[Global_conference_committee] [Global_membership_committee] Conference/Chapter Revenue Splitting

Tony UV tonyuv at owasp.org
Tue Dec 14 14:08:52 EST 2010


Quick rebuttal:

 

Franchise remark was used as a metaphor, hence the disclaimer made and it
only relates to the split for revenue sharing.  Consider it as a way for
local chapters to be feet on the street to gather additional funds that (a)
benefit the local chapter and (b) support the overall parent organization
over the split level defined, whether 40/60 or any other type of
combination.  It still stands that having a large pot of funds with multiple
chapters spread out around the world (if this is the idea to move to a
central purse for all management and disbursement) doesn't make any sense at
all.  In the spirit of OWASP being an organization, organizations have
departmental budgets and jurisdiction over those budgets.  I don't think
that this is about Chapters opening up multiple bank accounts with their own
funds but rather having some degree of authority over funds that should be
allotted to them as a chapter.  Otherwise the bottleneck that I alluded to
before will take place.  Other organizations with a similar global reach
operate in this way.  

 

The case that I provided was mine. ATL chapter wanted to have a sponsorship
role for BSIDES ATL, a non-profit conference where the demographics of
attendees varied from that of our ~150 base membership in the city, thereby
making it appealing for us to market to these other security professionals
in a conference setting.  We did not get approved and there was not
corporate or for profit veil or intentions involved.  No big deal, but in
terms of answering your question that this has never happened,  I wanted to
at least cite one instance.

 

 

 

Tony UcedaVelez, CISM, CISA, GSEC

Chapter Lead

OWASP Atlanta

http://www.owasp.org/index.php/Atlanta_Georgia

Twitter: @versprite

 

From: Mark Bristow [mailto:mark.bristow at owasp.org] 
Sent: Tuesday, December 14, 2010 1:58 PM
To: Tony UV
Cc: Kate Hartmann; global_chapter_committee at lists.owasp.org; Eoin; Richard
Greenberg; Global_membership_committee at lists.owasp.org; Dave Wichers;
global_conference_committee
Subject: Re: [Global_membership_committee] [Global_conference_committee]
Conference/Chapter Revenue Splitting

 

Inline as well.

On Tue, Dec 14, 2010 at 1:47 PM, Tony UV <tonyuv at owasp.org> wrote:

My thoughts inline to Mark's below.

 

Tony UcedaVelez, CISM, CISA, GSEC

Chapter Lead

OWASP Atlanta

http://www.owasp.org/index.php/Atlanta_Georgia

Twitter: @versprite

 

From: global_membership_committee-bounces at lists.owasp.org
[mailto:global_membership_committee-bounces at lists.owasp.org] On Behalf Of
Mark Bristow
Sent: Tuesday, December 14, 2010 1:41 PM
To: Kate Hartmann
Cc: global_chapter_committee at lists.owasp.org; Eoin; Richard Greenberg;
Global_membership_committee at lists.owasp.org; Dave Wichers;
global_conference_committee
Subject: Re: [Global_membership_committee] [Global_conference_committee]
Conference/Chapter Revenue Splitting

 

I still disagree.

 

Where did 40/60 come into this?  That's the membership split.[Tony
UcedaVelez]  What split should it be.  Should it be one massive pool?  That
may be too cumbersome to manage financially if so; bottlenecks may arise to
shelling out funds to local chapters. I suppose the 40/60 split makes sense
from a franchise like perspective (not saying this is a franchise - metaphor
here ppl)

 

Except we arn't franchises, we're one organization.

 

 

What is the difference between the "Chapter Fund" and the main OWASP
financials?  I don't see the distinction.  [Tony UcedaVelez]  Chapter Fund
will have more localized needs that the parent OWASP financials may not
simply want to be a part of.  Local advertising, meeting provisions, etc.

 

Again, where have people asked for money and been told no?

Meeting provisions are are what membership funds, local chapter sponsors,
and direct donations are for.

 

 

I also think that 10% is still a far too significant amount in the edge
cases, which is why I'm a proponent of caps.[Tony UcedaVelez]  I'm fine with
this. 

 

I still have not heard/seen 1 example of where chapters are not getting the
support they need.  I keep asking, and no-one can give me an example.
People can come up with a bunch of hypotheticals, but no actual, real world
examples.  I believe this is a perceived provlem, not a real one.[Tony
UcedaVelez]  As it relates to financial support, here is one.  There may be
an increase of hybrid cons in a local area where the chapter leader may want
to use OWASP Chapter funds to contribute to the conference and build greater
awareness to the people attending that hybrid con (like a BSides or
Summercon or BayThreat etc) and we feel it would help 'get the word out' but
the parent org says no. This has actually happened.  As it relates to
non-financial support, I don't know but assume given the context of the
discussion that this is what is topical right now.

 

 

I don't know what your example is but no one has ever asked the Global
COnferences committee for $ and been denied.  We have said no due to OWASP
values not being consistant and partnering with for profit entities, but
Chapter funds shouldn't be used for these activities either as it's someting
OWASP dosn't do.

 

-Mark

On Tue, Dec 14, 2010 at 1:32 PM, Kate Hartmann <kate.hartmann at owasp.org>
wrote:

Group, everyone has valid points.  Chapters want to be empowered to be able
to secure the funding they need to move their chapter ahead.  The foundation
depends on the revenue to provide support to all 160 + chapters plus fund
committee projects as well as a myriad of other obligations and "wish
lists."

 

I would suggest a moderate compromise..

 

1.  implement a 40/60 revenue split from the conference profits

2.  60% goes directly to the "mothership" to make sure that operational
costs are covered

3. 10% goes directly to the local chapter who provided the volunteers to
help the conference run successfully

4.  30% goes into a "chapter fund" that is available to ALL chapters for
local chapter activities.

 

This makes sure that the local chapter is "rewarded" directly and that there
are still funds available to assist other chapters who may just be getting
started and need a bit of a financial platform on which to get going.  (I
can point to the new Uruguay chapter as an example).  The host chapter is
most certainly eligible to withdraw funds from this pool as well.

 

My major hold up with the revenue split was the idea (from a strictly
operational and global perspective) of the mothership not having sufficient
funds available to assist chapters who are not large enough to have hosted a
major AppSec Event.  

 

Kate Hartmann

Operations Director

301-275-9403

www.owasp.org <http://www.owasp.org/>  

Skype:  Kate.hartmann1

 

From: global_conference_committee-bounces at lists.owasp.org
[mailto:global_conference_committee-bounces at lists.owasp.org] On Behalf Of
Mark Bristow
Sent: Tuesday, December 14, 2010 10:04 AM
To: Dave Wichers
Cc: global_chapter_committee at lists.owasp.org; Eoin; Richard Greenberg;
Global_membership_committee at lists.owasp.org; global_conference_committee


Subject: Re: [Global_conference_committee] Conference/Chapter Revenue
Splitting

 

Dave,

 

Thanks for your input.  I'm also looping in the chapters and membership
committees.

 

Is this someting you think that the board wants to tackle, or do you want us
to continue at the Committee level?

 

-Mark

On Mon, Dec 13, 2010 at 7:41 PM, Dave Wichers <dave.wichers at owasp.org>
wrote:

I agree with Mark. I think the assistance of the local chapter should be
rewarded but a lot of the assistance comes from OWASP itself and the track
record of having the AppSec USA event year after year.

 

And I really think OWASP central can more easily allocate large amount of
funds more wisely to the benefit of all of OWASP and its community.

 

-Dave

 

From: global_conference_committee-bounces at lists.owasp.org
[mailto:global_conference_committee-bounces at lists.owasp.org] On Behalf Of
Mark Bristow


Sent: Monday, December 13, 2010 9:52 AM
To: dinis cruz
Cc: global_conference_committee; Richard Greenberg; Eoin

Subject: Re: [Global_conference_committee] Conference/Chapter Revenue
Splitting

 

That's not what I said, in fact I think that chapters can come up with new
and creative ways to wisely spend funds.  What I said was that the
organization at large needs them too.  Is there some outcry of chapters that
need more $ and can't find a source that I am missing?

 

My point is that chapters may do all of the things you mention, but with the
exception of some cases they are not.  The ones that are adopting projects,
flying in speakers et all are doing so already as far as I know with the
funds they have and the additional funding sources from the foundation that
are available, especially with some of the recently established programs.  

 

I agree that chapters should have some funds and feel empowered to use them
as they see fit, however in my example 30k represents 10% of ALL 2009 OWASP
Expenditures (based on
http://www.owasp.org/images/3/3f/2009AnnualReport.pdf).  I feel that this is
disproportionate for one chapter to hold 10% of OWASP operational
expenditures.  Also there are 174 chapters.  With this model, we can easily
over-subscribe our funding to chapters, so this is not sustainable.

 

On Mon, Dec 13, 2010 at 9:18 AM, dinis cruz <dinis.cruz at owasp.org> wrote:

Why not allowing the chapters have those funds? Do you think they will abuse
it?

 

There is no reason why chapters cannot have a bigger role in OWASP's
governance and on money spending activities (for example a chapter could
'adopt' a number of projects / Committee and on the Summit case cover the
cost of multiple participants). The main thing about money at OWASP is
people feeling empowered to spend it wisely, which if you look around is
actually a big problem at OWASP.

 

Everytime we spend a bit of money we tend to make more money, so one of the
big issues we have at OWASP is for our leaders to feel empowered and
motivated to spend it.

 

Ultimately it is all OWASP money, so the more it is wisely spent the better
(and remember that the local chapters will only screw-up once :)  i.e. if
there are abuses we can always move that money to OWASP central)

 

And if the chapter cannot find a way to spend the money wisely, then after a
period (6 or 12 months) that money should go back to OWASP central (the idea
of an 'expiry date' we talked before)

 

Dinis Cruz

 

On 13 December 2010 14:07, Mark Bristow <mark.bristow at owasp.org> wrote:

Sorry I got to push back.  Take AppSec US, your telling me you are fine with
them getting 30k in their budget?  Compared with my new model that's 27k
that the foundation can't spend on stuff like the summit.

 

I'm ok with raising the cap to say 5/7 k but I don't see the needs of any
chapter to have such a substantial budget, especially when chapters don't
have to front money from their budgets for conferences or events (GCC does
that) and there are a variety of funding sources like  OotM and the
$500/$2500 available through dinis's new program..

 

I agree chapters need a pool of funds for a variety of items (especially the
ones I can't think of) but I can't see a chapter spending 30k even over a
few years.

-Mark

 

Sent from my wireless device


On Dec 13, 2010, at 8:48 AM, dinis cruz <dinis.cruz at owasp.org> wrote:

I agree with Tin that there shouldn't be a cap on the split to the chapter.

 

Also, with the Summit, we are going to (hopefully) start the tradition that
the local funds should also be used for such events/activities (which is
where OWASP central would use that money).

 

And after all, its all OWASP money, the only difference is 'who feels
empowered to spend it'

 

On the topic of spending, in the future it might be a good idea to put an
expiry date on those funds so that the Chapters/Projects don't just sit on
the funds

 

Dinis Cruz

On 13 December 2010 07:34, Tin Zaw <tin.zaw at owasp.org> wrote:

I don't think the cap is a good idea. If the conference generates more than
$10k in profit (like AppSec USA did), why not let the local chapter(s) get
more share. It's a win-win for both local chapter(s) and HQ -- more
incentive to make it more profitable. The cap could also mean more incentive
for local chapters to cap conference profits at $10k by spending conference
on extravagant stuff like gifts, parties, etc. 

 

On Sun, Dec 12, 2010 at 5:16 PM, Mark Bristow <mark.bristow at owasp.org>
wrote:

Ooh, important oversite, sorry just not thinking.

 

Membership revenue will count to the conference overall budget (at the
normal rate).  This way, it indirectly still helps the chapter (by
increasing profitability) and is infinitely easier for Kate and Alison to
reconcile the ledger.

 

On Sun, Dec 12, 2010 at 8:12 PM, Michael Coates <michael.coates at owasp.org>
wrote:

How do you plan to handle Membership signups under this new policy (i.e
bullet #2 below)?


Michael Coates

OWASP

 

 

 

On Dec 12, 2010, at 5:07 PM, Mark Bristow wrote:

 

GCC,

 

The current policy on how conference profit splitting is done is unclear and
has been unevenly applied.  This issue has come up recently and I can't seem
to find a final policy decision on it, so here we go.  We should get this
squared away with a vote after some debate.  Things that people thought it
were are:

*	None
*	Chapter gets the normal split of any Membership signups/renewals
done with Con registration & at the conference
*	Chapters get 30% of Conference Profits (note, profits not revenue),
Conference keeps membership income

I propose a new policy:

 

A conference host chapter shall receive 30% of conference profits, up to a
cap of $3,000 into their chapter expense account.  In cases where there are
multiple host chapters, 30% of conference profits, up to a cap of $4,000
shall be split evenly among the host chapters, or via any distribution
agreed upon by the host chapters.  This applies to Global AppSec and
Regional Conferences.  Profits from local events will be split 50/50 with
the foundation.

 

Now, before we get into "why do chapters need to get a split at all", a camp
I used to be a member of, hosting an AppSec conference or regional
conference is a HUGE undertaking, as we all know.  I think this is a fair
policy in compensating the local chapter who volunteers much of their time
to put on a conference.  While the amounts are capped I think it's a
reasonable cap as chapters don't generally have large expenses.

 

Any thoughts, comments on this?

 

 



-- 
Mark Bristow
(703) 596-5175
mark.bristow at owasp.org

OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
AppSec DC Organizer - https://www.appsecdc.org

_______________________________________________
Global_conference_committee mailing list
Global_conference_committee at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/global_conference_committee

 




-- 
Mark Bristow
(703) 596-5175
mark.bristow at owasp.org

OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
AppSec DC Organizer - https://www.appsecdc.org


_______________________________________________
Global_conference_committee mailing list
Global_conference_committee at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/global_conference_committee




-- 

Tin Zaw, CISSP, CSSLP
Chapter Leader and President, OWASP Los Angeles Chapter
Google Voice: (213) 973-9295
LinkedIn: http://www.linkedin.com/in/tinzaw


_______________________________________________
Global_conference_committee mailing list
Global_conference_committee at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/global_conference_committee

 

 




-- 
Mark Bristow
(703) 596-5175
mark.bristow at owasp.org

OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
AppSec DC Organizer - https://www.appsecdc.org




-- 
Mark Bristow
(703) 596-5175
mark.bristow at owasp.org

OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
AppSec DC Organizer - https://www.appsecdc.org




-- 
Mark Bristow
(703) 596-5175
mark.bristow at owasp.org

OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
AppSec DC Organizer - https://www.appsecdc.org




-- 
Mark Bristow
(703) 596-5175
mark.bristow at owasp.org

OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
AppSec DC Organizer - https://www.appsecdc.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_conference_committee/attachments/20101214/86cffcff/attachment-0001.html 


More information about the Global_conference_committee mailing list