[Owasp-board] reimbursement form

Jason Li jason.li at owasp.org
Sat Dec 10 18:26:09 UTC 2011


When a requester submits a reimbursement request, they have to fill out the details of the transaction, identify the appropriate budget, and upload supporting documentation.

Upon submission, the accounting folks receive a notification email whereupon they manually lookup the budget owner's contact info and enter it into the tracking sheet.

The code then generates a notification email for the budget owner asking them to confirm the transaction by visiting a link (included in the email). Upon visiting the link, the budget owner sees the transaction details/documentation and can either approve or deny the request (with reason).

An email is generated to accounting and the original requestor that the expense was approved/denied. At that point, Alison can send the payment.

Note that there was some concern about storing personal info and account info for payment purposes. Also can't vouch for the security of the app :)

-Jason

On Dec 10, 2011, at 3:44 PM, Mark Bristow <mark.bristow at owasp.org> wrote:

> What is the process flow for budget owners to approve these requests?
> 
> Can we attach receipts to this?  How about expense reports?
> 
> On Fri, Dec 9, 2011 at 9:24 AM, Kate Hartmann <kate.hartmann at owasp.org> wrote:
> As a step toward increased visibility, please provide feedback on this reimbursement request form by Monday, December 12.  I would like to begin to implement it then. 
> 
> 
> Many thanks, Jason, for your work on this.  Jason’s comments about the form are here:
> 
>  
> 
> “The email messages are currently hard coded to send to accounting at owasp.org and CC [Kate], Matt and myself (me for debugging purposes).
> 
>  
> 
> [We will convert] accounting at owasp.org from an email alias into a private Google Group consisting of Alison, Kate, and Matt. What that would do is remove any "hard-coded" email addresses from the code so that when the next treasurer comes along, or a new accountant comes along, we don't have to go back and change the code - we can just assign new members to the accounting at owasp.org group.
> 
>  
> 
>  
> 
> Form:  http://sl.owasp.org/reimbursement-request
> 
>  
> 
> Spreadsheet for tracking:  https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Amvv_7Gz8Z7TdFdVNGhydFc5YjVzeEg0OWZWa0VYMnc
> 
>  
> 
> Kate Hartmann
> 
> Operations Director
> 
> 301-275-9403
> 
> www.owasp.org
> 
> Skype:  Kate.hartmann1
> 
>  
> 
> 
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
> 
> 
> 
> 
> -- 
> Mark Bristow
> (703) 596-5175
> mark.bristow at owasp.org
> 
> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
> AppSec DC Organizer - https://www.appsecdc.org
> 
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20111210/a01bb4f2/attachment-0002.html>


More information about the Owasp-board mailing list