[Owasp-board] [GPC] Project Committee Input Needed

Jim Manico jim.manico at owasp.org
Wed Jun 20 08:23:32 UTC 2012


> We also need to answer the question if the project leaders can be paid
for their time and efforts. I don't know if this was ever solved,
discussed, or approved by the board. But regardless, I think we need to
decide and bury this issue.

Of course OWASP  should pay people when appropriate. There is a very
fierce movement to "not" do this for absolutely no reason. OWASP has
paid people in the past. (Larry Casey as admin, Aspect was paid out to
the tune of 20k/year to use their infrastructure in the past as well as
rental of their office, OWASP has paid for my expenses to go on a
speaking tour of Europe, we pay for full time employees, etc, etc.).

If we have stagnant content that is important to the foundation, then of
course we should consider paying an expert if no one volunteers.

Keep in mind, the mission is spread awareness of AppSec. Anything that
artificially puts a limit on how to accomplish that goal is a bad idea, IMO.

Now, I realize that this is a sensitive issue. I think we should make
this decision on a case-by-case basis. It is normally a board decision
to spend money of this nature in most non-profit organizations. I think
between the board, full time employees, and committee chairs, good
decisions can be made. I do not think the GPC should be the one to set
limits. The GPC has been fairly inactive as of late, and I think they
need to earn their stripes anew before making organizational policy of
this nature.

I really think the GPC needs to get back to basics and work with
individual projects more. I know you are a champion, Justin. I'm a huge
fan of your work in general. But I think the GPC has a long way to go to
be a positive force in OWASP. It's a very difficult committee to be on,
I admit that. I'll join the mailing list again to see where I can help
from a connections point of view.

-- 
Jim Manico

Connections Committee Chair
Cheatsheet Series Product Manager
OWASP Podcast Producer/Host

jim at owasp.org
www.owasp.org


More information about the Owasp-board mailing list