[Owasp-board] Profit Sharing Discussion

Michael Coates michael.coates at owasp.org
Mon Nov 26 01:07:32 UTC 2012


We need to nail this down as part of the 2013 finance planning. It will be
on the agenda for tomorrow.

At this point it's been well socialized and feedback has been received from
many sources. Everyone should be ready with final thoughts and ready for a
vote.

-Michael


--
Michael Coates | OWASP | @_mwc
michael-coates.blogspot.com



On Sun, Nov 25, 2012 at 1:59 PM, Jim Manico <jim.manico at owasp.org> wrote:

>  Are we voting on Monday, or on Dev 10th?
>
> https://www.owasp.org/index.php/Dec_10,_2012
>
> - Jim
>
>
>  Request for feedback sent to leaders list.
>
> Board,
> Please review the feedback and be ready to vote on this on Monday.
>
>
>
> -Michael
>
>
> --
> Michael Coates | OWASP | @_mwcmichael-coates.blogspot.com
>
>
>
> On Tue, Nov 20, 2012 at 12:37 AM, Eoin Keary <eoinkeary at gmail.com> <eoinkeary at gmail.com> wrote:
>
>
>  As mentioned a few weeks back, send to leaders for comment.
> They are leaders and deserve input.
>
>
> Eoin Keary
> Owasp Global Board+353 87 977 2988
>
>
> On 20 Nov 2012, at 03:07, Tom Brennan <tomb at owasp.org> <tomb at owasp.org> wrote:
>
> This needs to go for comment to 200+ chapters. Especially chapters that
> would be leveraged for international locations around the world for AppSec
> events. Since the recent announcement neutering committees the only active
> volunteers are the chapters that need to have a clear understanding of this
> shift.
>
> As a chapter leader we will see this year how appsec2013 works out now
> that we have a employee based primary team with local volunteer support.
>
> The first call it upcoming
>
> If anyone else wants to roll up sleeves the action/planning calls are
> ongoing see; http://www.meetup.com/OWASP-NYC/events/86936002/
>
> I prefer a flat % 75/25 after expenditures and no caps - chapters earning
> should have simple split not complex that does not translate well or allow
> the system to be gamed rather quickly.
>
> As far as our chapter is concerned we need to generate 25k from appsecUSA
> or its not worth the effort.
>
> Tom Brennan973-202-0122
>
>
> On Nov 19, 2012, at 9:45 PM, Michael Coates <michael.coates at owasp.org> <michael.coates at owasp.org>
> wrote:
>
> Board,
>
> Any other thoughts on the proposed model?  The feedback is all positive
> with a few wording clarifications.  The bigger picture issue that Sarah has
> mentioned is also a good item to consider.
>
> Regarding the profit sharing proposal, I don't see any major concerns
> either.  This item will be up for vote during our next meeting. Please make
> sure to familiarize yourself with the details.  I'd like to get any
> concerns out for discussion now so we can dig into these ideas before the
> next board meeting.
>
>
>
> Sarah - thanks for the financial analysis and thoughts. Very helpful.
>
>
>
>
> --
> Michael Coates | OWASP | @_mwcmichael-coates.blogspot.com
>
>
>
> On Wed, Nov 14, 2012 at 10:09 AM, Sarah Baso <sarah.baso at owasp.org> <sarah.baso at owasp.org> wrote:
>
>
>  Board Members -
>
> My thoughts on the new proposed policy and long term success of the
> Foundation and Global AppSec "brand":
>
> *Overall - I think the new policy is ok, as currently drafted*.
>
>    - I would recommend a modification similar to what Josh and Dave
>    discussed in their comments.  *"2.  All other events not classified
>    as one of the Global AppSec Events will realize a 10/90 revenue split
>    (Foundation/chapter) up to $5,000 USD.  Any profits above the $5K will
>    recognize the standard 60/40 split. (Foundation/Chapter)." *
>
> * * *For larger chapters that want to run a local or regional event on a
> yearly basis, we should have an avenue for them to recognize a larger
> profit. Also, they are doing all (or  *
> * most of) the work then they should be able to get most of the profits.
> I would say that a chapter can request up to an additional $5000 by
> submitting both a chapter budget *
> * and event budget to be approved by staff.*
> * *
>
> *Bigger picture issues:*
> *
> *
> As we look at the need for the Global AppSecs to serve as major
> fundraisers to support the other goals/initiatives of the foundation - I
> think we need to consider the possibility of a different approach to the
> model.  Many of the issues with the funding & conference planning model(s)
> that have been used in the past and proposed for the future surround the
> dichotomy that 1) we need a model that will raise money for the foundation
> and support our GLOBAL initiatives (i.e. Money generated from AppSec USA
> supports outreach in APAC, Latam, and Europe), 2) chapters/volunteers want
> proper control, recognition and "funds" for their input and efforts in
> creating and driving the conference.
>
> A few  examples:
>
>    - *Profit distribution:* What portion of the profits should a chapter
>    get that raises almost $150,000 for the foundation and has MANY volunteers
>    dedicating their nights and weekends for months to make a successful event?
>     How should the profits differ for  another chapter that only has 2
>    volunteers that contribute all of their time, but only raise $5000 for the
>    foundation?  What about a third scenario where there is virtually no help
>    from the local chapter and the event raises $10,000 due to contributions of
>    a global volunteer base and OWASP Staff efforts?
>    - *Content:* How do we build a professional call for papers or call
>    for training system that gives local volunteers the control and input they
>    want but also accommodates regional needs (Standard conference vs. Research
>    driven conference), building the OWASP Brand (promoting OWASP Projects),
>    and maintains a professional selection process that is communicated to the
>    larger community and pool of applicants?
>    - *Sponsorships: *While moving locations from year to year brings in
>    a new crowd of attendees local to that area, this also comes with many
>    "unknowns" for sponsors.  What will the vendor space look like, what will
>    the sponsor's availability to attendees be, how will their sales team
>    generate leads?  From the perspective of building relationships with the
>    sponsors and giving them a consistent expectation from year to year - it
>    would be best for us to be able to lay out specifications/guidelines for
>    the global event planners (and clearly outline to the sponsors what they
>    can expect for their money).  This sometimes runs in conflict with what the
>    local event planners think would be best for their individual event.
>
>
> A suggestion for 2014 that Kate and I have discussed is to *move the the
> Global AppSecs to a static location from year to year*. In this model,
> the employees would work with a team of volunteers (not necessarily local)
> to plan an implement the conference. The model would change from one that
> is trying to make money for one chapter and control of the decisions for
> that chapter to one that is more global.  I think creating an event
> template with many re-usable parts (not to mention service providers -
> venue, catering, AV, etc) would be much easier and allow us to focus on
> things like content and the OWASP message rather than logistics.
> Additionally, I think this type of model is more sustainable
> and scale-able for long term growth for our brand and fundraising
> objectives.
>
> A static location would also allow for more planning in advance.  Right
> now we do the call for conferences a year out. The idea that these events
> (especially as they grow in size) should start planning more than a year in
> advance has come up a few different times on conference committee calls and
> discussions.  The problem remains that the submissions/location proposals
> are driven by local chapter leaders (ideally teams), and planning a global
> app sec is a large investment in time an energy.  Many people would
> probably argue "too large" which is one of the reasons we don't get more
> proposals in our call for locations.  To ask conference planners to submit
> even more in advance is often difficult as they don't know their schedule
> or where there life will be that far in advance.  Once again, having static
> locations and planning process that is more centralized will help overcome
> these obstacles.
>
> If others are in support of considering this new static location model,
> there are certainly a lot of details to work out including: where will
> these static locations be, how do we solicit and reward volunteers
> (especially if we aren't allowing the chapter in the static location to
> reap profits), etc.
>
> I certainly don't think this is the ONLY option for us, but it is
> something to consider as our events and organizational needs continue to
> grow. I wasn't "sold" on this idea initially, but the more I think about
> it, the more it seems like plausible option for us.  Consider that as we
> are able to do more fundraising centrally, we also can empower
> local/regional event planners to focus on outreach rather than income...
> which also supports our community and the mission.
>
>
> Looking forward to hearing thoughts and input on this new model.
>
> Regards,
> Sarah Baso
> *
> *
>
>
>
>
> On Wed, Nov 14, 2012 at 9:11 AM, Sarah Baso <sarah.baso at owasp.org> <sarah.baso at owasp.org> wrote:
>
>
>  Michael et al -
>
> *First for reference, here is the current policy in place:*
> *
> *
> Local host chapters will share in OWASP event profits under the
> following schedule. In the case of multiple host chapters, the host
> chapters will be responsible for determining the division before the event.
>
>    - Global AppSec Conference - 25% of event profits with a $5,000 USD
>    cap ($10,000 for multi-chapter events)
>    - Regional/Theme Events - 30% of event profits with a $4,000 USD cap
>    - Local Events - 50% of profits with a $3000 USD cap
>
>
>
>  *Budgeting Implications*
> Under the new plan, there is a opportunity for the local chapter to earn
> much more than that listed below if they surpass the profit target, but
> just using the profit target as a guideline... here are the numbers....
> *
> *
> *<image.png>
> *
>
>
> *Comments from Conferences Committee Call & Mailing List Thread*
> From July 18, 2012 Conference Committee Call:
>
> *
>
>
>    - Request for Comment: proposed policy for profit sharing and
>    financial oversight of future OWASP events:
>    https://docs.google.com/a/owasp.org/document/d/159bD2oeAmM2yfPNeq5wHvIvHcl10Hl-c3Um2GXAW81Y/edit
>
> *
>
>
>  _______________________________________________
>
>  Owasp-board mailing listOwasp-board at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-board
>
>
>
> _______________________________________________
> Owasp-board mailing listOwasp-board at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-board
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20121125/2c9b1595/attachment-0001.html>


More information about the Owasp-board mailing list