[Owasp-board] Budget for FY17

johanna curiel curiel johanna.curiel at owasp.org
Wed Sep 7 17:30:24 UTC 2016


>>Andrew do you support allowing Chapters to spin off and create their own
501(c)3 Non-Profits and then this is removed from the P&L of the OWASP
Foundation running their own chapters with a master governance/policy?

Agree with Tom, ISACA does the same for chapters around the world and it
turns out to be a great way to manage it

On Wed, Sep 7, 2016 at 12:59 PM, Tom Brennan - OWASP <tomb at owasp.org> wrote:

> Also like the pie idea with some questions..
>
> Andrew do you support allowing Chapters to spin off and create their own
> 501(c)3 Non-Profits and then this is removed from the P&L of the OWASP
> Foundation running their own chapters with a master governance/policy?
>
> Many associations with chapters do this exact model  ISC2 ISSA ISACA
> etc..etc..
>
> Example;
> https://www.isc2.org/uploadedfiles/(isc)2_member_content/chapters/(isc)2-
> chapter-guidelines.pdf
>
> I just want to understand your thinking here -- item for discussion
> certainly that email can't capture but I don't think you want to split the
> organization from (3) legal entities (USA, EU, Norway
> https://www.owasp.org/index.php/About_The_Open_Web_
> Application_Security_Project#Other_Financial_Documents)  to several
> hundred is that correct?
>
>
>
>
> On Wed, Sep 7, 2016 at 12:32 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
> > Andrew,
> >
> > If I am understanding correctly, you are suggesting that we should
> allocate
> > $0 to Chapter funding.  While I understand that there are chapters that
> have
> > money in their accounts, there are many chapters who do not.  The funding
> > bucket that you are looking to eliminate is what enables new chapters to
> get
> > started, previous chapters to get restarted, and chapters with no money
> in
> > their accounts to do things.  Chapters are a huge part of OWASP's
> outreach
> > mission and should be tied to it.  We can certainly discuss "how much",
> but
> > I'm not comfortable shafting 100+ chapters based on the fact that some
> > chapters have money.  I was with you on the budget approach until this
> was
> > proposed.
> >
> > ~josh
> >
> > On Tue, Sep 6, 2016 at 1:06 AM, Andrew van der Stock <vanderaj at owasp.org
> >
> > wrote:
> >>
> >> Hi all,
> >>
> >> I want to start the process for the FY17 budget now, so that we have an
> >> entire quarter to get it right and approved in concert with the new
> incoming
> >> Board members in December, so we can hit the ground running in 2017.
> >>
> >> This year, the biggest change I need us to make is a pie based budget
> >> instead of just adjusting last year's numbers, as last year's numbers
> >> reflect the strategic goals of 2013, not what we want to do.
> >>
> >> I propose two pies, for 501 (c) 3 reasons:
> >>
> >> Administrative pie, capped at 10% of our total budget
> >> Mission pie, capped at 90% of our total budget
> >>
> >> This means that it becomes possible for us to show that we are spending
> a
> >> goodly amount of our budget on mission, and capping administrative back
> >> office costs at 10% of our overall budget. This will require staff who
> are
> >> currently paid from general revenue to be allocated within the budget
> to a
> >> specific strategic goal, with truly only OWASP Foundation core staff
> (Kate
> >> and Alison, primarily) paid from the administrative budget.
> >>
> >> We as a Board need to make decisions around the makeup of the mission
> pie:
> >>
> >> Education
> >> Outreach
> >> Conferences
> >> Projects
> >> Website redesign
> >>
> >>
> >> I personally think that the above strategic goals should each get 22.5%
> >> each of the pie, with 10% of the remaining budget for the website
> redesign.
> >> Conferences, being a profitable area for us should look to increase the
> >> number of global events to four in 2017, and increase the number of
> regional
> >> events. If anything, giving conferences a budget is more like a float
> rather
> >> than a spending requirement, as they return funds to the organisation,
> which
> >> I also hope training will do one day, too.
> >>
> >> So how big is this pie? We need to make a budget that stretches us to
> make
> >> $3m in FY17, which means we need to look at all sources of income, and
> what
> >> we need to do to make that a reality. Our revenue in 2015 was
> $2,478,184. If
> >> we say we can do $2.7m this year (possible, depends on AppSec USA
> >> profitability), $3m is within our grasp. So 10% is $300,000
> administrative
> >> costs, and then $610k each for education, outreach, conferences,
> projects,
> >> and up to $270k for the website. That is with no contingency, and
> assumes
> >> AppSec USA is at least 10% more profitable than last year's.
> >>
> >> Income measures will require a properly planned membership drive,
> >> particularly in desired outreach groups (developers), a proper marketing
> >> campaign to encourage donations and sponsorships, and I think we should
> >> invest in a grant writer to get funds for projects, and use some of the
> >> project funds to do a grant linked work program. We should also be
> looking
> >> at using our contacts as a Board to develop relations with other large
> >> organisations, to properly fund us as we look to grow to $5m per year
> in a
> >> few years.
> >>
> >> Chapters have many existing sources of income, and they continue to do
> >> well without additional funds being allocated to them, so I propose that
> >> none of the mission pie is redirected to chapters as they have more
> than 75%
> >> of the available funds already. In fact, the spending pie above does not
> >> take into account the fact that chapters will be getting funds before
> anyone
> >> else.
> >>
> >> So I *would* like us to enforce our already approved vote to force
> >> chapters with large balances to come up with plans to spend the cash,
> or to
> >> sweep it back into general revenue, so we can use those unused funds to
> grow
> >> the organisation in meaningful ways. This affects a tiny fraction of all
> >> chapters. Denver is already taking measures to spend their funds on a
> local
> >> lab.
> >>
> >> So for those of you on the Board who are the champions of a particular
> >> strategic goal, I'd like you to come up with a plan of action for 2017,
> with
> >> associated costs. Let's put it into the budget, and get it done.
> >>
> >> thanks,
> >> Andrew
> >>
> >>
> >>
> >> _______________________________________________
> >> Owasp-board mailing list
> >> Owasp-board at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-board
> >>
> >
> >
> > _______________________________________________
> > Owasp-board mailing list
> > Owasp-board at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-board
> >
>
> The information contained in this message and any attachments may be
> privileged, confidential, proprietary or otherwise protected from
> disclosure. If you, the reader of this message, are not the intended
> recipient, you are hereby notified that any dissemination, distribution,
> copying or use of this message and any attachment is strictly prohibited.
> If you have received this message in error, please notify the sender
> immediately by replying to the message, permanently delete it from your
> computer and destroy any printout.
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>


-- 
Johanna Curiel
OWASP Volunteer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20160907/b30546da/attachment.html>


More information about the Owasp-board mailing list