[Owasp-board] [Owasp-leaders] Board Off-site - Outcomes

Sarah Baso sarah.baso at owasp.org
Tue Aug 27 13:46:30 UTC 2013


FYI - I added these notes to the meeting notes page:
https://docs.google.com/a/owasp.org/document/d/1cYsp608TDiNfdLv60mePuCjC412oz_MJSIzFEuQED6w/edit
And either Eoin can supplement with more details of the votes from his
notes or if he sends me the details I can fill it in.

Link to this is on the wiki page:
https://owasp.org/index.php/In_person_meeting_at_AppSec_EU_-_Hamburg,_Germany;_August_19-24

I will send the recordings over to Matt for upload and conversion today and
hopefully we can get published on the wiki in the next couple of days.

Regards,

Sarah


On Tue, Aug 20, 2013 at 6:58 AM, Michael Coates <michael.coates at owasp.org>wrote:

> Leaders,
>
> The board met for 8 hours yesterday before AppSecEU for a board offsite. I
> wanted to provide a recap for those that may be interested.
>
> *Topics*:
>
>    1.
>
>    30 minutes - Open session - Air any concerns
>    2.
>
>    OWASP Board - purpose, requirements, expectations
>    1.
>
>       Orientation Process
>       2.
>
>       Conflict of Interest Policy
>       3.
>
>       Attendance Expectations
>       4.
>
>       Board Size
>       3.
>
>    Financials
>    1.
>
>       Looking at 2012, 2013 & paths for growth
>       4.
>
>    Legal
>    1.
>
>       Europe entity board representation
>       5.
>
>    Corporate Involvement & Support
>    1.
>
>       Review feedback & proposals
>       2.
>
>       Draft skeleton of plan
>       3.
>
>       Define next steps
>       6. [1 hr] [closed portion] - 3 month review of the ED role
>
>
> *Outcomes *
>
> *Corporate Involvement at OWASP*
> First, thanks to those that provided thoughts and feedback on the
> governance thread regarding corporate involvement. It was great to have
> feedback from OWASP leaders in this complex area.
> *
> Corporate Membership - Tiered Structure* - The board voted to move to a
> tiered corporate membership model. This enables organizations to support
> OWASP at a variety of levels. We are still flushing out the final details
> and we'll soon update the membership matrix. However, there will be 4 tiers
> ($2,000, $5,000, $20,000, $50,000) with varying benefits provided to the
> corporate member for each level. For those interested in chapter splits for
> corporate supporters it will be the following:
> $50,000 Corporate Membership - $8000 to local chapter - 16%
> $20,000 Corporate Membership - $4000 to local chapter - 20%
> $5,000 Corporate Membership - $2000 to local chapter - 40%
> $2,000 Corporate Membership - $800 to local chapter - 40%
>
> *Corporate Member Logos - Moving to Acknowledgement Page* - To provide a
> single clear page that acknowledges our corporate member supporters we will
> move the corporate logs from the bottom of the OWASP home page to a
> dedicated acknowledgement page. The home page will have clear graphics that
> encourage viewers to click and view the acknowledgements page.
>
> *Project Branding & Sponsorship - *Project sponsorship by corporate
> members is a complex item with many positives and negatives to each
> approach. The key is to provide clarity and guidance. Without these it is
> not easy for corporations to engage and while many will act with the best
> interests of OWASP we spend unnecessary cycles debating if individual
> decisions are correct. The board discussed the issue at length and outlined
> 3 different potential programs in this area.  We hope to provide a clear
> plan that will allow us to engage supporters and all understand our overall
> process.
>
> Next steps:
> - The board has outlined 3 different potential programs for project
> branding and sponsor. We will clearly document each option including the
> positives, negatives and other considerations for each option.
> - We will circulate these programs to leaders for review. At that time we
> will ask for any other suggested programs or additions/clarifications to
> the positives/negatives/considerations of each program.
> - Finally, this particular item will be added to the annual vote for a
> decision by the OWASP members. This particular item is complex with many
> different potential paths. We as OWASP need to decide which option is right
> for us. A clear listing of options along with an informed listing of the
> trade-offs for each option will allow the larger OWASP membership to lead
> in the decision making on this item.
>
>
> *Board Changes*
> *Board Orientation Documents* - An official board orientation set of
> documents will be created that includes a stated conflict of interest
> policy (in addition to what we have in the bylaws), 2 required reading
> short books on non-profit foundations, requirement to read previous
> financial reports and 990, and links to our to-be created governance page.
> All board members will sign and acknowledge completion of the orientation
> by Jan 1, 2014.
>
> Conflict of interest policies will also be extended to all employees and
> those in decision making roles for global conferences. We see this as a
> natural step to mature OWASP and better align with non-profit requirements.
> This is not in response to any concerns.
>
> *Board Size* - OWASP bylaws specify the board must be between 5 and 7
> members. Currently the OWASP board is 6 members. We voted to extend to 7
> members. The 2013 election will now seat 4 spots instead of 3. The newly
> elected board members will begin their terms Jan 1, 2014. At this time
> we'll see the board officially expand to 7 members.
>
> *Quarterly Board Meetings* - The board voted to move board meetings from
> the current schedule of monthly 1 hour meeting to quarterly 4-6 hour
> meetings. The schedule of meetings will be set by the board in December
> before the year. It is likely the the board meetings will take place on
> Saturdays or on a dedicated day before a large OWASP conference.  This
> change is a result of the success of the longer format board meeting and
> also a result of the Executive Director role that has enabled full time
> involvement and focus on OWASP operations. This will take effect in
> January, 2014.
>
>
> *OWASP Finances*
> *Financial Audit *- Every 3 years OWASP has engaged an outside firm to
> audit OWASP finances. We decided to move up our next audit since the
> organization has grown substantially over the past few years. The next
> audit will occur in 2013 for an audit of the 2012 filed information. All
> tax filings and audit information can be found here:
> https://www.owasp.org/index.php/OWASP_Foundation#Tax_Filings
> *
> Review of Finances* - Sarah and team are doing great work understanding
> OWASP finances and also mapping these into quadrants to reflect income/cost
> impacts and also value to mission. More information coming soon, but this
> type of understanding of our income and expenditures will allow us to
> continue to increase the value return on OWASP funds.
>
>
>
>
>
> As always, please do respond with any questions, comments or concerns.
>
>
> Thanks!
>
> --
> Michael Coates | OWASP | @_mwc
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


-- 
Executive Director
OWASP Foundation

sarah.baso at owasp.org
+1.312.869.2779
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20130827/abacc0a0/attachment-0001.html>


More information about the Owasp-board mailing list