[Owasp-board] [Global_chapter_committee] Proposed Conferences/Chapters policy changes

Seba seba at owasp.org
Mon Mar 19 20:29:51 UTC 2012


All,

As chapters committee member, I am also voting No.
There are too many questions / remarks I have with the proposed policy:

Training: not part of the question (leave it up to the education committee)

How many chapter have > € 5000 now? Aren't we trying to solve a challenge
for the happy few with too many red tape for the upcoming chapters?

Why > 10k board approval required?

Handbook chapter 4 is guidance, not policy: if we want to make it mandatory
we have to add it to the mandatory section



Don't agree with "Have the responsibility and authority for supporting and
managing all chapter meetings": Why?

"single point of truth": why?



I don't agree that a chapter who charges a fee for an event = event defacto
"managed by the conferences committee"

I don't agree with the "single point of truth" for the conference page

Why "Global Conferences Committee will take a more active, direct role in
the planning the marquee foundation events" : the original issue at hand
(lascon) was not about the global appsec events: why this direct role?

Why does the conferences committee set the branding rules for all the
events?

What business & authority does the conference committee have with the
chapter budgets?

I don't agree with "■It is the responsibility of the chapter to plan ahead
appropriately to get this budget through the Global Chapters Committee
approval process if they intend to use the event to generate chapter
revenue" => that would mean each event that e.g. Generates extra chapter
sponsoring requires the conferences approval: what are you trying to
achieve here?

Chapter sponsorship should be explicitly out of this policy: only governed
by the chapters committee

The split is not clear: 50/50 or policy per type of event (still to be
decided?)


I don't agree with the top-down management point of view in general: to be
scalable our guidance/policies should encourage local responsability and
empowerment.

--seba
On Wed, Mar 14, 2012 at 8:27 PM, Tin Zaw <tin.zaw at owasp.org> wrote:

> Josh, Mark, and Sarah,
>
> Thank you for your hard work to come up with the draft.
>
> I intend to vote No on this as the new policies are not in agreement
> with my philosophy of stronger chapters. In addition, they put much
> more burden on the committee members (of both committees).
>
> I am for stronger, more independent chapters with the board and the
> committees providing oversight, not routine management, to prevent bad
> things from happening. The goal for the board and the committees
> should not be to approve every decision by chapters.
>
> There are items in the proposal that I disagree more strongly with,
> but at this point, I won't elaborate on it, because my intent on No
> vote is based on philosophical standing.
>
> Thanks.
>
>
>
> On Tue, Mar 13, 2012 at 11:35 AM, Josh Sokol <josh.sokol at owasp.org> wrote:
> > For single-chapter events there would be two "buckets" each with a target
> > amount of the chapter budget.  For multi-chapter events we just add more
> > buckets for the additional chapter budgets.  Once a chapter bucket is
> full,
> > they stop earning money from the event and the remaining amount goes to
> the
> > Foundation.  This ensures that the Foundation and the Chapter earn money
> > from the event at an equal rate.  Your example of how the funds would get
> > split is correct.
> >
> > Budgets are only necessary if a chapter wants to receive money from an
> event
> > or if they have more than $5,000 in their bank account at the end of the
> > year.  This was requested by the Board in the guiding objective which
> states
> > "We would like some sort of annual review, requirements, or rules to
> address
> > the issue of stale chapter funds in excessive amounts" as well as "We
> would
> > like some periodic recap on funds spent by chapters to help ensure funds
> are
> > appointed on items aligned with the OWASP Mission".  Yes, this does add
> some
> > additional operational work for our committee.
> >
> > ~josh
> >
> >
> > On Tue, Mar 13, 2012 at 1:19 PM, Seba <seba at owasp.org> wrote:
> >>
> >> can you explain:
> >> "Profit will be split 50/50 between the foundation and the chapter up
> >> until the chapter has received an amount equal to the chapter annual
> budget
> >> amount"
> >> My understanding is:
> >> if in belgium we have an annual budget of € 10000, and we organize an
> >> event with income resulting in a e.g. € 25000 the split would be €
> 15000 to
> >> the foundation and €10000 to the chapter?
> >>
> >> a general remark: it seems we are loading a lot of operational work on
> the
> >> committee in reviewing local budgets?
> >>
> >> --seba
> >> On Tue, Mar 13, 2012 at 6:11 PM, Josh Sokol <josh.sokol at owasp.org>
> wrote:
> >>>
> >>> Please discuss.  We will be taking this to a committee vote for
> approval
> >>> at the next Chapter Committee meeting next Monday, March 19th.  Please
> be
> >>> sure to send me and Sarah your vote before that deadline if you will be
> >>> unable to attend the meeting.  Thank you.
> >>>
> >>> ~josh
> >>>
> >>>
> >>> On Tue, Mar 13, 2012 at 12:05 PM, Sarah Baso <sarah.baso at owasp.org>
> >>> wrote:
> >>>>
> >>>> Global Chapters Committee,
> >>>>
> >>>> (Note: same email send to Conference Committee on separate thread)
> >>>>
> >>>>
> >>>>
> >>>> In response to the guiding objectives by the board, the Conferences
> and
> >>>> Chapter Committee Chairs have worked together to formulate some policy
> >>>> changes that we believe will meet the direction of the board while
> allowing
> >>>> chapters and the foundation to grow and innovate.  These points have
> been
> >>>> discussed at length and now we wish to hear your input on the
> matter.  We
> >>>> have agreed on the outlined plan below and as a result each of us
> will not
> >>>> make comments here past clarifications to any questions any of you
> have to
> >>>> the proposed policy.  We would like to cap the debate on this topic
> and take
> >>>> the following to a committee vote on Monday, March 19th using a
> majority
> >>>> approval rule for both committees in order to meet the board's 45 day
> >>>> deadline.
> >>>>
> >>>>
> >>>>
> >>>> The Global Chapters Committee shall:
> >>>>
> >>>> ●      Manage all chapter meetings or trainings that do not charge a
> fee
> >>>> for admission.
> >>>>
> >>>> ●      Establish an annual budget process for all chapters
> >>>>
> >>>> ○      At the end of each calendar year, a chapter with more than
> $5,000
> >>>> in it's bank account must submit a budget to be reviewed by the Global
> >>>> Chapters Committee to justify the rollover of any funds beyond that
> amount.
> >>>> In the event that the chapter does not submit a budget for the
> remaining
> >>>> funds or if any unbudgeted funds remain after December 31, the
> chapter will
> >>>> be given one month to determine another OWASP Chapter, Committee, or
> Project
> >>>> to allocate the unused funds toward.  If no designations are made
> before
> >>>> February 1, then all unused funds will be transferred to the OWASP
> >>>> Foundation main account.
> >>>>
> >>>> ○      Any chapter with more than $10,000 must also obtain Board
> >>>> approval for their annual budget.
> >>>>
> >>>> ○      The Global Chapters Committee will maintain "official" budgets
> on
> >>>> the wiki or via google docs where they are accessible to all OWASP
> >>>> participants.
> >>>>
> >>>> ○      The Global Chapters Committee will update Chapter 4 - Section 7
> >>>> of the Chapter Handbook with the new budget policy.
> >>>>
> >>>> ●      Establish by June 1st chapter spending guidelines (These should
> >>>> be under Chapter 4 - Section 7.1 of the Chapter Handbook)
> >>>>
> >>>> ●      Have the responsibility and authority for supporting and
> managing
> >>>> all chapter meetings
> >>>>
> >>>> ○      The Chapter Handbook authored by the Global Chapters Committee
> >>>> shall serve as the single point of truth for all chapter policies
> >>>>
> >>>> ○      The Global Chapters Committee shall set all chapter policies
> >>>>
> >>>>
> >>>>
> >>>> The Global Conferences Committee shall:
> >>>>
> >>>> ●      Manage all events that charge a fee for admission (voluntary
> >>>> donations exempted) and any free event determined by the organizer to
> be a
> >>>> conference versus a chapter meeting
> >>>>
> >>>> ●      Have the responsibility and authority for supporting and
> managing
> >>>> all events
> >>>>
> >>>> ○      The Global Conferences Committee has the responsibility for
> >>>> procuring and managing centralized assets such as, but not limited to
> >>>> registration tools and financial management tools
> >>>>
> >>>> ○      The Global Conferences Committee policy page shall serve as the
> >>>> single point of truth for all event policies
> >>>>
> >>>> ○      The Global Conferences Committee shall set all event policies
> >>>> with the exception of the profit sharing policy which requires the
> >>>> concurrence of the majority of the Global Chapters Committee to be
> modified.
> >>>>
> >>>> ●      The OWASP Event Management System (formerly OCMS) will serve as
> >>>> the single point of truth for OWASP events, AND will provide
> functionality
> >>>> to track chapter meetings in the next release
> >>>>
> >>>> ●      The Global Conferences Committee will revisit current event
> >>>> definitions and include clear, objective definitions of event types
> as well
> >>>> as the anticipated support level from the foundation.  These must be
> >>>> approved by June 1st.
> >>>>
> >>>> ●      The Global Conferences Committee will take a more active,
> direct
> >>>> role in the planning the marquee foundation events (currently defined
> as
> >>>> Global AppSec Events) including having a representative serve as
> Chair for
> >>>> these events.  (For this, Global Conferences Committee will require a
> full
> >>>> time support asset to handle the additional event coordination.
> Without
> >>>> these additional resources the conferences committee can not take on
> this
> >>>> added responsibility and will maintain an advisory/oversight role)
> >>>>
> >>>> ●      Any and all event policies in effect at the time of event
> >>>> approval shall apply to the event without modification unless a
> specific
> >>>> requirement to do so is set by the Board.
> >>>>
> >>>> ●      The Global Conferences Committee will implement a policy for
> >>>> managing all event funds through the foundation
> >>>>
> >>>> ○      The OWASP foundation will provide all "seed funds" needed for
> >>>> events up to the approved event budget and beyond with Global
> Conferences
> >>>> Committee approval
> >>>>
> >>>> ○      The Global Conferences Committee shall be responsible for the
> >>>> review, approval and signature of all contracts related to events
> >>>>
> >>>> ○      The Global Conferences Committee may provide an exception for
> >>>> events with extraordinary circumstances
> >>>>
> >>>> ○      Any event using the OWASP brand not using the Foundation to
> >>>> process it's finances will be in violation of OWASP brand usage rules
> and
> >>>> will be referred to the Board for action
> >>>>
> >>>> ●      The Global Conferences Committee will set the following
> branding
> >>>> rules except where it is unreasonable to do so
> >>>>
> >>>> ○      All events must use "OWASP" in their title, such as "OWASP's
> >>>> AppSec XYZ"
> >>>>
> >>>> ○      Events may use their own logos so long as they include the
> OWASP
> >>>> wasp (The Global Conferences Committee will manage logo approvals),
> color
> >>>> palate is optional
> >>>>
> >>>> ○      The OWASP logo must be present on all websites/materials,
> except
> >>>> where it is unreasonable to do so
> >>>>
> >>>> ○      A link back to owasp.org must be present on all
> >>>> websites/materials except where it is unreasonable to do so
> >>>>
> >>>> ●      The Global Conferences Committee sets the following event
> profit
> >>>> sharing model for all events:
> >>>>
> >>>> ○      At the time of approval, the Global Conferences Committee will
> >>>> record the chapter's current annual budget expenditures (referred to
> as
> >>>> chapter annual budget)
> >>>>
> >>>>                                           ■Chapters that do not have
> >>>> approved budgets shall have the chapter annual budget value set to $0
> >>>>
> >>>>                                           ■It is the responsibility of
> >>>> the chapter to plan ahead appropriately to get this budget through the
> >>>> Global Chapters Committee approval process if they intend to use the
> event
> >>>> to generate chapter revenue
> >>>>
> >>>> ○      Profits are all monies collected for the event (regardless of
> >>>> source) above the direct expenditures for the event
> >>>>
> >>>>                                           ■Any membership
> registrations
> >>>> as result of an event will be handled per Global Membership Committee
> policy
> >>>> and are not considered in this equation
> >>>>
> >>>> ○      Profit will be split 50/50 between the foundation and the
> chapter
> >>>> up until the chapter has received an amount equal to the chapter
> annual
> >>>> budget amount
> >>>>
> >>>> ○      After the chapter has received an amount equal to the chapter
> >>>> annual budget the Foundation shall receive 100% of the remaining
> profits.
> >>>>
> >>>> ○      Any Event Losses shall be the responsibility of the Foundation
> >>>>
> >>>>
> >>>>
> >>>> Sarah Baso on behalf of Mark Bristow and Josh Sokol
> >>>>
> >>>> --
> >>>> OWASP Operational Support:
> >>>> Conference Logistics & Community Relations
> >>>>
> >>>> Dir: 312-869-2779
> >>>> skype: sarah.baso
> >>>>
> >>>
> >>>
> >>> _______________________________________________
> >>> Global_chapter_committee mailing list
> >>> Global_chapter_committee at lists.owasp.org
> >>> https://lists.owasp.org/mailman/listinfo/global_chapter_committee
> >>>
> >>
> >
> >
> > _______________________________________________
> > Global_chapter_committee mailing list
> > Global_chapter_committee at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/global_chapter_committee
> >
>
>
>
> --
> Tin Zaw, CISSP, CSSLP
> Chapter Leader and President, OWASP Los Angeles Chapter
> Member, OWASP Global Chapter Committee
> Google Voice: (213) 973-9295
> LinkedIn: http://www.linkedin.com/in/tinzaw
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20120319/a9ece09e/attachment-0001.html>


More information about the Owasp-board mailing list