[Owasp-board] Request - Survey - Implementation process on higher decisions

johanna curiel curiel johanna.curiel at owasp.org
Mon Aug 17 13:11:53 UTC 2015

Members of the board,

With the recent issue regarding David Rook, and my latest experience with
red-tape, I'm proposing the following.

My goals is to call your attention to these issues which I have been
observing for a years and not as a critique to your work, but I think if
you do not pay attention to these issues and DO something about them, OWASP
will loose valuable community participation.

   - When an initiative is proposed or launched by a member of the board,
   this should be followed up by a survey where the community can vote.Wether
   is a rule or money, these decisions should be taken based on collected data
   and proper substantiation to avoid oligarchy
   - When an initiative is launched by a member of the community,
   especially when this initiative cost more than 10k, it should be
   substantiated with data how this initiative will benefit the community.
   Also should be followed by a survey
   - Staff should help creating the survey and analyse the votes
   - *In other words: do more survey to find out what the community needs
   and wants.*

My observations and where I think you need to give more attention:

   - Board/Executive director should work closer with the staff for
   guidance and empowering their role. I have the feeling that the staff is
   paralysed waiting for instructions or following strict rules. The staff
   should be motivated to take initiative and implement projects on their own
   that can help the community. They should not be too dependent on an
   Executive director or member of the board for this part

As I see it ,OWASP is known for his Projects & Chapter leaders which as
volunteers have contributed the most to set OWASP on the spotlight.

   - You should determine and implement better ways  to provide better
   funding schemas for projects . This is something a volunteer cannot do. And
   *nothing* has been done to help  solve this issue
   - There is an unfair inequality in the way chapters can generate funds
   vs Projects.
   - Money is locked down in the chapters budget
   - Chapters outside US & EU have more struggles to find support. You
   should consider a way to support better these ones since their countries
   are not developed in the area of security as countries in EU and US.
   - Follow up: when issues like David Rook or a volunteer rants(like me or
   others ) out of frustation, take action. Put it in the agenda and try to
   solve and discuss the issues to improve the actual problems. So far I have
   seen very little follow up on major issues and discussions raised in the
   mailing lists
   - Way to much attention to rules, *events* and bylaws etc. Time to take
   action and take decisions and propose plans for improvements of the actual
   situation above mentioned

Being that said, and with all due respect to you, I hope that you can take
actions and *execute* improvements that have been an issue since I joined
OWASP 3 years ago.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150817/45d175d1/attachment.html>

More information about the Owasp-board mailing list