concurrence of the majority of the Global Chapters Committee to be
>> modified.
>> >>>>
>> >>>> ●      The OWASP Event Management System (formerly OCMS) will serve
>> as
>> >>>> the single point of truth for OWASP events, AND will provide
>> functionality
>> >>>> to track chapter meetings in the next release
>> >>>>
>> >>>> ●      The Global Conferences Committee will revisit current event
>> >>>> definitions and include clear, objective definitions of event types
>> as well
>> >>>> as the anticipated support level from the foundation.  These must be
>> >>>> approved by June 1st.
>> >>>>
>> >>>> ●      The Global Conferences Committee will take a more active,
>> direct
>> >>>> role in the planning the marquee foundation events (currently
>> defined as
>> >>>> Global AppSec Events) including having a representative serve as
>> Chair for
>> >>>> these events.  (For this, Global Conferences Committee will require
>> a full
>> >>>> time support asset to handle the additional event coordination.
>> Without
>> >>>> these additional resources the conferences committee can not take on
>> this
>> >>>> added responsibility and will maintain an advisory/oversight role)
>> >>>>
>> >>>> ●      Any and all event policies in effect at the time of event
>> >>>> approval shall apply to the event without modification unless a
>> specific
>> >>>> requirement to do so is set by the Board.
>> >>>>
>> >>>> ●      The Global Conferences Committee will implement a policy for
>> >>>> managing all event funds through the foundation
>> >>>>
>> >>>> ○      The OWASP foundation will provide all "seed funds" needed for
>> >>>> events up to the approved event budget and beyond with Global
>> Conferences
>> >>>> Committee approval
>> >>>>
>> >>>> ○      The Global Conferences Committee shall be responsible for the
>> >>>> review, approval and signature of all contracts related to events
>> >>>>
>> >>>> ○      The Global Conferences Committee may provide an exception for
>> >>>> events with extraordinary circumstances
>> >>>>
>> >>>> ○      Any event using the OWASP brand not using the Foundation to
>> >>>> process it's finances will be in violation of OWASP brand usage
>> rules and
>> >>>> will be referred to the Board for action
>> >>>>
>> >>>> ●      The Global Conferences Committee will set the following
>> branding
>> >>>> rules except where it is unreasonable to do so
>> >>>>
>> >>>> ○      All events must use "OWASP" in their title, such as "OWASP's
>> >>>> AppSec XYZ"
>> >>>>
>> >>>> ○      Events may use their own logos so long as they include the
>> OWASP
>> >>>> wasp (The Global Conferences Committee will manage logo approvals),
>> color
>> >>>> palate is optional
>> >>>>
>> >>>> ○      The OWASP logo must be present on all websites/materials,
>> except
>> >>>> where it is unreasonable to do so
>> >>>>
>> >>>> ○      A link back to owasp.org must be present on all
>> >>>> websites/materials except where it is unreasonable to do so
>> >>>>
>> >>>> ●      The Global Conferences Committee sets the following event
>> profit
>> >>>> sharing model for all events:
>> >>>>
>> >>>> ○      At the time of approval, the Global Conferences Committee will
>> >>>> record the chapter's current annual budget expenditures (referred to
>> as
>> >>>> chapter annual budget)
>> >>>>
>> >>>>                                           ■Chapters that do not have
>> >>>> approved budgets shall have the chapter annual budget value set to $0
>> >>>>
>> >>>>                                           ■It is the responsibility
>> of
>> >>>> the chapter to plan ahead appropriately to get this budget through
>> the
>> >>>> Global Chapters Committee approval process if they intend to use the
>> event
>> >>>> to generate chapter revenue
>> >>>>
>> >>>> ○      Profits are all monies collected for the event (regardless of
>> >>>> source) above the direct expenditures for the event
>> >>>>
>> >>>>                                           ■Any membership
>> registrations
>> >>>> as result of an event will be handled per Global Membership
>> Committee policy
>> >>>> and are not considered in this equation
>> >>>>
>> >>>> ○      Profit will be split 50/50 between the foundation and the
>> chapter
>> >>>> up until the chapter has received an amount equal to the chapter
>> annual
>> >>>> budget amount
>> >>>>
>> >>>> ○      After the chapter has received an amount equal to the chapter
>> >>>> annual budget the Foundation shall receive 100% of the remaining
>> profits.
>> >>>>
>> >>>> ○      Any Event Losses shall be the responsibility of the Foundation
>> >>>>
>> >>>>
>> >>>>
>> >>>> Sarah Baso on behalf of Mark Bristow and Josh Sokol
>> >>>>
>> >>>> --
>> >>>> OWASP Operational Support:
>> >>>> Conference Logistics & Community Relations
>> >>>>
>> >>>> Dir: 312-869-2779
>> >>>> skype: sarah.baso
>> >>>>
>> >>>
>> >>>
>> >>> _______________________________________________
>> >>> Global_chapter_committee mailing list
>> >>> Global_chapter_committee at lists.owasp.org
>> >>> https://lists.owasp.org/mailman/listinfo/global_chapter_committee
>> >>>
>> >>
>> >
>> >
>> > _______________________________________________
>> > Global_chapter_committee mailing list
>> > Global_chapter_committee at lists.owasp.org
>> > https://lists.owasp.org/mailman/listinfo/global_chapter_committee
>> >
>>
>>
>>
>> --
>> Tin Zaw, CISSP, CSSLP
>> Chapter Leader and President, OWASP Los Angeles Chapter
>> Member, OWASP Global Chapter Committee
>> Google Voice: (213) 973-9295
>> LinkedIn: http://www.linkedin.com/in/tinzaw
>>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>


-- 
Tin Zaw, CISSP, CSSLP
Chapter Leader and President, OWASP Los Angeles Chapter
Member, OWASP Global Chapter Committee
Google Voice: (213) 973-9295
LinkedIn: http://www.linkedin.com/in/tinzaw
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/global_chapter_committee/attachments/20120319/0ffad64a/attachment-0001.html>


More information about the Global_chapter_committee mailing list