[Owasp-board] Clarification of OWASP Structure

Matt Tesauro matt.tesauro at owasp.org
Mon Mar 26 21:20:48 UTC 2012

Michael has done a great job stating my postion for me.  We need to balance
the competing interests.  There is a symbiotic relationship between the
Foundation and chapters which makes both stronger.


-- Matt Tesauro
OWASP Board Member
OWASP WTE Project Lead
http://AppSecLive.org - Community and Download site

On Wed, Mar 21, 2012 at 11:54 PM, Michael Coates
<michael.coates at owasp.org>wrote:

> Board,
> We've provided guidance in the form of recommendations for a new chapters
> / committee policy as part of the lascon exception vote - see
> http://owasp.blogspot.com/2012/02/approval-of-lascon-exception.html
> Two additional questions were posed by the chapters committee to clarify
> the board's view of the OWASP organization. The questions point to a larger
> issue:
> Is OWASP a group of small chapters and a stronger central foundation? Or
> is OWASP strong chapters and a decentralized foundation?
> I will state my opinion very clearly.  First, I don't believe OWASP is at
> either extreme but I do believe that OWASP is a single entity and should be
> structured as such.
> The OWASP foundation was created to advance the OWASP mission.  One method
> that we use to advance our mission is the creation of local chapters to
> grow the OWASP community. We also support an incredibly important array of
> projects, the OWASP wiki, and various conferences and training events.  To
> continue be successful OWASP must maintain a strong foundation to advance
> the mission of OWASP while providing a structure for chapters to grow and
> explore various methods of success.  In the end, the combined materials
> that are donated to OWASP are what makes OWASP great.  We have owasp.org,
> not owasp-wiki-chapterX.org.
> The overall message is that OWASP is a central force and a single mission.
> All participants contribute to advance this mission.  Policies governing
> chapters are intended to allow chapters to experiment and grow, but our
> goal is not to create an environment where the OWASP foundation suffers as
> a whole while individuals chapters, which are pieces of the OWASP family,
> succeed to the detriment of the rest.
> I believe the following will setup OWASP for success:
> create policies that allow flexibility
> minimize unnecessary bureaucracy
> design policies to empower leaders and include transparency to minimize
> concerns of misuse
> recognize that OWASP must continue to operate as a whole and structure
> policies accordingly
> I hope the above information, combined with guiding principles from
> http://owasp.blogspot.com/2012/02/approval-of-lascon-exception.html is
> sufficient to enable our committees to work out  an agreed upon policy.
> However, I do recognize that they may be unable to reach a decision. If
> that is the case we may need to explore the possibility of providing
> specific detailed requirements instead of the guiding principles that we've
> made thus far.
> -------
> Michael Coates | OWASP
> michael.coates at owasp.org | @_mwc
> OWASP Board
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20120326/7223647d/attachment.html>

More information about the Owasp-board mailing list