[Governance] [Owasp-leaders] Requesting Community Feedback on Virtual Management

Josh Sokol josh.sokol at owasp.org
Thu Jun 19 16:37:57 UTC 2014


That would depend, I suppose, on how the committee was scoped in it's
creation.  If the committee was created with the scope of finding the final
candidates, then that would probably be a Board decision.  If the committee
was created with the scope of finding and selecting an ED, then yes.

Purely hypothetical, but couldn't VM only feed us poor candidates in order
to make a stronger case for sticking around longer than necessary?  I'm not
saying that they would, but if you want to maintain objectivity, I think
it'd make sense not to include them in those types of activities.  You
could definitely ask for their advice, opinions, etc.

I don't see any obvious reason why our ED would have to be in the US, but I
don't know.  I think we're putting the cart before the horse here.  Let's
figure out if Virtual is the right team to help us make the transition
first and these types of questions are actually a great way to leverage
their knowledge and experience.

~josh


On Thu, Jun 19, 2014 at 11:22 AM, johanna curiel curiel <
johanna.curiel at owasp.org> wrote:

>  >I don't think we want Virtual to be looking for an ED as that's a very
> clear conflict of interest.  If we determine that hiring a replacement ED
> is the desired next step, then I think that Carlos' committee approach is a
> sensible one.  They would create the proposal, conduct the search, and make
> candidate recommendations.
>
> The committee does in  the end take the final decision right? I agree that
> there could be a conflict too but only if VM takes any decisions. Hiring an
> ED requires Human Resources background so I though why not use VM skills?.
> I would like to see that committee formed also by members with experiencing
> in hiring (if needed as you mentioned). I assume that this position only
> applies for residents in the US since it is for OWASP foundation in US? or
> Does it matter?
>
>
>
> On Thu, Jun 19, 2014 at 12:15 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
>
>> This is spot on with one exception.  I don't think we want Virtual to be
>> looking for an ED as that's a very clear conflict of interest.  If we
>> determine that hiring a replacement ED is the desired next step, then I
>> think that Carlos' committee approach is a sensible one.  They would create
>> the proposal, conduct the search, and make candidate recommendations.
>>
>> ~josh
>>
>>
>> On Thu, Jun 19, 2014 at 10:53 AM, johanna curiel curiel <
>> johanna.curiel at owasp.org> wrote:
>>
>>>  >If we were to consider your suggestion, do you think that we could
>>> still meet Sarah's August 4th deadline between assembling the
>>> committee, drafting the RFP, searching suppliers, interviewing, hiring, and
>>> training/transition?
>>>
>>> maybe not but then it has to be clear as you just have done, that
>>> the board does not have time and resources to set an Open tender process in
>>> place.
>>>
>>> I suggest that since the hiring of this company its an urgent/transition
>>> matter, that the contract should not be long term and that actually the VM<
>>> company has a clear tasks for looking for a ED.
>>>
>>> Once they have helped with the transition process and hiring of a
>>> competent ED, the new ED together with a committee, could set a Term of
>>> references for defining the nature of the contract between VM and OWASP
>>>
>>>
>>>
>>>
>>>
>>>
>>> On Thu, Jun 19, 2014 at 11:41 AM, Josh Sokol <josh.sokol at owasp.org>
>>> wrote:
>>>
>>>> I do agree with your approach, and think it makes sense to leverage a
>>>> committee approach similar to that proposed in finding a replacement ED,
>>>> but my concern is that for every day we wait for a committee to determine
>>>> what our next best step is, that is a day that we lose for the replacement
>>>> and Sarah to transition tasks.  Sarah's expressed desire was to have a
>>>> replacement in place and on-boarded no later than August 4th with her
>>>> staying on until August 22nd (assuming the baby doesn't come early).  We
>>>> have roughly a month and a half based on her proposed deadline to find
>>>> someone, train them, and make the transition.  The Virtual proposal was not
>>>> designed as a replacement ED, but rather, a way to get someone up and
>>>> running quickly for this transition without the significant time investment
>>>> of interviewing and hiring.  If we were to consider your suggestion, do you
>>>> think that we could still meet Sarah's August 4th deadline between
>>>> assembling the committee, drafting the RFP, searching suppliers,
>>>> interviewing, hiring, and training/transition?
>>>>
>>>> ~josh
>>>>
>>>>
>>>> On Thu, Jun 19, 2014 at 9:42 AM, Carlos Allendes <
>>>> carlos.allendes at owasp.org> wrote:
>>>>
>>>>> Josh
>>>>>
>>>>> Answering the initial question.
>>>>>
>>>>> If we want to evaluate an external service provider (even the
>>>>> replacement of Executive Director).   I think that there should be a formal
>>>>> process of selecting suppliers with an RFP that define the objectives,
>>>>> scope, penalties...   (
>>>>> http://en.wikipedia.org/wiki/Request_for_proposal  )
>>>>>
>>>>> If we want OWASP grow up. Everything should be formal... and radically
>>>>> transparent.
>>>>>
>>>>> Josh
>>>>> If the board wishes we can assemble a work-team that drafted the RFP
>>>>> and make this formal search for suppliers... then select finalists for the
>>>>> board last  eval/selection.
>>>>>
>>>>>
>>>>> Hope this help.
>>>>>
>>>>>
>>>>> ----------
>>>>> Carlos Allendes Droguett
>>>>> OWASP Chile, chapter leader
>>>>> Links  MailingList <http://goo.gl/LBELa>   WebPage
>>>>> <http://goo.gl/9wuFX>    eMail <carlos.allendes at owasp.org>
>>>>> skype: carlos_allendes_droguett
>>>>>
>>>>>  ** In God we trust. All others must bring data. **
>>>>> ----------
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> 2014-06-18 17:24 GMT-04:00 Josh Sokol <josh.sokol at owasp.org>:
>>>>>
>>>>>>  OWASP Community,
>>>>>>
>>>>>> As you already know, our Executive Director, Sarah Baso, recently
>>>>>> announced
>>>>>> <http://lists.owasp.org/pipermail/owasp-leaders/2014-June/012007.html>
>>>>>> that she will be leaving OWASP in August in order to spend quality time
>>>>>> with the coming addition to her family.  Since she initially notified us of
>>>>>> her intent, the Board and Sarah began the conversation of how OWASP would
>>>>>> move forward in her absence.  I think we all are aware that Sarah has made
>>>>>> some amazing contributions to our organization and her absence will not go
>>>>>> unnoticed.  That said, it is important for us to think about a short-term
>>>>>> transition plan as well as a long-term vision for the role of Executive
>>>>>> Director at OWASP.
>>>>>>
>>>>>> No decisions have been made yet, but the Board believes that there
>>>>>> may be significant value in working with a third-party professional
>>>>>> management firm with experience in global finance, human resources, and
>>>>>> non-profit growth in order to help us to assess where we are today and
>>>>>> where we would like to get to with the Foundation.  The goal would be to
>>>>>> use them to transition many of Sarah's current responsibilities, leverage
>>>>>> their expertise to determine if there are areas that we can improve upon,
>>>>>> and then reassess our options at that time (tentatively Q4 2014).  We could
>>>>>> elect to keep them around, conduct a search for a new Executive Director,
>>>>>> or whatever we all feel makes sense as we push forward.
>>>>>>
>>>>>> After researching several such services, we have all been very
>>>>>> impressed with a company called Virtual Management Inc.
>>>>>> <http://www.virtualmgmt.com/manage-your-association/>  Their support
>>>>>> would include time from Greg Kohn
>>>>>> <https://www.linkedin.com/profile/view?id=9724195> as the Team Lead, Tom
>>>>>> Pappas <https://www.linkedin.com/profile/view?id=23028879> for
>>>>>> Finance and Grants, and Janice Carroll
>>>>>> <https://www.linkedin.com/profile/view?id=37004151> for Operations.
>>>>>> They have a large volume of experience working with non-profit
>>>>>> organizations similar to our own and received a positive review for their
>>>>>> current work with the Apache Software Foundation.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> * QUESTION: Has anyone had a business relationship with: Virtual
>>>>>> Management Inc. or Wakefield, MA or any of its employees? Website:
>>>>>> http://www.virtualmgmt.com/ <http://www.virtualmgmt.com/> Linkedin:
>>>>>> https://www.linkedin.com/company/50550
>>>>>> <https://www.linkedin.com/company/50550>*
>>>>>>
>>>>>> We are conducting our due diligence and are looking for anyone who
>>>>>> has had either GOOD or BAD experiences with Virtual.  OWASP Community, if
>>>>>> you have any feedback regarding Virtual, we would love to hear your
>>>>>> comments.  Please, if you have any thoughts, feel free to respond back to
>>>>>> this message, send us an e-mail in private, or call any of us up.  We have
>>>>>> a contract from Virtual, but wanted to make sure that there were no
>>>>>> significant concerns from the community before signing.  We've set a soft
>>>>>> deadline of 5:00 PM PST on Friday, June 20th to try and collect all
>>>>>> feedback and make a decision on how to proceed.  Thank you very much in
>>>>>> advance for anything that you can add to this conversation!
>>>>>>
>>>>>> Sincerely,
>>>>>>
>>>>>> The OWASP Board of Directors
>>>>>>
>>>>>> _______________________________________________
>>>>>> OWASP-Leaders mailing list
>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>
>>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> Governance mailing list
>>>> Governance at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/governance
>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/governance/attachments/20140619/0d9edae1/attachment-0001.html>


More information about the Governance mailing list