[Owasp-board] Grant Spending and Funding Policy

Samantha Groves samantha.groves at owasp.org
Fri Nov 1 00:20:29 UTC 2013


Hi Josh and All,

I think Tobias and Dennis outlined the benefits excellently. While some
individuals/groups do get awarded grants, I would say that grant awarding
organizations are more likely to fund projects attached to a more well
known/established organization. OWASP has a very strong brand presence in
the industry. It certainly helps Project Leaders by giving them a better
chance of winning an award as we have an established track record of
success now with our grant applications.




On Thu, Oct 31, 2013 at 12:47 PM, Josh Sokol <josh.sokol at owasp.org> wrote:

> So, to be clear, as an OWASP project leader, if I apply for grant money,
> it's really the Foundation and not me applying for the grant money.  The
> grant then goes to the Foundation and the Foundation then plays mediator
> between me (and my milestones) and the granting party.  As the middle-man,
> the Foundation is now liable not only for the deliverables, but also the
> grant payments, justifications, etc.
>
> Just to play devils advocate here, this seems like a liability that we
> don't necessarily have to take on.  We can assist project leaders with
> their grants without being the grantee.  The grantor can hold them
> personally liable for deliverables, rather than the Foundation.  Seems like
> we could easily mitigate some risk here by playing more of an "advisor"
> role in this process rather than owning it.  And from the project leader's
> point-of-view we'd be adding value back to them without controlling them.
> Is it possible to have OWASP Projects without having OWASP own the projects?
>
> ~josh
>
>
> On Thu, Oct 31, 2013 at 2:00 PM, Samantha Groves <
> samantha.groves at owasp.org> wrote:
>
>> Hello Josh,
>>
>> Great question. It is important for the foundation to review and approve
>> all grant proposals as the proposal will be submitted on behalf of the
>> foundation. This will make us liable for the deliverable promised in the
>> proposal. As I am the person responsible for project grants, I will need to
>> review and approve the proposals.
>>
>> I can certainly put together a document that outlines the benefits of
>> running an OWASP Project, as well.
>>
>>
>> On Thu, Oct 31, 2013 at 11:51 AM, Josh Sokol <josh.sokol at owasp.org>wrote:
>>
>>> I'm not saying it's a bad idea, but what is the purpose of #1 (requiring
>>> the project managers approval)?  Is this so that OWASP can capture the
>>> money up-front?  So OWASP controls the branding?  The interactions with the
>>> grant agency?  As a leader of an open-source project myself, I've
>>> questioned the value of moving it under the OWASP umbrella mostly because I
>>> want to maintain control over my project.  With requirements like these, I
>>> start to question the value-add vs overhead of running an "OWASP Project".
>>> Would it make sense to also either include in this document or create a new
>>> one to address all of the positive aspects of becoming an OWASP project?  I
>>> think Samantha told me that there's assistance in obtaining grant money.
>>> That seems positive.  What else?  Any place we put restrictions on people
>>> we should be also calling out the benefits that come along with those.
>>>
>>> ~josh
>>>
>>>
>>> On Wed, Oct 30, 2013 at 4:43 PM, Sarah Baso <sarah.baso at owasp.org>wrote:
>>>
>>>> Board members -
>>>>
>>>> Samantha, along with the feedback from the rest of the staff, put
>>>> together some operational guidelines for grant spending:
>>>>
>>>> https://docs.google.com/a/owasp.org/document/d/1yX68nS20qj7QNTcDkKCD3hSfFEbJaBKjoWjc2wF_aLA/edit
>>>>
>>>> These guidelines provide clear expectations of how grant awarded funds
>>>> are to be managed and spent by all OWASP Projects. In addition to being an
>>>> important piece in management of funds, the IRS asks about the
>>>> organization's procedures for monitoring the use of grants (especially
>>>> outside of the US).
>>>>
>>>> I have added the link to this document to the Governance page as well
>>>> https://owasp.org/index.php/Governance.
>>>>
>>>> Finally, the staff is working on developing instructions that will
>>>> assist the community on requesting funds from the foundation more broadly
>>>> since I know this is a current point of confusion (and we want it to be
>>>> easy and clear to everyone).  So, stay tuned for that piece!
>>>>
>>>> Regards,
>>>> Sarah Baso
>>>>
>>>> --
>>>> Executive Director
>>>> OWASP Foundation
>>>>
>>>> sarah.baso at owasp.org
>>>> +1.312.869.2779
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Owasp-board mailing list
>>>> Owasp-board at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>
>>>>
>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>>
>>
>>
>> --
>>
>> *Samantha Groves, MBA*****
>>
>> *OWASP Projects Manager*
>>
>> *
>> *
>>
>> The OWASP Foundation
>>
>> Phoenix, USA
>>
>> Email: samantha.groves at owasp.org
>>
>> Skype: samanthahz
>>
>>
>> OWASP Global Projects<https://www.owasp.org/index.php/Category:OWASP_Project>
>>
>> Book a Meeting with Me <http://goo.gl/mZXdZ>
>>
>> OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>
>>
>> New Project Application Form<https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE6MQ#gid=0>
>>
>>
>>
>>
>


-- 

*Samantha Groves, MBA*****

*OWASP Projects Manager*

*
*

The OWASP Foundation

Phoenix, USA

Email: samantha.groves at owasp.org

Skype: samanthahz


OWASP Global Projects<https://www.owasp.org/index.php/Category:OWASP_Project>

Book a Meeting with Me <http://goo.gl/mZXdZ>

OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>

New Project Application
Form<https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE6MQ#gid=0>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20131031/c92eb50a/attachment-0001.html>


More information about the Owasp-board mailing list