[Owasp-board] 2006 End Financials

Dinis Cruz dinis at ddplus.net
Fri Jan 19 13:58:46 UTC 2007

Thanks Dave for these numbers.

Can I publish them? Also when will we have the final accounts ready (similar
to wikipedia's

I am still wrapping up the AoC stuff (I want to write a proper review for
each project), but we can really say that it was a massive success and a
great way to spend our funds.

So to spend the money available, I would like to propose the following plan:

   - In the short term we should only spend non-operational money (i.e.
   excluding hosting costs, etc..) on two things: SpoC (Spring of Code) and the
   'Membership Pack'
   - Unless the employee to hire is to do administrative stuff, i am now
   convinced that the last thing OWASP needs at the moment is a manager. The
   current structure (owasp-board, owasp-leaders,chapter-leaders, etc..) is
   working very well and OWASP continues to grow at a fast but manageable
   speed, so we should keep it that way. And for administrative stuff, we can
   get those resources under the SpoC (OWASP Spring of Code)
   - So, for the SpoC I would like to propose this:
      - First very important rule (which I think will make this much
      more transparent), no member of the OWASP board is allowed to apply to a
      SpoC sponsorship (i.e. the four of us :) )
      - We encourage Owasp project leaders to submit proposals and
      keep the current selection criteria (
      which favours them
      - Initial Budget will be $100,000 (but note that I will do a
      membership drive (probably between 15th February and 15th March)
using the
      argument 'every member fee that joins between this period will
be added to
      the SpoC initial 100k funds (so we might actually get more that 100k))
      - For the projects to be sponsored I would like to propose the
      following numbers as an initial guideline (of course that
depending on the
      proposals we can reorganize this)
      - $40,000 on Big projects - 8 projects @ $5,000 each
         - $30,000 on Medium projects - 12 projects @ $2,500 each
         - $20,000 on Small projects - 20 projects @ $1,000 each
         - $10,000 on Donations to Open Source projects: 10
         donations of $1,000 each
      - Give the possible size of SpoC projects probably one Big (or
      one Medium or two Small)  will be allocated to somebody to help
manage the
      whole process
      - (note: I was event thinking of using the concept of
      'micro-credit' here, and have $100 mini-projects (which are perfect for
      students outside high GNI countries, but I will put that as an idea for a
      Medium project (for example: 'Manage the distribution of $100
      to specific projects' (this is still an early-days idea, so we
might have to
      wait for the SmoC or AoC2 for that ))
      - I don't think we should normalize these sponsorship numbers by
      GNI (although we might take into account the location of the applicant).
      This at the moment favours lower rating GNI applicants, but on
the AoC that
      wasn't really an issue.
      - The 10 'Donations to Open Source projects' ($1,000 each) is an
      idea that I REALLY would like you guys to accept since it is win-win all
      over the place:
         - The idea is to get OWASP Members (and only the members)
         to vote of the top 10 Open Source projects they use in their
companies (we
         might need to make each corporate member worth 10 points and
         members 1 point)
         - Naturally the payment would be made to the top 10 voted
         - The payment would be a no-strings attached "Thanks for
         the hard work in creating this tool (which is widely used and
appreciated in
         the OWASP community) and please keep working on the next version"
         - This would be another 'unique benefit to OWASP members'
         - And the PR/Media coverage should be great. We can even
         make announce and present them at OWASP conferences (to make
it a bit more
      - We also need to talk about how the money for local chapters
   will work, and I am temped to say (in the short term) there that will be NO
   model or money distribution from OWASP's mothership to the chapters (which
   could get really messy). If a chapter wants funds, it can apply to them the
   via SpoC
   - The 'Membership Pack' pack should be created by an SpoC project and
   its production funded separately (would $10,000 do?)

What do you guys think?


On 1/18/07, Dave Wichers <dave.wichers at aspectsecurity.com> wrote:
>  Here's our end of FY2006 financials on a Cash basis. We still owe about
> $15K for the rest of the AoC but we still have LOTS left over. Lets figure
> out the best way to invest this $, including another AoC round, Spring of
> Code?, hiring some interns, and maybe hiring an employee??
> Where do you think we would be best investing?
> -Dave

Dinis Cruz
Chief OWASP Evangelist, Are you a member yet?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20070119/7782b84a/attachment-0002.html>

More information about the Owasp-board mailing list