[Owasp-board] Discussion - Strategic Goals for 2013
dave.wichers at owasp.org
Tue Apr 16 21:21:33 UTC 2013
I'm all for encouraging recognition, but it's pretty hard, particularly if
we want to automate it. That's why I've never really warmed to the idea
because I just assume it's way too hard/time consuming relative to the
benefit. But if we can really figure out a way to do it that is efficient
and self-sustaining I'd probably be for it, depending on what behavior it
actually rewarded and what the rewards were.
And at the same time, we are also reducing our ability to recognize
corporate contributors with the whole 'no logos on OWASP projects' debate,
which I completely disagree with.
I think we should figure out more/better ways to recognize both individual
and corporate contributors, not just focus on individuals, while at the same
time actually reducing our ability to recognize the contributions of
corporate contributors. I've always felt that corporate contributions to
projects are usually far more valuable than financial contributions because
they typically invest more than $5K of their time on such projects. So we
should encourage more of this, not less. I've always felt this way and so
has Jeff, who led OWASP for 9 years and took it from a small handful of
contributors to a global force with tens of thousands of participants.
I think we can easily get corporate contributions while handling the
potential for bias. In fact, I think we've already done a great job of that
throughout OWASP's history. To me, it's something that I don't think is
From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Michael Coates
Sent: Tuesday, April 09, 2013 1:39 PM
To: OWASP Foundation Board List
Subject: [Owasp-board] Discussion - Strategic Goals for 2013
In 2012 we formalized strategic goals for OWASP. These items served as a
direction and rallying point for many of our operational items.
While these goals may still hold true, we should formally evaluate and vote
to reconfirm each year. Although it is now April, I'd like to push that
Here are the items from 2012
. Build the OWASP Platform - Define the processes, resources, and
tools to enable volunteers to quickly join and contribute to OWASP in the
areas of projects, chapters, education, conferences and connections
. Expand Communication Channels - Establish effective communication
channels into developer groups, universities, and industry groups
. Grow the OWASP Community - Build and grow the OWASP community
throughout the world by focusing on the quality of projects, chapters,
conferences, and social technologies
. Financial Stability - Further build out a stable financial
foundation and create new sources of income for the organisation to achieve
the goals of 2012 and future years.
For 2013 I'd like to make sure we still limit the strategic goals to 4.
>From my perspective I think this year we should place a focus on recognizing
the contributors. There are many ways to do this, but I'd like to see
systems built that can scale and provide recognition for the volunteer
efforts of the community. This includes items like a badge program or
something like "o-points", automated recognition of our top volunteers in
global initiatives and wiki edits, some sort of featured OWASP'er of the
week on the front page of OWASP or in the connector, and so on.
I believe that this should be a strategic focus for 2013. The impact of this
change will be a clear recognition system for individuals that get involved
in OWASP. They can help change the world and be quickly acknowledged for
Sticking to a limit of 4 strategic goals I'd initially argue this strategic
goal would replace "Grow the OWASP community". I like the other 3 but would
love to hear opinions from the rest of the board.
Michael Coates | OWASP | @_mwc
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-board