[Global_chapter_committee] [Global_conference_committee] LASCON Exception - Board Vote

Mark Bristow mark.bristow at owasp.org
Wed Mar 28 22:14:09 UTC 2012


I'd love to take a look at what your proposing from a conferences committee
point of view as, to my knowledge, we have not been involved in your


Sent from my wireless device

On Mar 28, 2012, at 6:10 PM, Josh Sokol <josh.sokol at owasp.org> wrote:

OWASP Board Members,

With the guidance from 2/22/2012 (
http://owasp.blogspot.com/2012/02/approval-of-lascon-exception.html) it was
stated that the updated chapter/conference policy must be approved within
45 days or LASCON exception is revoked.  If my math is correct, it has been
about 35 days since this guidance was issued after many hours of discussion
and a policy compromise between Mark and I, the policy was eventually
stricken down at the committee level.  I truly believe that everyone put
their best foot forward in this effort, but without the committee backing
of the policy I don't feel that it is in the organization's best interest
to move forward with the policy.

Since our joint policy was struck down, I have been working with my
committee members to come up with what we feel is a proper policy that
addresses the Board's guiding objectives.  Tin and I met while he was here
in Austin yesterday and came up with what I think are some good ideas on
that and we will be working to formalize it soon for the Board's
consideration.  I also provided my two questions to the Board in order to
shed some more light as to what you feel the direction of the organization
should be and we would like to be able to factor this additional guidance
into our policy.  Since it appears that this issue is far from resolved at
this time, I'd like to again request that the 45 day revocation clause
be....well.....revoked.  As I said previously, the only group this
penalizes is the LASCON planning team who is removed from the discussion at
this point (sans my dual-involvement as the committee chair) and while I
respect the Board's desire to time-bind the discussion, the ramifications
of that should apply to the committees making the decision and not the
conference that is currently focused on event planning.  Thank you for your


Josh Sokol

On Thu, Feb 23, 2012 at 9:41 AM, Michael Coates <michael.coates at owasp.org>wrote:

> We only wish to grant an exception with the understanding that no further
> exceptions are granted and that the underlying root cause needs to be
> addressed.
> This does result in tying the exception to the requirement for a fix. It
> would have been preferred for the committees to resolve this issue in the
> previous 8 months since the last exception was granted. But, now we need to
> be more aggressive on this front in order to resolve the root issue.
> Josh - do you want to setup a time to chat through your concerns with
> moving forward on LASCON planning? You do have the exception granted and
> everyone is moving forward to resolve the overall policy issue.
> I initially typed up my thoughts and questions here, but quickly realized
> that email wasn't going to hash this out quite so well - email is great,
> but not for everything :)
>  Michael
> On Feb 23, 2012, at 6:54 AM, Josh Sokol wrote:
> Michael,
> I'm 100% on board with creating a new policy as that's what the LASCON
> group has had issues with since the beginning.  I'm also 100% on board with
> the criteria the board laid out for the new policy.  The part I'm unsure of
> is where you said "The updated chapter/conference policy must be approved
> within 45 days or LASCON exception is revoked."  The only group this
> negative reprocussion applies to is the LASCON planning team and the net
> effect is that LASCON is unable to formalize any commitments until the
> policy discussion is resolved.  I agree that we need to time-bind the
> policy discussion, but wouldn't it make more sense to penalize the
> committees who are supposed to be creating the policy rather than the
> LASCON team who doesn't even get a vote on the matter?
> ~josh
> On Wed, Feb 22, 2012 at 11:59 PM, Michael Coates <michael.coates at owasp.org
> > wrote:
>> We have confidence that given the objectives provided below, the large
>> amount of thought the committees have already placed on this issue and
>> everyone's desires to build a policy for OWASP to grow that we'll be able
>> to reach this goal within 45 days.  I'm happy to help wherever I can be of
>> assistance to make this move along.
>> We want LASCON to be successful and we also want to address this issue
>> across the board so we can set a policy that works for all chapters and
>> conferences.  Without a time bound we will end up in a situation like we're
>> in now, reviewing the same situation for an exception without any work on
>> the underlying issue.
>> Everyone is in this together, it's not an "us" vs "them". So meeting the
>> goal of creating a new policy is for everyone's benefit and we'd all suffer
>> at OWASP if we did not succeed in meeting this task.
>>  Michael Coates
>> michael.coates at owasp.org
>> @_mwc
>> On Feb 22, 2012, at 6:50 PM, Josh Sokol wrote:
>> I'm curious, what is the point of granting the exception to the LASCON
>> team, but saying that it will be revoked if the committees can't come up
>> with an agreeable policy in 45 days? Seems like the only group this
>> revocation hurts is the LASCON team and the uncertainty means that we are
>> unable to commit to a facility (or anything else for that matter) until the
>> policy is changed. I was under the impression that we were intentionally
>> considering the two as separate issues for this very reason.
>> Sent from my phone so please excuse my brevity and spelling mistakes.
>> Michael Coates --- LASCON Exception - Board Vote ---
>> From:Michael Coates To:Josh Sokol, Mark BristowCc: OWASP Foundation
>> Board List, global_chapter_committee at lists.owasp.org,
>> global_conference_committee at lists.owasp.org, Sarah Baso, Kate Hartmann
>> Date:Wed, Feb 22, 2012 7:26 PM Subject:LASCON Exception - Board Vote
>> ------------------------------
>> We wanted to thank everyone for the open, honest, and respectful discussion of the Lascon exception issue.  The board has considered the information provided by all parties as well as the principles and mission of OWASP.  After discussion and deliberation we've reached the following decision:
>> The OWASP Board has voted to approve the following:
>> =
>> Approve LASCON Exception per current chapter & committee rules with the recommendation that LASCON considers the objectives provided by the Board for the new policy. Further, this is the second and final exception for LASCON.
>> The updated chapter/conference policy must be approved within 45 days or LASCON exception is revoked.
>> =
>> Recommendations for the New Policy
>> The OWASP board would like the conferences and chapters committees to work together to jointly draft and approve an update to the policies governing chapters and conference events. We appreciate all the hard work that the committees have put forth to grow our chapters and conferences to its current state.  We've accomplished some great things and this is another situation where we have to review and adjust as a result of our continued growth and success as an organization (a good problem to have).
>> As global committee members you are in the best place to determine the specifics of this policy; however, we would like to set an overall direction that will be worked towards and we’ve outlined the following objectives that should be considered for the updated chapter and conference policies.
>> We encourage the committees to review these guiding objectives and work to build a structure that will encourage the growth of OWASP and our mission.
>> 	• Guiding Objectives
>> 		• We would like to see chapter empowerment through a profit sharing model that is in line with our core value of Innovation
>> 		• We have concerns over the use of profit caps on gains from specific events
>> 		• We would like some sort of annual review, requirements, or rules to address the issue of stale chapter funds in excessive amounts
>> 		• We would like some periodic recap on funds spent by chapters to help ensure funds are appointed on items aligned with the “OWASP Mission”.
>> 		• We recognize there could be concerns over conflicting large chapter events and our core global conferences. Controls should be added to prevent this conflict (perhaps CFP blackout periods in regions within X months of a global event)
>> 		• We would like a dedicated committee with continual and significant control over the core OWASP global events (i.e. conference committee)
>> 		• Foundation has resources that can be are being provided to local chapter events but we need these costs to be accounted for in the chapter's event planning
>> 		• Controls are needed to prevent chapters from over-committing on financial costs
>> 		• Final policy and structure created by the committees should ensure, as much as is possible, that there is no incentive for chapters to form legal entities in their own countries.  Any such activity has significant implications for the foundation and must be discussed and coordinated  with the Foundation Board.
>> 	• Infrastructure
>> 		• Chapters must use established technology methods (such as regonline) any time money is handled
>> 		• CFPs need to use established OWASP procedures
>> 		• A single “source of truth” is needed for all events so that OWASP employees can best assist all events.  These include events under either  committee’s purview.
>> 	• Branding
>> 		• Naming standard enforced for all events (e.g. OWASP X)
>> 		• Logo standards that includes OWASP on all logos, event sites, collateral, etc
>> Thanks for the significant efforts that have been made thus far and we look forward to the updated policy/policies that can take OWASP and our growing member and chapter base to the next level.
>> Lastly, Kate will update the official vote record to reflect our vote and capture the above guiding objectives on the wiki.
>> -The OWASP Board
>> Michael Coatesmichael.coates at owasp.org
>> _______________________________________________
>> Global_conference_committee mailing list
>> Global_conference_committee at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/global_conference_committee
Global_conference_committee mailing list
Global_conference_committee at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/global_chapter_committee/attachments/20120328/ea84d221/attachment.html>

More information about the Global_chapter_committee mailing list