[Owasp-board] [Global_conference_committee] Loss from AppSec Asia
Mark Bristow
mark.bristow at owasp.org
Thu Dec 8 00:22:28 UTC 2011
For multi party contracts that might be appropriate. Not OWASP only events
-Mark
Sent from my wireless device
On Dec 7, 2011, at 6:59 PM, Eoin <eoin.keary at owasp.org> wrote:
> Mark,
> Nothing replaces a liability cap written into a contract and signed by both parties.
>
>
>
>
>
> On 7 Dec 2011, at 19:01, Mark Bristow <mark.bristow at owasp.org> wrote:
>
>> Eoin,
>>
>> Liability limitations is the point of the OCMS process and budgetary
>> review however I think the system could be made more robust.
>> Currently planners are only required to submit initial budgets for
>> review by the GCC and are supposed to get all major contracts signed
>> by the GCC liasion (although there have been several issues getting
>> this authority granted). Once the initial budgets are reviewed, there
>> are no requirements for followup (it is often requested) or any
>> additional checks when funds are dispersed.
>>
>> I'd propose that, for Global AppSecs we:
>> Require initial budgets as described for approvals
>> Require events report actual expendatures/revised budgets monthly
>> Have all expendatures not within the origional budget for that line
>> item be approved by the GCC liasion (and updated on subsequent
>> projections)
>>
>> I think adding some of these basic controls would have alieviated this
>> issue. However, on the other side of the issue we need to actually
>> enforce these rules which may be dificult.
>>
>> On Wed, Dec 7, 2011 at 1:45 PM, Eoin <eoin.keary at owasp.org> wrote:
>>> Matt ,
>>> As treasurer what are your thoughts on limiting liability for losses at
>>> global conferences. My view is If we don't do this we are leaving the
>>> foundation exposed. Such a cap should be in a contract signed by the
>>> conference organisers?? It can be a % or a figure, but right now are we in a
>>> position if unlimited liability??
>>> Anyone, thoughts??
>>>
>>>
>>>
>>>
>>> On 7 Dec 2011, at 18:19, Sarah Baso <sarah.baso at owasp.org> wrote:
>>>
>>> Alison -
>>> Can you find look to see (or maybe you know off the top of your head) if we
>>> sent any down payment or money (other than the approx. $3222 sent recently
>>> to cover hotel costs) to China for this conference. It probably would have
>>> been in late July or August of this year?
>>>
>>> They are currently at a $16,166.22 loss, but Frank Fan's company
>>> (DBAppSecurity) still owes $4742 and SecZone has said they can cover about
>>> $6,000 of the loss. The leaves about $5,500 for us to possibly cover. I
>>> want to make sure we have a full financial picture of what we have paid
>>> before anything is decided though.
>>>
>>> Thanks,
>>> Sarah
>>>
>>> On Wed, Dec 7, 2011 at 9:41 AM, Mark Bristow <mark.bristow at owasp.org> wrote:
>>>>
>>>> I believe some of the loss will be realized by each party
>>>>
>>>> -Mark
>>>>
>>>> Sent from my wireless device
>>>>
>>>> On Dec 7, 2011, at 10:33 AM, "Kate Hartmann" <kate.hartmann at owasp.org>
>>>> wrote:
>>>>
>>>> I know there is a documented loss for AppSec Asia for 2011. Is the
>>>> foundation expected to reimburse SecZone for this loss? What was the
>>>> agreement for the financials for this event. I know that much of this has
>>>> come from Rip’s personal account.
>>>>
>>>>
>>>>
>>>> We need to clear this up before the end of the year.
>>>>
>>>>
>>>>
>>>> Kate Hartmann
>>>>
>>>> Operations Director
>>>>
>>>> 301-275-9403
>>>>
>>>> www.owasp.org
>>>>
>>>> Skype: Kate.hartmann1
>>>>
>>>>
>>>>
>>>> <Copy of OWASP 2011 Appsec Asia cost-1128.xlsx>
>>>>
>>>> _______________________________________________
>>>> Global_conference_committee mailing list
>>>> Global_conference_committee at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/global_conference_committee
>>>>
>>>>
>>>> _______________________________________________
>>>> Global_conference_committee mailing list
>>>> Global_conference_committee at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/global_conference_committee
>>>>
>>>
>>>
>>>
>>> --
>>> Administrator for
>>> OWASP Global Conference Committee
>>> OWASP Global Chapter Committee
>>>
>>> Dir: 312-869-2779
>>> skype: sarah.baso
>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>
>>
>>
>> --
>> Mark Bristow
>> (703) 596-5175
>> mark.bristow at owasp.org
>>
>> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
>> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
>> AppSec DC Organizer - https://www.appsecdc.org
More information about the Owasp-board
mailing list