[Owasp-board] FW: Audit of OWASP

Dinis Cruz dinis at ddplus.net
Thu Jun 7 22:51:28 UTC 2007


I think these 5k are a good investment, even to the point were we should
make it public that we paid those 5k (again the message will be: this was a
serious review done by a professional accountancy firm)

On that note, Dave can you confirm that they will give us a document that
will look like this one:
http://upload.wikimedia.org/wikipedia/foundation/2/28/Wikimedia_2006_fs.pdf
<http://upload.wikimedia.org/wikipedia/foundation/2/28/Wikimedia_2006_fs.pdf>(and
that it will include a 'Report Of Independent Certified Public
Accountants' covering letter?

Thanks

Dinis

On 6/7/07, Dave Wichers <dave.wichers at owasp.org> wrote:
>
>  I agree with all this, but the same people that we would be paying the
> $5K to, are the same people that did our taxes for the past two years and so
> they have already seen most of this data anyway. I'm sure an 'audit' pokes a
> little deeper but they are the ones that suggested we simply post our 990.
>
>
>
> Would that serve the same purpose/have the same affect? If so, then the
> $5K is a wasted expense. If it would not have the same affect, then spending
> money is probably appropriate.
>
>
>
> What do you think? Would it be equivalent/good enough, or not?
>
>
>
> Thanks, Dave
>
>
>
> *From:* owasp-board-bounces at lists.owasp.org [mailto:
> owasp-board-bounces at lists.owasp.org] *On Behalf Of *Andrew van der Stock
> *Sent:* Thursday, June 07, 2007 12:51 PM
> *To:* Dinis Cruz; OWASP Board
> *Subject:* Re: [Owasp-board] FW: Audit of OWASP
>
>
>
> Folks,
>
> I agree – 2006 is the year we had the most funds, and I'm sure it will
> show that everything is in order if we do a full audit. It's also the first
> year that all four of us were on board as a team, and therefore demonstrates
> that we've been fiscally responsible (assuming everything is indeed okay).
> As this is an expense that was going to catch up with us in one way or
> another, let's get it out of the road, and pay the $5k for the 2006 full
> audit, but let's keep on top of things from here on in.
>
> Dinis, can you please keep an eye out for new memberships that derive from
> our increased transparency. For example, if you know of a few folks who
> would join, but currently are not, we should chase them down afterwards to
> help pay for the audit.
>
> Although we are a non-profit, this does not mean we spend everything every
> year. We should look towards one day having a paid staff. Without having
> something in the kitty for that eventuality, we will only grow so big. This
> happened to SAGE-AU, and we were stuck at 750 members for years because of
> it. Only when we got a full time admin assistant processing memberships, and
> an Executive Director on board did they start growing again. SAGE-AU now has
> over 2000 financial members today.
>
> We should really start converting more chapters into mostly individual
> members. Having a steady stream of income pays for these sorts of things. At
> all of the meetings I've been to so far, there's been no pressure to join.
> Think about what we can do with chapters like NY/NJ with over 100 members if
> they were all financial to the tune of $100 or so? That's $10k and one
> chapter. But there has to be a reason for folks to pay. Let's work up a
> schedule of things that are member-only.
>
> Thanks,
> Andrew
>
> On 6/7/07 7:53 AM, "Dinis Cruz" <dinis at ddplus.net> wrote:
>
> I agree that this will pay itself  easily, and we need to look at it as a
> OWASP operational expense.
>
> And btw, we also need to have the numbers of what are the monthly OWASP
> operation expenses. So that we can plan our budgets.
>
> Dinis
>
> On 6/7/07, *Jeff Williams* <jeff.williams at owasp.org> wrote:
>
> I really hate to waste OWASP's precious funds, but I think Dinis is right
> – this will probably pay for itself many times over.
>
>
>
> --Jeff
>
>
>
>
>
> *From:* owasp-board-bounces at lists.owasp.org
> <mailto:owasp-board-bounces at lists.owasp.org><owasp-board-bounces at lists.owasp.org>[
> mailto:owasp-board-bounces at lists.owasp.org]<owasp-board-bounces at lists.owasp.org%5D>
> *On Behalf Of *Dinis Cruz
> *Sent:* Thursday, June 07, 2007 5:36 AM
> *To:* OWASP Board
> *Subject:* Re: [Owasp-board] FW: Audit of OWASP
>
>
>
> I think we should go for the 5k option. In things like finance we need to
> be as transparent and clear as possible. And since the simple review is
> 3,500 we might as well go a bit further and do the 5,000.
>
> I do think that this is money very well spent, and something that our
> existing and potential members will really appreciate.
>
> And once this is completed, I would like to issue a Press Release about it
> since we are starting to be a very good success story. And the more
> visibility we have in issues like this, the easier will be for certain
> companies to become OWASP members.
>
> Dinis
>
> On 6/7/07, *Dave Wichers* <dave.wichers at owasp.org> wrote:
>
> Dinis,
>
>
>
> I haven't looked at the 990 yet as we just got it, but what do you think
> about doing this instead of spending $5K-$10K on some kind of formal audit.
> I'd really rather spend that $ on something else.
>
>
>
> This company is the company that has been doing the OWASP Tax Returns for
> the past two years.
>
>
>
> -Dave
>
>
>
> *From:* Andi McDowell
> *Sent:* Wednesday, June 06, 2007 11:44 AM
> *To:* Dave Wichers; Jeff Williams
> *Subject:* Audit of OWASP
>
>
>
> I talked with Carol Malstrom at TR Klien (They prepare the OWASP 990).
>  Her original thought was that we could post the 990 (which is what OWASP
> files for taxes) on the OWASP site.  For a full audit of 2006, the cost
> would be around $5,000.  For an audit back to when OWASP started with us, it
> would run about $10k.  She felt an audit of 2006 should be sufficient as
> they would review all of the beginning balances for the year.   Her feeling
> was that if no one is forcing an audit, it seems an unnecessary expense.
>
> The final option would be to do a simple review, which would cost $3500
> for 2006, $6k for 2005 and 2006.  They simply send a letter saying "we've
> reviewed the books and everything appears to be in order".
>
> Let me know what you would prefer doing.
>
> Andi
>
>
>
>
>
>
>
>
>
>
>  ------------------------------
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20070607/4239e0b4/attachment-0002.html>


More information about the Owasp-board mailing list