[Owasp-board] Discussion - Strategic Goals for 2013

Michael Coates michael.coates at owasp.org
Tue Apr 16 22:18:01 UTC 2013

I think there are several specific ways we can identify individual

- Global Initiative Metrics (automatable at a basic level)
- Wiki Edit Metrics (built in support I believe)
- Chapter Attendance (supported if people use the registration system)
- Conference Attendance
- Speaking on behalf of OWASP anywhere (easy for people to self record -
- Project Activity (we'll have to think about this)

It would be very interesting to see who is most active given a very basic
report across those areas.
With that data you can easily create a contributor of the week on the OWASP
front page (talk about incentive) and quickly build a list of key people
that should be at a summit like event.

If the contributors themselves have emails of @company.com, then it's also
very easy to recognize companies that are donating employee time.

For your logo concerns, we talked about it at the last board meeting and
now have a proposal online here -
Please add your thoughts & concerns.

Lastly, recognizing individual contributors is broken. We don't do it.
Since the community is the base of OWASP this is an area I think we should
really focus on.


Michael Coates | OWASP | @_mwc

On Tue, Apr 16, 2013 at 2:21 PM, Dave Wichers <dave.wichers at owasp.org>wrote:

> I’m all for encouraging recognition, but it’s pretty hard, particularly if
> we want to automate it. That’s why I’ve never really warmed to the idea
> because I just assume it’s way too hard/time consuming relative to the
> benefit. But if we can really figure out a way to do it that is efficient
> and self-sustaining I’d probably be for it, depending on what behavior it
> actually rewarded and what the rewards were.****
> ** **
> And at the same time, we are also reducing our ability to recognize
> corporate contributors with the whole ‘no logos on OWASP projects’ debate,
> which I completely disagree with.****
> ** **
> I think we should figure out more/better ways to recognize both individual
> and corporate contributors, not just focus on individuals, while at the
> same time actually reducing our ability to recognize the contributions of
> corporate contributors. I’ve always felt that corporate contributions to
> projects are usually far more valuable than financial contributions because
> they typically invest more than $5K of their time on such projects. So we
> should encourage more of this, not less. I’ve always felt this way and so
> has Jeff, who led OWASP for 9 years and took it from a small handful of
> contributors to a global force with tens of thousands of participants.****
> ** **
> I think we can easily get corporate contributions while handling the
> potential for bias. In fact, I think we’ve already done a great job of that
> throughout OWASP’s history. To me, it’s something that I don’t think is
> broke.****
> ** **
> -Dave****
> ** **
> *From:* owasp-board-bounces at lists.owasp.org [mailto:
> owasp-board-bounces at lists.owasp.org] *On Behalf Of *Michael Coates
> *Sent:* Tuesday, April 09, 2013 1:39 PM
> *To:* OWASP Foundation Board List
> *Subject:* [Owasp-board] Discussion - Strategic Goals for 2013****
> ** **
> Board,****
> In 2012 we formalized strategic goals for OWASP. These items served as a
> direction and rallying point for many of our operational items.****
> While these goals may still hold true, we should formally evaluate and
> vote to reconfirm each year. Although it is now April, I'd like to push
> that point.
> Here are the items from 2012
> ****
> **·         ***Build the OWASP Platform *- Define the processes,
> resources, and tools to enable volunteers to quickly join and contribute to
> OWASP in the areas of projects, chapters, education, conferences and
> connections****
> **·         ***Expand Communication Channels* - Establish effective
> communication channels into developer groups, universities, and industry
> groups****
> **·         ***Grow the OWASP Community *- Build and grow the OWASP
> community throughout the world by focusing on the quality of projects,
> chapters, conferences, and social technologies****
> **·         ***Financial Stability *-  Further build out a stable
> financial foundation and create new sources of income for the organisation
> to achieve the goals of 2012 and future years.****
> ****
> For 2013 I'd like to make sure we still limit the strategic goals to 4.***
> *
> From my perspective I think this year we should place a focus on
> recognizing the contributors. There are many ways to do this, but I'd like
> to see systems built that can scale and provide recognition for the
> volunteer efforts of the community. This includes items like a badge
> program or something like "o-points", automated recognition of our top
> volunteers in global initiatives and wiki edits, some sort of featured
> OWASP'er of the week on the front page of OWASP or in the connector, and so
> on.
> I believe that this should be a strategic focus for 2013. The impact of
> this change will be a clear recognition system for individuals that get
> involved in OWASP. They can help change the world and be quickly
> acknowledged for their efforts.****
> Sticking to a limit of 4 strategic goals I'd initially argue this
> strategic goal would replace "Grow the OWASP community". I like the other 3
> but would love to hear opinions from the rest of the board.****
> ** **
> --
> Michael Coates | OWASP | @_mwc****
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20130416/2e8c9f49/attachment.html>

More information about the Owasp-board mailing list