[Owasp-board] Draft - OWASP Strategic Goals

Michael Coates michael.coates at owasp.org
Thu Nov 3 21:08:23 UTC 2011


Are there any final thoughts on the strategic goals? Are we ready to vote and finalize?  This document has been available for review for the past 2 weeks. I've seen some feedback from Seba and Dave.  I'd really like this finalized so we can have a breakdown of committee goals with alignment to strategic goals is available for Monday's meeting.


Here is the current wording:

Initial Strategic Goals For Discussion
	• Build the OWASP Platform - Create the processes, resources, and tools to enable volunteers to quickly join and contribute to OWASP in the areas of projects, chapters, and conferences

	• Expand Communication Channels - Establish effective communication channels into developer groups, universities, and industry groups

	• Grow the OWASP Community - Build & grow the OWASP community throughout the world by focusing on the quality of chapters, conferences, and social technologies



Here are the comments from the google document

https://docs.google.com/a/owasp.org/document/d/1__w0egasqPvgEjLjPU2Rp_8jf0BkcDZwXqLjPMpqEOU/edit

Dave: I think we also need a strategic goal around funding/fund raising.
Dave: I think we need a Strategic goal of making it easy for consumers of our content to find our high quality content/projects, and make it clear which ones are still alpha+ stage, so their expectations are set accordingly. We have too much stuff thats not high quality that is diluting our message/image.


Seba: we should further refine our stakeholders and tune the message towards them. What is OWASP for a web/mobile application developer? for a framework architect? for a pentester? for a QA tester? for a CISO? for a student? for a professor? for an end-user? ...
 (response) Michael: It looks like these groups are subcategories of the larger groups we already have defined. I think we should leave this level of detail to the supporting committee goals.

Seba: conferences and training
(response) Michael: Do you think "training" needs to be specifically added? I think conferences include this already and is more of an outreach channel than the specific training sessions.

Seba: out of context here: probably part of the communication channels?
(response) Michael: I'd like something in the goals that focuses on the way our community interacts. That could be the wiki, mailing list, forum??, or more. We need to focus on how the community interacts and grows on the web.

Seba: and probably re-align an re-organize the committees to reach the strategic goals. 
I see connections & industry & part of the education committees merged into an "outreach" committee, responsible for developping the multi-channel marketing of our content (delivered by the plaform/comunity) towards our stakeholders/public.
besides the chapters, conferences: why don't we create a training committee?


Michael Coates
OWASP



On Oct 13, 2011, at 9:31 PM, Michael Coates wrote:

> The strategic goals should set the direction for OWASP with the overall purpose of furthering the OWASP mission.  The presence of strategic goals is important for the following reasons:
> 
> * By aligning our efforts we will accomplish several tasks with high quality instead of many tasks with mediocre quality
> * Strategic goals allow us to rally the committees towards a common direction
> * These goals will help OWASP be more effective in achieving the mission - they will in no way detract from or impact the ability for anyone to contribute awesome security projects (in fact, the strategic goals should do quite the opposite)
> * Demonstrates measurable growth for everyone's efforts
> 
> I believe we should aim for 3 strategic goals.  They should speak to the direction which we will align our committee goals.  These goals should specify the "WHAT" whereas the committee goals will define the "HOW". In other words, the strategic goals are what we want to accomplish through the collaborative efforts of the committees (and of course anyone else that wants to volunteer time in this space of OWASP).
> 
> Mission:
> Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks.
> 
> Initial Strategic Goals For Discussion
> 
> * Build the OWASP Platform - Create the processes, resources, and tools to enable easy project creation, project growth, and the creation of  professional, high quality deliverables
> 
> * Expand Communication Channels - Establish effective communication channels into developer groups, universities, and industry groups
> 
> * Grow the OWASP Community - Build & grow the OWASP community throughout the world by focusing on the quality of chapters, conferences, and social technologies
> 
> 
> 
> Thoughts? Let's discuss.
> 
> 
> Michael Coates
> OWASP
> 
> 
> 




More information about the Owasp-board mailing list