[Owasp-board] FW: Audit of OWASP

Andrew van der Stock vanderaj at owasp.org
Thu Jun 7 16:51:16 UTC 2007


Folks,

I agree ­ 2006 is the year we had the most funds, and I¹m sure it will show
that everything is in order if we do a full audit. It¹s also the first year
that all four of us were on board as a team, and therefore demonstrates that
we¹ve been fiscally responsible (assuming everything is indeed okay). As
this is an expense that was going to catch up with us in one way or another,
let¹s get it out of the road, and pay the $5k for the 2006 full audit, but
let¹s keep on top of things from here on in.

Dinis, can you please keep an eye out for new memberships that derive from
our increased transparency. For example, if you know of a few folks who
would join, but currently are not, we should chase them down afterwards to
help pay for the audit.

Although we are a non-profit, this does not mean we spend everything every
year. We should look towards one day having a paid staff. Without having
something in the kitty for that eventuality, we will only grow so big. This
happened to SAGE-AU, and we were stuck at 750 members for years because of
it. Only when we got a full time admin assistant processing memberships, and
an Executive Director on board did they start growing again. SAGE-AU now has
over 2000 financial members today.

We should really start converting more chapters into mostly individual
members. Having a steady stream of income pays for these sorts of things. At
all of the meetings I¹ve been to so far, there¹s been no pressure to join.
Think about what we can do with chapters like NY/NJ with over 100 members if
they were all financial to the tune of $100 or so? That¹s $10k and one
chapter. But there has to be a reason for folks to pay. Let¹s work up a
schedule of things that are member-only.

Thanks,
Andrew

On 6/7/07 7:53 AM, "Dinis Cruz" <dinis at ddplus.net> wrote:

> I agree that this will pay itself  easily, and we need to look at it as a
> OWASP operational expense.
> 
> And btw, we also need to have the numbers of what are the monthly OWASP
> operation expenses. So that we can plan our budgets.
> 
> Dinis
> 
> On 6/7/07, Jeff Williams <jeff.williams at owasp.org> wrote:
>> I really hate to waste OWASP's precious funds, but I think Dinis is right ­
>> this will probably pay for itself many times over.
>> 
>>  
>> 
>> --Jeff
>> 
>>  
>> 
>>  
>> 
>> From: owasp-board-bounces at lists.owasp.org
>> <mailto:owasp-board-bounces at lists.owasp.org>
>> [mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Dinis Cruz
>> Sent: Thursday, June 07, 2007 5:36 AM
>> To: OWASP Board
>> Subject: Re: [Owasp-board] FW: Audit of OWASP
>> 
>>  
>> 
>> I think we should go for the 5k option. In things like finance we need to be
>> as transparent and clear as possible. And since the simple review is 3,500 we
>> might as well go a bit further and do the 5,000.
>> 
>> I do think that this is money very well spent, and something that our
>> existing and potential members will really appreciate.
>> 
>> And once this is completed, I would like to issue a Press Release about it
>> since we are starting to be a very good success story. And the more
>> visibility we have in issues like this, the easier will be for certain
>> companies to become OWASP members.
>> 
>> Dinis
>> 
>> On 6/7/07, Dave Wichers <dave.wichers at owasp.org> wrote:
>> 
>> Dinis,
>> 
>>  
>> 
>> I haven't looked at the 990 yet as we just got it, but what do you think
>> about doing this instead of spending $5K-$10K on some kind of formal audit.
>> I'd really rather spend that $ on something else.
>> 
>>  
>> 
>> This company is the company that has been doing the OWASP Tax Returns for the
>> past two years.
>> 
>>  
>> 
>> -Dave
>> 
>>  
>> 
>> From: Andi McDowell
>> Sent: Wednesday, June 06, 2007 11:44 AM
>> To: Dave Wichers; Jeff Williams
>> Subject: Audit of OWASP
>> 
>>  
>> 
>> I talked with Carol Malstrom at TR Klien (They prepare the OWASP 990).  Her
>> original thought was that we could post the 990 (which is what OWASP files
>> for taxes) on the OWASP site.  For a full audit of 2006, the cost would be
>> around $5,000.  For an audit back to when OWASP started with us, it would run
>> about $10k.  She felt an audit of 2006 should be sufficient as they would
>> review all of the beginning balances for the year.   Her feeling was that if
>> no one is forcing an audit, it seems an unnecessary expense.
>> 
>> The final option would be to do a simple review, which would cost $3500 for
>> 2006, $6k for 2005 and 2006.  They simply send a letter saying "we've
>> reviewed the books and everything appears to be in order".
>> 
>> Let me know what you would prefer doing.
>> 
>> Andi
>> 
>>  
>> 
>>  
>> 
>>  
> 
> 
> 
> 
> 
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20070607/172d0d03/attachment-0002.html>


More information about the Owasp-board mailing list