[Owasp-board] Proposal: Eliminate Restriction on Account Balance for Community Engagement Funding

psiinon psiinon at gmail.com
Thu Apr 30 06:48:05 UTC 2015

Just a quick email (as I'm on holiday) to address the point about ZAP funds.
I'm know that we have been relatively successful in raising funds for ZAP,
and that we havnt made much use of them up to now.
Until recently we were focusing very much on the 2.4.0 release.
Now thats out I plan to start spending some of the money we've raised so
My current plan (to be ok's by all relevant parties) is to fund:

   - a contractor to implement a significant core feature
   - expenses for core contributors (other than myself) to attend the ZAP
   summit at AppSec EU

I think its very reasonable to ask projects to contribute to any SoC
students working on those projects, and will be very happy to use some of
the remaining ZAP funds for this purpose :)



On Wed, Apr 29, 2015 at 11:00 PM, Josh Sokol <josh.sokol at owasp.org> wrote:

> Paul,
> The projects have over $37,804 total in their accounts with almost 25% of
> that belonging to ZAP; who will likely be the biggest user of these funds
> based on what I've heard so far regarding interest.  Frankly, ZAP has more
> money than all but 8 of our chapters.  I've got nothing against ZAP.  What
> I am against is the hypocrisy from many Board members over the years saying
> that we should be concerned about "ring fenced" funds, but then they fail
> to stand up for this ideal when it really actually could have made not only
> a statement, but also an impact.  So, I'd ask you Paul, given the vote that
> took place today, why shouldn't every chapter and every project have the
> ability to petition for funds from the community funding budget just as
> this Summer of Code initiative has done?  I'm not saying that every request
> has to be granted, just that they should be considered in the same manner
> that SoC was given, with no restrictions placed simply because they have
> money in their account.  And I leave it in your teams hands to make the
> decision as to which initiatives have the most merit for those funds.  This
> SoC thing has opened my eyes to a whole new perspective on how positive it
> can be to consider all proposals, regardless of who is receiving the money.
> ~josh
> On Wed, Apr 29, 2015 at 4:32 PM, Paul Ritchie <paul.ritchie at owasp.org>
> wrote:
>> All - I appreciate the differing viewpoints on this, however I cannot
>> agree with removing the limiting language for the Community Engagement
>> funds.
>> The limiting language is an OWASP policy statement and its purpose is to
>> 'encourage' and require that Chapters & projects use their local budgets
>> first.
>> Recall, the Chapters now have over $500,000 in their budgets.  It is
>> growing, which means the Chapters are spending less then they are gaining
>> every year.
>> The Foundation has only about $60,000 annually, or 12% of that amount, in
>> its Community Engagement fund which must be used across all Chapters.
>> Factoid - 178 out of 222 Chapters have less than $2,000 in their local
>> budget.
>> So, net net, today's decision to invest $12,000 of Foundation funds in a
>> 'Summer of Code' program may have been an 'exception' to normal policy.
>> However, I do not think it was intended to change our original policy that
>> .....'Chapter and Project budgets must be used first'.
>> Paul
>> Best Regards, Paul Ritchie
>> OWASP Interim Executive Director
>> paul.ritchie at owasp.org
>> On Wed, Apr 29, 2015 at 1:39 PM, Jim Manico <jim.manico at owasp.org> wrote:
>>>  +1   Well said, Josh.
>>> - Jim
>>> On 4/29/15 10:36 AM, Josh Sokol wrote:
>>>  Board,
>>>  In light of today's decision to move forward with the proposal for the
>>> OWASP Summer of Code providing access to $12,000 in funds for all projects
>>> regardless of their account balance, I would like to propose a change to
>>> our Community Engagement Funding policy along these lines as well:
>>> https://www.owasp.org/index.php/Funding
>>>  Specifically, I see no reason why if account balance is not a factor
>>> taken into consideration for determining who receives funds for the Summer
>>> of Code, we should consider it as a factor for any Community Engagement
>>> project of value.  Therefore, I propose that we eliminate any such limiting
>>> language from the Community Engagement Funding page and simply leave the
>>> decision up to our Operations Team to determine whether the funding is
>>> available and provides enough merit in order to be funded.  This would be
>>> removing/modifying the following two bullet points from that page:
>>>    - Primary funding would be deducted from the local chapter budget
>>>    (if the activity is supporting the local chapter).
>>>       - Should be removed completely.
>>>        - A chapter without sufficient funds (or initiative not tied to
>>>    the chapter) may request funding from the foundation "Community Engagement"
>>>    fund. These funds are available on a first come-first serve basis.
>>>       - The first sentence needs to be removed.  Keep the second
>>>       sentence.
>>> Just as Fabio had concerns about projects not wanting to spend their
>>> money on this because they had other things in their sights, our chapters
>>> have these same concerns.  We should be encouraging all OWASP participants
>>> to innovate and use the allotted Foundation funds to do so without tying
>>> them down to any sort of account balances.  This has the added benefit of
>>> ensuring that these community funds are used up each year and do not go
>>> unspent (as I believe they have been underutilized in the past).
>>> Sincerely,
>>> Josh Sokol
>>> _______________________________________________
>>> Owasp-board mailing listOwasp-board at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-board
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board

OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150430/bc1670d5/attachment.html>

More information about the Owasp-board mailing list