[Owasp-board] PROPOSAL: Quarterly Updates by ED on Progress Towards Strategic Goals

Tobias tobias.gondrom at owasp.org
Fri May 9 15:25:35 UTC 2014

+1. Agreed.
- Tobias

On 07/05/14 18:14, Tom Brennan - proactiveRISK wrote:
> Agreed
> ---
> Tom Brennan | 973-298-1160 x799 | tomb at proactiverisk.com
> <mailto:tomb at proactiverisk.com>
> On May 7, 2014, at 12:58 PM, Josh Sokol <josh.sokol at owasp.org
> <mailto:josh.sokol at owasp.org>> wrote:
>> I think that the schedule (doing it in correlation with the quarterly
>> meetings) is a good thing.  I guess what I'm really asking is more
>> for a focus on how our activities relate to our strategic goals,
>> rather than just a list of things that staff has done.  The problem
>> that I'm seeing is that the Board set a direction, but we left it up
>> to the operations team to determine how to execute on that vision. 
>> We have Board members sponsoring these goals that have not been
>> engaged on the ongoing activities and when we review, we review as
>> tasks rather than milestones.  I'd like to see the overall plan. 
>> Here's an example:
>>     For goal X we took the Board's direction and broke it down into
>>     the following deliverable milestones.  Employee Y completed this
>>     milestone on this date.  We expect to have the following
>>     milestones complete by this other date.  We are on target to meet
>>     this goal by the specified completion date.
>> To summarize, think of the goals as projects with the metrics of
>> success as the milestones.  Think of the Board sponsor as a part of
>> the core project team with the other Board members as key
>> stakeholders.  Develop a communication plan and keep us in the loop.
>> Michael, I think a simple "yes, I think I would like quarterly
>> updates on strategic goals" or "no, I think it would be a waste of
>> our time" would be fine here.  No need to formalize anything.  I'd
>> like more visibility into our operations (my fiduciary
>> responsibility) and I feel like this gets us there without being
>> overly intrusive.  I'm not asking for a formal Board vote.  I'm
>> asking if others feel the same way.
>> ~josh
>> On Wed, May 7, 2014 at 11:28 AM, Sarah Baso <sarah.baso at owasp.org
>> <mailto:sarah.baso at owasp.org>> wrote:
>>     Josh -
>>     I am not sure if this is for me or the rest of the board or both
>>     - but i would be happy to put together a status update for you
>>     and ensure it is included in future updates.
>>     One piece of clarification regarding reporting that would be
>>     helpful - I currently have been preparing reports (and collecting
>>     roll up reports from the staff) based on when the board meetings
>>     are scheduled.  Is this what you (and everyone else is expecting)
>>     or would you like them on a more frequent/different schedule.
>>     Thanks,
>>     Sarah
>>     On Wed, May 7, 2014 at 8:54 AM, Josh Sokol <josh.sokol at owasp.org
>>     <mailto:josh.sokol at owasp.org>> wrote:
>>         Back in January, we went through and defined the Board
>>         Strategic Goals for 2014 including metrics of success and
>>         Board member sponsors.  Here we are now, in May (4 months
>>         later), and I haven't been engaged by our operations team on
>>         my sponsored goal (Strengthening OWASP Chapters), nor have I
>>         heard an update from our Executive Director on progress that
>>         our staff is making towards these goals.  Rather than finding
>>         out what we did after the year is up, I would personally like
>>         to see a progress report for each of the strategic goals as
>>         part of our quarterly Board meetings.  I believe that
>>         updating the Board should be the responsibility of our
>>         Executive Director, but it is the Board's responsibility to
>>         ensure that our staff is in alignment (and progressing
>>         towards) these goals and a quarterly touch point would likely
>>         help in doing so.  I'd be interested in your thoughts on this.
>>         ~josh
>>         _______________________________________________
>>         Owasp-board mailing list
>>         Owasp-board at lists.owasp.org <mailto:Owasp-board at lists.owasp.org>
>>         https://lists.owasp.org/mailman/listinfo/owasp-board
>>     -- 
>>     Executive Director
>>     OWASP Foundation
>>     sarah.baso at owasp.org <mailto:sarah.baso at owasp.org>
>>     +1.312.869.2779 <tel:%2B1.312.869.2779>
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org <mailto:Owasp-board at lists.owasp.org>
>> https://lists.owasp.org/mailman/listinfo/owasp-board
> WARNING: E-mail transmission cannot be guaranteed to be secure or
> error-free as information could be intercepted, corrupted, lost,
> destroyed, arrive late or incomplete, or contain viruses. The sender
> therefore does not accept liability for any errors or omissions in the
> contents of this message, which arise as a result of e-mail
> transmission. No employee or agent is authorized to conclude any
> binding agreement on behalf of proactiveRISK with another party by email.
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140509/42ee3e7c/attachment.html>

More information about the Owasp-board mailing list