[Owasp-board] PROPOSAL: Solicit Feedback on Roles in OWASP Foundation Decision Making Process
josh.sokol at owasp.org
Fri May 9 15:58:29 UTC 2014
I'm ok with this approach, but I think it opens that team up to far more
criticism from the community over just opening it up to a community vote to
begin with. I won't be able to make the bulk of the AppSecEU meeting since
it will run from something like 2 AM to 10 AM my time, but if someone else
(yourself?) would like to lead this exercise, then I'm all for it. I will
do my best to join the meeting around 7 AM my time through close.
On Fri, May 9, 2014 at 10:38 AM, Tobias <tobias.gondrom at owasp.org> wrote:
> Hi Josh,
> I know the model and it can indeed help clear things up on who does what.
> Unfortunately sometimes it's not always that clear. ;-)
> But I agree, I would be a good exercise for one hour to go through some of
> our activities with this process and sort out which part of RAPID they
> should do.
> However, IMHO, I would recommend to do this first in a small team and when
> we have a proposal then ask the community for feedback on whether people
> agree or see this differently. Otherwise there will be too many unclear
> questions and parameters.
> Maybe an exercise for an hour during our open board meeting in Cambridge
> next month?
> All the best, Tobias
> On 07/05/14 15:29, Josh Sokol wrote:
> Lately, we've seen a number of different issues relating to things like
> empowerment (or lack thereof), confusion over roles, etc. We've received
> feedback from a number of different individuals as to what they believe
> should be the case, but I don't want this to be a case where the loudest
> person is the one who wins. Thus, I would like to propose that we survey
> the OWASP community for feedback as to what roles we want the various OWASP
> stakeholders to play in our decision-making process.
> In my management training at National Instruments, they coached us on a
> model that I think could be very useful to hash this out. The model is
> called "RAPID" and this site has a great description of what it means:
> To summarize, there are 5 roles in the decision making process:
> 1. Recommend
> 2. Approve
> 3. Perform
> 4. Input
> 5. Decide
> What I'd like to do is inquire with the community in each area of OWASP,
> what they feel should be the role of the Board, the ED, the staff, the
> leaders, the community at large, and maybe even vendors. We can apply this
> methodology to just about any area of the OWASP Foundation. Things like
> Chapter Leadership, Project Management, Governance, Conferences, Bylaws,
> etc. So, for example:
>> In regards to making amendments to the OWASP Foundation Bylaws, what do
>> you believe should be the roles of the following:
>> OWASP Board
>> OWASP Executive Director
>> OWASP Staff
>> OWASP Leaders
>> OWASP Global Community
>> OWASP Sponsors
>> The Global Community
> I would hope that, if done right, the result of this type of survey would
> be a pretty clear consensus as to what roles our various stakeholders play
> in each process. No more guess-work. I'm curious as to how others would
> feel about adopting this model?
> Owasp-board mailing listOwasp-board at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-board