[Owasp-board] GCC Statement for June Board Meeting

Mark Bristow mark.bristow at owasp.org
Tue Jun 7 16:02:58 UTC 2011

OWASP Board,

The board is planning on taking on two issues that deeply involve the Global
Conferences Committee at this months meeting, Conferences responsibilities
(moving Regional/Local events under the Chapters Committee) and the GCC
policy for profit sharing.  Unfortunately I will be unable to make this
meeting (it it's today it's because of work, next week because I'll have a
newborn).  I would really appreciate it if these topics could be tabled
until I am able to participate in the discussions as they are essential to
my committee function and I unfortunately can just not make it.

Should the board not wish to table these issues until I am available, in
addition to the normal committee update I have prepared two wiki documents
outlining our potion.  I am going to provide a synopsis here, but strongly
urge you all to read the entire position as I back them up with some hard
numbers and facts in the complete version.

*Moving Regional/Local events to Chapter's Control -
My main point here is *why*?  The Conferences Committee is comprised of
members who have the experience, knowledge and experience to ensure that
larger OWASP events are run in a manner consistent with the values of the
foundation as well as in an open and fiscally responsible manor. Over the
past 2 years under the Conferences Committee’s leadership, we’ve seen OWASP
grow from having one, perhaps two global events each year to having a Global
AppSec Conference in North America, South America, Europe and Asia every
year in addition to increasing the number of regional and local events we
participate in worldwide. Under GCC stewardship we have also seen a
significant increase in profitability for events that provide the engine to
drive OWASP’s activities worldwide.  Last year conference income accounted
for *77% of OWASP's annual income* and brought in a total profit of
$240,399.71 (up 151% from 2009).

I have a suspicious feeling that this initiative is really a different venue
for a small number of individuals who object to one and only one of the GCC
policies on profit sharing (see separate data below) what was voted on by
the GCC and ratified by the board.  If so, then this entire issue should be
dropped and those individuals should challenge the policy not the
committee.  However, If the GCC is not meeting the needs of the foundation
or is doing an ineffective job of managing OWASP events, then I would like
to hear where exactly we are not doing well so we have the opportunity to
improve VS taking this responsibility away and putting it in the hands of a
committee who is not focused on events and does not have the expertise in
this area.  Keep in mind that event income is what effectively funds much of
the foundation (along with membership income) and should not be changed
lightly as mismanagement in this area could be disastrous for OWASP.

(Additional points can be found by following the link)

*Event Profit Sharing Policy -
(FYI there are *charts, analysis and data* in the full document)

The current policy as set by the Global Conferences Committee and the OWASP
Board should remain in effect. OWASP events are the cornerstone of the OWASP
Foundation's solvency and provide the necessary funding to enable virtually
all of OWASP's activities. In 2010, conference income accounted for 77% of
OWASP's annual income and brought in a total profit of $240,399.71 which
enabled the foundation to have a net positive income while still funding all
of its operational activities as well as projects, chapters, loss-leader
events and outreach. The current profit sharing policy with caps is in the
best interests of the Foundation as a whole while also recognizing OWASP
chapters who host OWASP events, by providing them some share in the profits
the OWASP foundation makes from events. Discussions around removing caps
will result in significant detriment to the OWASP Foundation's budget (for
2010 loss of $33,011.37 instead of a net gain of $4,972.63) and would
concentrate a huge amount of OWASP funds into the hands on a few few
chapters, potentially inhibiting OWASP from accomplishing its mission. The
current policy is both fair and equitable.

Mark Bristow
(703) 596-5175
mark.bristow at owasp.org

OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
AppSec DC Organizer - https://www.appsecdc.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20110607/5c0b66af/attachment-0002.html>

More information about the Owasp-board mailing list