[Owasp-board] How to define active leader?

Josh Sokol josh.sokol at owasp.org
Fri Oct 16 19:52:57 UTC 2015


Personally, I feel like Noreen, Claudia, and Johanna are far more
appropriate people to define what is an "Active Leader" than any of us as
they have attempted to communicate with pretty much every Leader on that
list.  I am inclined to trust their judgement and guidance and allow them
to write up the respective definitions of "Active Leader" for the
handbooks.  Perhaps put that definition out for community comment before
becoming official, but I like what Noreen and Johanna have said thus far
and see no reason to question it.

~josh

On Thu, Oct 15, 2015 at 7:16 AM, Noreen Whysel <noreen.whysel at owasp.org>
wrote:

> I have given my suggestions. When you have agreed on a final definition I
> will incorporate it into the Chapter Leader Handbook.
>
> It is also important to consider Claudia and Johanna's definition of an
> active project and active project leader. I presume it is similar, ie,
> meets minimum requirements/responsive, but not sure if different levels of
> projects would have different requirements.
>
> Noreen Whysel
> Community Manager
> OWASP Foundation
>
> On Oct 15, 2015, at 3:19 AM, Fabio Cerullo <fcerullo at owasp.org> wrote:
>
> I think we need to come up with a definition of active leader soon now
> that several proposals approved yesterday have that requirement. Any ideas
> are welcome.
>
> Fabio
>
> Sent from my iPhone
>
> On 15 Oct 2015, at 6:25 a.m., Jim Manico <jim.manico at owasp.org> wrote:
>
> I agree with Noreen here. We are fortunate to have folks lead chapters
> around the world. I think forcing paid or other official membership to be
> an "active leader" would do (a lot) more harm then good.
>
> --
> Jim Manico
> Global Board Member
> OWASP Foundation
> https://www.owasp.org
> Join me in Rome for AppSecEU 2016!
>
> On Oct 15, 2015, at 3:08 AM, Noreen Whysel <noreen.whysel at owasp.org>
> wrote:
>
> Currently leaders are not required to be paid members. Honorary membership
> is conferred to active participants, often leaders.
>
> That said I see nothing in the Chapter Leader Handbook section on
> Governance that addresses leaders and OWASP membership. Three are
> references to "chapter members" and "founding memes" but in context this
> seems to only refer to local participants, not paid OWASP members.
>
> If we made this a requirement, we would lose dozens if not scores of
> chapters, particularly in non US/Europe chapters. Requirement can be a
> barrier to starting a chapter in certain areas. But I have heard voices on
> both sides of this issue, but notably in large U.S. Based chapter areas.
>
> Noreen Whysel
> Community Manager
> OWASP Foundation
>
> On Oct 14, 2015, at 7:33 PM, Fabio Cerullo <fcerullo at owasp.org> wrote:
>
> In terms of defining an 'active leader' would it make sense to have the
> following requirements:
>
> - must be responsive to inquiries.
> - must be an owasp paid/honorary member.
>
> Please let me know your thoughts.
>
> Thanks
>
> Fabio
>
> Sent from my iPhone
>
> On 12 Oct 2015, at 2:43 p.m., Josh Sokol <josh.sokol at owasp.org> wrote:
>
> In my opinion, the second leader requirement comes in more when it comes
> to requesting expense reimbursement.  Specifically, it creates the ability
> for a chapter or project to have dual-signoffs on expenses.  If you say you
> have a second leader, but they aren't available to approve expenses, then
> you're really only screwing yourself.
>
> ~josh
>
> On Mon, Oct 12, 2015 at 8:27 AM, Noreen Whysel <noreen.whysel at owasp.org>
> wrote:
>
>> I believe I already addressed most of this in my previous comments.
>> Summary:
>>
>> Neither active chapter nor active leader is explicitly defined in the
>> handbook.
>>
>> In practice, I use these definitions:
>> Active chapter: must meet or exceed current minimum chapter requirements
>> Active leader: must be responsive to inquiries.
>>
>> Leader activity is much harder to measure where there is more than one.
>> All we really see at the Foundation level is who is making edits to the
>> wiki page and who is active on the leader list. We have no way to know that
>> a leader is active because they are the one reaching out to potential
>> speakers, arranging catering, interacting with academic leaders. So in
>> those chapters with multiple leaders it really comes down to trust and the
>> opinion of their peers, if necessary (as in getting a second leader to
>> approve an expense, for example).
>>
>> Regarding requiring more than one leader to receive community engagement
>> funding. An example is Manila. John Patrick Lita has done a lot of good,
>> measurable work on his own introducing the concept of application security
>> throughout the country. He was hesitant to add second leaders when
>> volunteers came forward because he felt they did not understand the OWASP
>> mission and AppSec well enough to represent OWASP at that level. As he
>> introduced the concepts, he found people who he felt would make good
>> leaders and added one to Manila and supported the creation of a second
>> chapter in Viscayas.
>>
>> This seems to be the case in other small markets, even in the U.S. A
>> leader wants to introduce AppSec concepts and gain a comfort level before
>> expanding the team. Some small seed money helps these chapters over the
>> hurdle of introducing OWASP to a community.
>>
>> All that said, to be honest I am on the fence about whether or not to
>> require a second leader or deputy and am ok with the board coming to a
>> determination on that. Just noting that beyond the responsiveness of the
>> main contact on a chapter record and watching for wiki page updates, it is
>> hard to evaluate leader activity.
>>
>> Noreen Whysel
>> Community Manager
>> OWASP Foundation
>>
>> On Oct 11, 2015, at 10:40 PM, Paul Ritchie <paul.ritchie at owasp.org>
>> wrote:
>>
>> Hi All:
>>
>> Re: The question about the OWASP Chapter Handbook and* 'where' it
>> defines the need for # of Leaders* and an 'Active' Chapter.
>>
>> In the Handbook under Chapter Governance, Chapter 5, it only requires 1
>> Leader at this time....although more leaders are strongly recommended and
>> the hand book encourages more.
>> *Chapter Leader (or Coordinator): The only governance requirement for
>> every chapter is to nominate a Chapter Leader, who is the central point of
>> contact for the chapter and responsible to the OWASP Board. In case of
>> dispute over the leader role, we suggest rotation over the 24 month term,
>> if there are multiple candidates and no rotation agreement, elections
>> should be held for a 24 months term*
>>
>> *What Defines an Action Chapter.*
>> Currently in Chapter 2 of the Handbook, 'Mandatory Chapter Rules', any
>> chapter holding a minimum of 2 chapter meetings a year is defined as an
>> 'Active' Chapter.
>>
>> *Must a Chapter Leader be a Paid Member or Honorary Member?*   Unless I
>> missed it...I do not see a requirement that a Chapter Leader 'must' have a
>> paid membership.
>> @ Noreen can you confirm this and if you have additional comments, please
>> add them.
>>
>> Finally...*.on the issue of these Proposals requiring 2 Active Leaders*.
>> I agree with this criteria, and although "current" rules do not require 2
>> Active Leaders.....the 'new proposal' to add 'Seed Money' to some under
>> funded chapters is consistent with providing 2 "leader / managers" to help
>> run the chapter, recruit more members and wisely utilize OWASP budget
>> monies.
>> At the Operations Level, we would confirm that a 2nd Chapter leader was
>> identified and participating before "posting' the $500 to the Chapter
>> budget.
>>
>> My thoughts on the proposal strategy as well as the implementation.
>>
>> regards, paul
>>
>>
>>
>>
>> Best Regards, Paul Ritchie
>> OWASP Executive Director
>> paul.ritchie at owasp.org
>>
>>
>> On Sat, Oct 10, 2015 at 5:32 AM, Fabio Cerullo <fcerullo at owasp.org>
>> wrote:
>>
>>> Hi
>>>
>>> Is there a place in the chapter leader handbook,etc where we define what
>>> is an active leader?
>>>
>>> Plenty of the proposals that are being submitted for approval require “2
>>> active leaders” to request funding, etc.
>>>
>>> I think it should be clearly defined somewhere… e.g. is it being a paid
>>> member being active? what is the criteria?
>>>
>>> Also, who is going to review/approve whether a particular
>>> chapter/project has 2 active leaders?
>>>
>>> Thanks,
>>>
>>> Fabio Cerullo
>>> Global Board Member
>>> OWASP Foundation
>>> https://www.owasp.org
>>>
>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>>
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20151016/21eee8a8/attachment-0001.html>


More information about the Owasp-board mailing list