[Owasp-board] Grant Spending and Funding Policy

Tobias tobias.gondrom at owasp.org
Thu Oct 31 20:03:14 UTC 2013


Well,

effectively the project leader will actually propose / spell out what
will be done. And then the organisation has to sign-off on it as we
carry the liability, e.g. in case the project leader suddenly
dissapears, which btw. could be quite fatal for the project and also
risky in terms of liabilities for OWASP.

regarding #2: I think, yes. the grant application will basically spell
out what both sides gets out of the deal.
It might be useful to actually spell out explicitely which person /
entity is committed to do which parts of the grant (which is actually
standard practice in such projects anyway) and then manage deviations
from the plan if necessary.

Tobias



On 31/10/13 19:55, Josh Sokol wrote:
> Tobias,
>
> There are definitely benefits, no doubt.  And you're right that it
> likely increases your chances of selection as well.  My concerns are
> really two-fold: 1) What liabilities do we, as a Foundation, take on
> by doing this and 2) What is the perception by the project leader
> agreeing to this.  Personally, I'd like to think of this more like a
> contract where we spell out what both parties get out of the deal
> rather than OWASP simply dictating terms to a project leader.  Does
> that make sense?
>
> ~josh
>
>
> On Thu, Oct 31, 2013 at 2:49 PM, Tobias <tobias.gondrom at owasp.org
> <mailto:tobias.gondrom at owasp.org>> wrote:
>
>     Hi Samantha and Josh.
>     btw. the fact that the grant application will be submitted on
>     behalf of the organisation is another advantage of doing this
>     through OWASP. At least with European grants it increases your
>     chance of success. Plus we might have some basic organisation
>     documentation on hand from previous applications.
>
>     I am not sure whether we need to spell out the advantages on the
>     very same page. A link to like "here are the benefits of
>     submitting via OWASP" on the page might also be sufficient.
>
>     Cheers. Tobias
>
>
>
>     On 31/10/13 19:00, Samantha Groves wrote:
>>     Hello Josh, 
>>
>>     Great question. It is important for the foundation to review and
>>     approve all grant proposals as the proposal will be submitted on
>>     behalf of the foundation. This will make us liable for the
>>     deliverable promised in the proposal. As I am the person
>>     responsible for project grants, I will need to review and approve
>>     the proposals. 
>>
>>     I can certainly put together a document that outlines the
>>     benefits of running an OWASP Project, as well. 
>>
>>
>>     On Thu, Oct 31, 2013 at 11:51 AM, Josh Sokol
>>     <josh.sokol at owasp.org <mailto:josh.sokol at owasp.org>> wrote:
>>
>>         I'm not saying it's a bad idea, but what is the purpose of #1
>>         (requiring the project managers approval)?  Is this so that
>>         OWASP can capture the money up-front?  So OWASP controls the
>>         branding?  The interactions with the grant agency?  As a
>>         leader of an open-source project myself, I've questioned the
>>         value of moving it under the OWASP umbrella mostly because I
>>         want to maintain control over my project.  With requirements
>>         like these, I start to question the value-add vs overhead of
>>         running an "OWASP Project".  Would it make sense to also
>>         either include in this document or create a new one to
>>         address all of the positive aspects of becoming an OWASP
>>         project?  I think Samantha told me that there's assistance in
>>         obtaining grant money.  That seems positive.  What else?  Any
>>         place we put restrictions on people we should be also calling
>>         out the benefits that come along with those. 
>>
>>         ~josh
>>
>>
>>         On Wed, Oct 30, 2013 at 4:43 PM, Sarah Baso
>>         <sarah.baso at owasp.org <mailto:sarah.baso at owasp.org>> wrote:
>>
>>             Board members -
>>
>>             Samantha, along with the feedback from the rest of the
>>             staff, put together some operational guidelines for grant
>>             spending:
>>              https://docs.google.com/a/owasp.org/document/d/1yX68nS20qj7QNTcDkKCD3hSfFEbJaBKjoWjc2wF_aLA/edit
>>
>>             These guidelines provide clear expectations of how grant
>>             awarded funds are to be managed and spent by all OWASP
>>             Projects. In addition to being an important piece in
>>             management of funds, the IRS asks about the
>>             organization's procedures for monitoring the use of
>>             grants (especially outside of the US).
>>
>>             I have added the link to this document to the Governance
>>             page as well https://owasp.org/index.php/Governance.
>>
>>             Finally, the staff is working on developing instructions
>>             that will assist the community on requesting funds from
>>             the foundation more broadly since I know this is a
>>             current point of confusion (and we want it to be easy and
>>             clear to everyone).  So, stay tuned for that piece!
>>
>>             Regards,
>>             Sarah Baso
>>
>>             -- 
>>             Executive Director
>>             OWASP Foundation
>>
>>             sarah.baso at owasp.org <mailto:sarah.baso at owasp.org>
>>             +1.312.869.2779 <tel:%2B1.312.869.2779>
>>
>>
>>
>>
>>
>>             _______________________________________________
>>             Owasp-board mailing list
>>             Owasp-board at lists.owasp.org
>>             <mailto:Owasp-board at lists.owasp.org>
>>             https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
>>
>>         _______________________________________________
>>         Owasp-board mailing list
>>         Owasp-board at lists.owasp.org <mailto:Owasp-board at lists.owasp.org>
>>         https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
>>
>>
>>     -- 
>>
>>     *Samantha Groves, MBA*
>>
>>     /OWASP Projects Manager/
>>
>>     /
>>     /
>>
>>     The OWASP Foundation
>>
>>     Phoenix, USA
>>
>>     Email: samantha.groves at owasp.org <mailto:samantha.groves at owasp.org>
>>
>>     Skype: samanthahz 
>>
>>
>>     OWASP Global Projects
>>     <https://www.owasp.org/index.php/Category:OWASP_Project>
>>
>>     Book a Meeting with Me <http://goo.gl/mZXdZ>
>>
>>     OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>
>>
>>     New Project Application Form
>>     <https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE6MQ#gid=0>
>>
>>
>>
>>
>>
>>     _______________________________________________
>>     Owasp-board mailing list
>>     Owasp-board at lists.owasp.org <mailto:Owasp-board at lists.owasp.org>
>>     https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
>     _______________________________________________
>     Owasp-board mailing list
>     Owasp-board at lists.owasp.org <mailto:Owasp-board at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/owasp-board
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20131031/dfae7255/attachment-0001.html>


More information about the Owasp-board mailing list