[Governance] [Owasp-board] [Owasp-leaders] Requesting Community Feedback on Virtual Management

johanna curiel curiel johanna.curiel at owasp.org
Thu Jun 19 17:32:59 UTC 2014


Yes, indeed. In the end is the Board's decision on these matters.


On Thu, Jun 19, 2014 at 1:00 PM, Tom Brennan - OWASP <tomb at owasp.org> wrote:

> I read this on Wikipedia so it must be true what the BOD is responsible
> for and what governs that responsibility.
>
>  http://en.m.wikipedia.org/wiki/Board_of_directors
>
>
> Tom Brennan
> 973-202-0122
>
> On Jun 19, 2014, at 12:37 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
>
> That would depend, I suppose, on how the committee was scoped in it's
> creation.  If the committee was created with the scope of finding the final
> candidates, then that would probably be a Board decision.  If the committee
> was created with the scope of finding and selecting an ED, then yes.
>
> Purely hypothetical, but couldn't VM only feed us poor candidates in order
> to make a stronger case for sticking around longer than necessary?  I'm not
> saying that they would, but if you want to maintain objectivity, I think
> it'd make sense not to include them in those types of activities.  You
> could definitely ask for their advice, opinions, etc.
>
> I don't see any obvious reason why our ED would have to be in the US, but
> I don't know.  I think we're putting the cart before the horse here.  Let's
> figure out if Virtual is the right team to help us make the transition
> first and these types of questions are actually a great way to leverage
> their knowledge and experience.
>
> ~josh
>
>
> On Thu, Jun 19, 2014 at 11:22 AM, johanna curiel curiel <
> johanna.curiel at owasp.org> wrote:
>
>>  >I don't think we want Virtual to be looking for an ED as that's a very
>> clear conflict of interest.  If we determine that hiring a replacement ED
>> is the desired next step, then I think that Carlos' committee approach is a
>> sensible one.  They would create the proposal, conduct the search, and make
>> candidate recommendations.
>>
>> The committee does in  the end take the final decision right? I agree
>> that there could be a conflict too but only if VM takes any decisions.
>> Hiring an ED requires Human Resources background so I though why not use VM
>> skills?. I would like to see that committee formed also by members with
>> experiencing in hiring (if needed as you mentioned). I assume that this
>> position only applies for residents in the US since it is for OWASP
>> foundation in US? or Does it matter?
>>
>>
>>
>> On Thu, Jun 19, 2014 at 12:15 PM, Josh Sokol <josh.sokol at owasp.org>
>> wrote:
>>
>>> This is spot on with one exception.  I don't think we want Virtual to be
>>> looking for an ED as that's a very clear conflict of interest.  If we
>>> determine that hiring a replacement ED is the desired next step, then I
>>> think that Carlos' committee approach is a sensible one.  They would create
>>> the proposal, conduct the search, and make candidate recommendations.
>>>
>>> ~josh
>>>
>>>
>>> On Thu, Jun 19, 2014 at 10:53 AM, johanna curiel curiel <
>>> johanna.curiel at owasp.org> wrote:
>>>
>>>>  >If we were to consider your suggestion, do you think that we could
>>>> still meet Sarah's August 4th deadline between assembling the
>>>> committee, drafting the RFP, searching suppliers, interviewing, hiring, and
>>>> training/transition?
>>>>
>>>> maybe not but then it has to be clear as you just have done, that
>>>> the board does not have time and resources to set an Open tender process in
>>>> place.
>>>>
>>>> I suggest that since the hiring of this company its an
>>>> urgent/transition matter, that the contract should not be long term and
>>>> that actually the VM< company has a clear tasks for looking for a ED.
>>>>
>>>> Once they have helped with the transition process and hiring of a
>>>> competent ED, the new ED together with a committee, could set a Term of
>>>> references for defining the nature of the contract between VM and OWASP
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Thu, Jun 19, 2014 at 11:41 AM, Josh Sokol <josh.sokol at owasp.org>
>>>> wrote:
>>>>
>>>>> I do agree with your approach, and think it makes sense to leverage a
>>>>> committee approach similar to that proposed in finding a replacement ED,
>>>>> but my concern is that for every day we wait for a committee to determine
>>>>> what our next best step is, that is a day that we lose for the replacement
>>>>> and Sarah to transition tasks.  Sarah's expressed desire was to have a
>>>>> replacement in place and on-boarded no later than August 4th with her
>>>>> staying on until August 22nd (assuming the baby doesn't come early).  We
>>>>> have roughly a month and a half based on her proposed deadline to find
>>>>> someone, train them, and make the transition.  The Virtual proposal was not
>>>>> designed as a replacement ED, but rather, a way to get someone up and
>>>>> running quickly for this transition without the significant time investment
>>>>> of interviewing and hiring.  If we were to consider your suggestion, do you
>>>>> think that we could still meet Sarah's August 4th deadline between
>>>>> assembling the committee, drafting the RFP, searching suppliers,
>>>>> interviewing, hiring, and training/transition?
>>>>>
>>>>> ~josh
>>>>>
>>>>>
>>>>> On Thu, Jun 19, 2014 at 9:42 AM, Carlos Allendes <
>>>>> carlos.allendes at owasp.org> wrote:
>>>>>
>>>>>> Josh
>>>>>>
>>>>>> Answering the initial question.
>>>>>>
>>>>>> If we want to evaluate an external service provider (even the
>>>>>> replacement of Executive Director).   I think that there should be a formal
>>>>>> process of selecting suppliers with an RFP that define the objectives,
>>>>>> scope, penalties...   (
>>>>>> http://en.wikipedia.org/wiki/Request_for_proposal  )
>>>>>>
>>>>>> If we want OWASP grow up. Everything should be formal... and
>>>>>> radically transparent.
>>>>>>
>>>>>> Josh
>>>>>> If the board wishes we can assemble a work-team that drafted the RFP
>>>>>> and make this formal search for suppliers... then select finalists for the
>>>>>> board last  eval/selection.
>>>>>>
>>>>>>
>>>>>> Hope this help.
>>>>>>
>>>>>>
>>>>>> ----------
>>>>>> Carlos Allendes Droguett
>>>>>> OWASP Chile, chapter leader
>>>>>> Links  MailingList <http://goo.gl/LBELa>   WebPage
>>>>>> <http://goo.gl/9wuFX>    eMail <carlos.allendes at owasp.org>
>>>>>> skype: carlos_allendes_droguett
>>>>>>
>>>>>>  ** In God we trust. All others must bring data. **
>>>>>> ----------
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> 2014-06-18 17:24 GMT-04:00 Josh Sokol <josh.sokol at owasp.org>:
>>>>>>
>>>>>>>  OWASP Community,
>>>>>>>
>>>>>>> As you already know, our Executive Director, Sarah Baso, recently
>>>>>>> announced
>>>>>>> <http://lists.owasp.org/pipermail/owasp-leaders/2014-June/012007.html>
>>>>>>> that she will be leaving OWASP in August in order to spend quality time
>>>>>>> with the coming addition to her family.  Since she initially notified us of
>>>>>>> her intent, the Board and Sarah began the conversation of how OWASP would
>>>>>>> move forward in her absence.  I think we all are aware that Sarah has made
>>>>>>> some amazing contributions to our organization and her absence will not go
>>>>>>> unnoticed.  That said, it is important for us to think about a short-term
>>>>>>> transition plan as well as a long-term vision for the role of Executive
>>>>>>> Director at OWASP.
>>>>>>>
>>>>>>> No decisions have been made yet, but the Board believes that there
>>>>>>> may be significant value in working with a third-party professional
>>>>>>> management firm with experience in global finance, human resources, and
>>>>>>> non-profit growth in order to help us to assess where we are today and
>>>>>>> where we would like to get to with the Foundation.  The goal would be to
>>>>>>> use them to transition many of Sarah's current responsibilities, leverage
>>>>>>> their expertise to determine if there are areas that we can improve upon,
>>>>>>> and then reassess our options at that time (tentatively Q4 2014).  We could
>>>>>>> elect to keep them around, conduct a search for a new Executive Director,
>>>>>>> or whatever we all feel makes sense as we push forward.
>>>>>>>
>>>>>>> After researching several such services, we have all been very
>>>>>>> impressed with a company called Virtual Management Inc.
>>>>>>> <http://www.virtualmgmt.com/manage-your-association/>  Their
>>>>>>> support would include time from Greg Kohn
>>>>>>> <https://www.linkedin.com/profile/view?id=9724195> as the Team
>>>>>>> Lead, Tom Pappas <https://www.linkedin.com/profile/view?id=23028879>
>>>>>>> for Finance and Grants, and Janice Carroll
>>>>>>> <https://www.linkedin.com/profile/view?id=37004151> for
>>>>>>> Operations.  They have a large volume of experience working with non-profit
>>>>>>> organizations similar to our own and received a positive review for their
>>>>>>> current work with the Apache Software Foundation.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> * QUESTION: Has anyone had a business relationship with: Virtual
>>>>>>> Management Inc. or Wakefield, MA or any of its employees? Website:
>>>>>>> http://www.virtualmgmt.com/ <http://www.virtualmgmt.com/> Linkedin:
>>>>>>> https://www.linkedin.com/company/50550
>>>>>>> <https://www.linkedin.com/company/50550>*
>>>>>>>
>>>>>>> We are conducting our due diligence and are looking for anyone who
>>>>>>> has had either GOOD or BAD experiences with Virtual.  OWASP Community, if
>>>>>>> you have any feedback regarding Virtual, we would love to hear your
>>>>>>> comments.  Please, if you have any thoughts, feel free to respond back to
>>>>>>> this message, send us an e-mail in private, or call any of us up.  We have
>>>>>>> a contract from Virtual, but wanted to make sure that there were no
>>>>>>> significant concerns from the community before signing.  We've set a soft
>>>>>>> deadline of 5:00 PM PST on Friday, June 20th to try and collect all
>>>>>>> feedback and make a decision on how to proceed.  Thank you very much in
>>>>>>> advance for anything that you can add to this conversation!
>>>>>>>
>>>>>>> Sincerely,
>>>>>>>
>>>>>>> The OWASP Board of Directors
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> OWASP-Leaders mailing list
>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Governance mailing list
>>>>> Governance at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/governance
>>>>>
>>>>>
>>>>
>>>
>>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/governance/attachments/20140619/e7392c1e/attachment-0001.html>


More information about the Governance mailing list