[Owasp-board] [Owasp-leaders] Fwd: [owasp accounting] SAMM project funds status

Claudia Casanovas claudia.aviles-casanovas at owasp.org
Mon Oct 9 19:02:51 UTC 2017


All,

I would like to clarify that the budget plan requirement applies only to
Chapters not Projects.  There has never been a requirement for Projects to
submit a budget plan in the past or at this time.

I hope this clears up any confusion.



On Mon, Oct 9, 2017 at 7:59 AM, psiinon <psiinon at gmail.com> wrote:

> I think this is one that should remain on both.
>
> We had problems with the ZAP funds last year too.
> I received an email saying that our funds were going to be taken away as
> we hadnt submitted a budget. As with SAMM we hadnt been aware that this was
> a requirement.
> Not surprisingly I complained and got into discussions with various people.
> In the end I asked for some advice and guidance on submitting a budget.
> I received no response and that seems to have been the end of it - no more
> demands but no assistance and we kept our funds.
>
> I can see why budgets would be a good thing, but I'm very unhappy about
> the process that has been followed.
> OWASP should be supporting projects not trying to take money off them
> (except as a last resort for inactive projects).
>
> Managing a project budget is actually quite tricky, especially with the
> lack of visibility we get and how infrequently the relevant pages get
> updated.
> I appreciate that OWASP is somewhat short staffed at the moment.
> I'd have thought that would be all the more reason to work with projects
> rather than getting into disputes with them :)
>
> Cheers,
>
> Simon
>
>
> On Mon, Oct 9, 2017 at 12:42 PM, Frank Catucci <frank.catucci at owasp.org>
> wrote:
>
>> Should it not remain on both?
>>
>> On Oct 9, 2017, at 1:13 AM, Seba <seba at owasp.org> wrote:
>>
>> Hi Eoin,
>>
>> Well, I did not post this on the leaders list.
>> I will reply only to the board mailing list for peeps that are interested
>> :-)
>>
>> Regards
>>
>> Seba
>>
>> On Sun, 8 Oct 2017 at 22:36, Eoin Keary <eoin.keary at owasp.org> wrote:
>>
>>> And here's me thinking owasp mail lists were a forum for solving the
>>> problem of software insecurity :)
>>>
>>> -what do I know.....
>>>
>>>
>>> @eoinkeary
>>> OWASP since 2004!!
>>>
>>> On 8 Oct 2017, at 09:26, Seba <seba at owasp.org> wrote:
>>>
>>> Hi Andrew,
>>>
>>> I am pretty sure that an email to accounting would have resulted in a
>>> forward to you and Matt how to handle this?
>>>
>>> You cannot expect from the project/chapter leaders to know about all the
>>> boards decisions.
>>>
>>> Looking at what was decided:
>>> Motion: P10 - Accounts with a balance of $5,000 or more as of December
>>> 1, with no proposed budget for spending their funds, *will be contacted
>>> by the OWASP staff directly to review their account balance*.
>>> *We were not contacted by the OWASP staff. And were not aware of having
>>> to submit a budget.*
>>> Furthermore when looking at:
>>> Motion: P7 - The OWASP Foundation *Staff will be responsible for
>>> notifying all chapters and projects of their available account balance on
>>> at least a monthly basis*. The notification should also include a
>>> reference to where they can go to find the list of pre-approved expenses.
>>> *We have not seen this, it was only because we requested a detailed
>>> balance last September that we got insight in the removed money from our
>>> available budget.*
>>>
>>> When I look at the board meeting minutes of Oct-2015, I do not see a
>>> detailed proposal or rationale on these motions.
>>> https://docs.google.com/document/d/1iun7xfeJI9vU0rEbIoix46ge
>>> 1h_kQ_3WqeAG8e2ctPs/edit
>>> (I am not going to listen to a complete recording for this).
>>>
>>> I can only assume this was initiated for inactive chapter/projects
>>> (where you should just recoup all their budget).
>>> The SAMM project is active and we put a lot of time/resources in
>>> generating income for the project and the foundation.
>>> Part of the income was generated by giving SAMM training at appsec
>>> conferences, where 60% of the revenue was directly for the foundation and
>>> 40% was allocated to the SAMM project.
>>> Recouping our budget - which we need to further develop SAMMv2 and
>>> organize/support SAMM and community summits - makes me feel that our
>>> volunteer efforts are underappreciated.
>>>
>>> I can understand that you want to activate the budget at the
>>> chapter/projects - but you cannot do this "by policy" without an active
>>> communication and involvement of the staff and the volunteers.
>>>
>>> So I come back to our original question: *Please refund the 3677.22 USD
>>> to the OWASP SAMM project ?*
>>>
>>> I also suggest to contact all the chapters/project leaders individually
>>> for budgeting 2018, as I have not seen this either...
>>> Secondly: instead of making budget available to projects/chapters we
>>> should teach them how to raise income through sponsorship, training,
>>> events, books, ...
>>>
>>> Kind regards
>>>
>>> Seba
>>>
>>> On Sat, Oct 7, 2017 at 10:36 PM Andrew van der Stock <vanderaj at owasp.org>
>>> wrote:
>>>
>>>> Hi Seba and Brian
>>>>
>>>> I'm sorry, I've been onsite doing crazy flying hours. As Tom Brennan
>>>> notes, I am not operational. If you need to get something like this looked
>>>> at, you need to mail accounting at owasp.org which goes to a group alias
>>>> that our finance team can process. The process as agreed by the Board in
>>>> 2015 was that projects and chapters who did not submit a budget OR were
>>>> inactive had a reduction to a $5k balance. You did not submit a budget.
>>>> There's no question OpenSAMM was active, but the OR part is that you didn't
>>>> submit a budget. This will be happening again soon.
>>>>
>>>> Here's the extract of your transactions. With your $10k donation to the
>>>> Developer Summit, your forthcoming travel of $1739 to the OpenSAMM summit
>>>> in November and the $3677.22 reduction to $5k in December last year, the
>>>> balance is currently $0 across both the EU and US chapter balances.
>>>>
>>>> What do you need and how can we move this forward? We have Community
>>>> Engagement funds, and if you've not used it yet in 2017, you have $2k
>>>> available under that program. I'm happy to approve that right now if that's
>>>> what you need.
>>>>
>>>> thanks,
>>>> Andrew
>>>>
>>>>
>>>>
>>>> On Sat, Oct 7, 2017 at 8:40 AM, Tom Brennan <tomb at owasp.org> wrote:
>>>>
>>>>> Agreed and as you know we are ALL volunteers and the only way to
>>>>> address when managing to policy and resources have been exhausted.
>>>>>
>>>>> Thanks Seba.
>>>>>
>>>>> Tom Brennan
>>>>> 973-202-0122 <(973)%20202-0122>
>>>>>
>>>>> On Oct 7, 2017, at 10:46 AM, Seba <seba at owasp.org> wrote:
>>>>>
>>>>> hi,
>>>>>
>>>>> I have added this to the board agenda - https://www.owasp.org/index.
>>>>> php/October_11,_2017
>>>>> I will not be able to attend as this is the middle of the night in
>>>>> Europe.
>>>>> Maybe Brian can?
>>>>>
>>>>> I raised this immediately to Andrew & staff when we got the detailed
>>>>> overview of income/expenses for the project.
>>>>> not getting any response and now having to add this to the board
>>>>> agenda does not seem very efficient use of time of the involved volunteers.
>>>>>
>>>>> regards
>>>>>
>>>>> Seba
>>>>>
>>>>>
>>>>> On Sat, Oct 7, 2017 at 3:41 PM Tom Brennan <tomb at owasp.org> wrote:
>>>>>
>>>>>> Thank you for the insight Brian. Operationally,  Projects are managed
>>>>>> by Matt T and Claudia it appears that those options have been exhausted.
>>>>>>
>>>>>> Since on the surface the issue that needs additional clarity and was
>>>>>> not able to be resolved by staff to satisfaction managing to currently
>>>>>> written policy as a guideline then as the Secretary I would recommend to
>>>>>> all members as I always do, 1) in advance (preferred 10 days) add new
>>>>>> business item to the board wiki agenda https://www.owasp.org/i
>>>>>> ndex.php/Board 2) Have a representative attend the board meeting 3)
>>>>>> the OpenSAMM project leader(a) to speak (when new business is called for a
>>>>>> block of time) to this item on the upcoming monthly global board agenda
>>>>>> resulting in a motion and a vote of its elected leaders to resolve it (that
>>>>>> is the appeal)
>>>>>>
>>>>>> Since we operate in a decentralized community meeting monthly for the
>>>>>> purpose of official OWASP business the member shall simply edit and add as
>>>>>> new business a item to be raised otherwise it will never be officially
>>>>>> reviewed and voted on by the elected leadership to be resolved by a
>>>>>> majority vote.  There is no ivory tower that is how and the purpose of a
>>>>>> elected board of directors when operational issues need additional focus
>>>>>> effecting members.
>>>>>>
>>>>>> This democratic process using Roberts rules is super important to
>>>>>> understand especially as we move to a election cycle that starts on October
>>>>>> 9th people have to VOTE with what they want OWASP to be in the future
>>>>>> https://www.owasp.org/index.php/2017_Global_Board_of_Directo
>>>>>> rs_Election it is also a great opportunity for incoming board
>>>>>> candidates to be part of the discussion.
>>>>>>
>>>>>> Tom Brennan
>>>>>> 973-202-0122 <(973)%20202-0122>
>>>>>>
>>>>>> On Oct 7, 2017, at 8:15 AM, Brian Glas <brian.glas at gmail.com> wrote:
>>>>>>
>>>>>> Tom,
>>>>>> This isn't related to the summit or a traditional reimbursement.
>>>>>>
>>>>>> The original request was related to a withdrawal of funds from our
>>>>>> budget that we very much disagreed with.
>>>>>>
>>>>>> "*We cannot agree to line 65* "Recouping funds from projects that
>>>>>> are either inactive, or did not submit a budget for 2017"
>>>>>>
>>>>>> 1) OWASP SAMM is one of the most active flagship projects for the
>>>>>> last couple of years, we even had a project summit during the last 3 years
>>>>>> (hence the income)
>>>>>> 2) None of the SAMM project leaders did get a request to submit a
>>>>>> budget for 2017. If we would have received that we should surely have
>>>>>> provided one.
>>>>>>
>>>>>> *Please refund the 3677.22 USD to the OWASP SAMM project ?*
>>>>>> We need this to cover our project team summit expenses in November."
>>>>>>
>>>>>> I'm not clear on what the dispute process is for something like this,
>>>>>> so if you can point us to that, it would be much appreciated.
>>>>>>
>>>>>> Thanks,
>>>>>> Brian
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Sat, Oct 7, 2017 at 7:39 AM, Tom Brennan <tomb at owasp.org> wrote:
>>>>>>
>>>>>>> If the project team had the funding and they submit a reimbursement
>>>>>>> Andrew should not be in the middle when managing to the existing
>>>>>>> reimbursement policy in the current project handbook. He’s not operational
>>>>>>> and appointed to the treasurer role to keep the global budget in check not
>>>>>>> individual transactions.
>>>>>>>
>>>>>>> Oct 11 this can be noted as old business re Summit to get it
>>>>>>> resolved if needed Seba. Please have a representative join the public
>>>>>>> meeting to speak to it https://www.owasp.org/index.php/Board
>>>>>>>
>>>>>>> Tom Brennan
>>>>>>> 973-202-0122 <(973)%20202-0122>
>>>>>>>
>>>>>>> On Oct 7, 2017, at 2:18 AM, Seba <seba at owasp.org> wrote:
>>>>>>>
>>>>>>> hi,
>>>>>>>
>>>>>>> As I am not getting a response from Andrew: I am escalating this to
>>>>>>> the board.
>>>>>>>
>>>>>>> *We cannot agree to line 65* "Recouping funds from projects that
>>>>>>> are either inactive, or did not submit a budget for 2017"
>>>>>>>
>>>>>>> 1) OWASP SAMM is one of the most active flagship projects for the
>>>>>>> last couple of years, we even had a project summit during the last 3 years
>>>>>>> (hence the income)
>>>>>>> 2) None of the SAMM project leaders did get a request to submit a
>>>>>>> budget for 2017. If we would have received that we should surely have
>>>>>>> provided one.
>>>>>>>
>>>>>>> *Please refund the 3677.22 USD to the OWASP SAMM project?*
>>>>>>>
>>>>>>> Thank you
>>>>>>>
>>>>>>> Kind regards
>>>>>>>
>>>>>>> Seba
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ---------- Forwarded message ---------
>>>>>>> From: Seba <seba at owasp.org>
>>>>>>> Date: Sun, Oct 1, 2017 at 6:34 PM
>>>>>>> Subject: Fwd: [owasp accounting] SAMM project funds status
>>>>>>> To: Andrew van der Stock <vanderaj at owasp.org>, Matt Tesauro <
>>>>>>> matt.tesauro at owasp.org>, Tom Pappas <tpappas at virtualmgmt.com>
>>>>>>> Cc: Bart De Win <bart.dewin at owasp.org>, Brian Glas <
>>>>>>> brian.glas at gmail.com>
>>>>>>>
>>>>>>>
>>>>>>> hi Andrew
>>>>>>>
>>>>>>> nudge, nudge ?? :-)
>>>>>>>
>>>>>>> Can you confirm you get this email?
>>>>>>>
>>>>>>> regards
>>>>>>>
>>>>>>> Seba
>>>>>>>
>>>>>>> ---------- Forwarded message ---------
>>>>>>> From: Seba <seba at owasp.org>
>>>>>>> Date: Sun, Sep 24, 2017 at 9:40 AM
>>>>>>> Subject: Fwd: [owasp accounting] SAMM project funds status
>>>>>>> To: Andrew van der Stock <vanderaj at owasp.org>, Matt Tesauro <
>>>>>>> matt.tesauro at owasp.org>, Tom Pappas <tpappas at virtualmgmt.com>
>>>>>>> Cc: Bart De Win <bart.dewin at owasp.org>, Brian Glas <
>>>>>>> brian.glas at gmail.com>
>>>>>>>
>>>>>>>
>>>>>>> Andrew,
>>>>>>>
>>>>>>> Can you confirm the refund of 3677.22 USD to the OWASP SAMM project ?
>>>>>>>
>>>>>>> Thank you
>>>>>>>
>>>>>>> Regards
>>>>>>>
>>>>>>> Seba
>>>>>>>
>>>>>>>
>>>>>>> ---------- Forwarded message ---------
>>>>>>> From: Seba <seba at owasp.org>
>>>>>>> Date: Mon, Sep 11, 2017 at 9:25 PM
>>>>>>> Subject: Fwd: [owasp accounting] SAMM project funds status
>>>>>>> To: Andrew van der Stock <vanderaj at owasp.org>, Matt Tesauro <
>>>>>>> matt.tesauro at owasp.org>, Tom Pappas <tpappas at virtualmgmt.com>
>>>>>>> Cc: Brian Glas <brian.glas at gmail.com>, Bart De Win <
>>>>>>> bart.dewin at owasp.org>
>>>>>>>
>>>>>>>
>>>>>>> Gents,
>>>>>>>
>>>>>>> *We cannot agree to line 65* "Recouping funds from projects that
>>>>>>> are either inactive, or did not submit a budget for 2017"
>>>>>>>
>>>>>>> 1) OWASP SAMM is one of the most active flagship projects for the
>>>>>>> last couple of years, we even had a project summit during the last 3 years
>>>>>>> (hence the income)
>>>>>>> 2) None of the SAMM project leaders did get a request to submit a
>>>>>>> budget for 2017. If we would have received that we should surely have
>>>>>>> provided one.
>>>>>>>
>>>>>>> *Please refund the 3677.22 USD to the OWASP SAMM project ?*
>>>>>>> We need this to cover our project team summit expenses in November.
>>>>>>>
>>>>>>> Thank you
>>>>>>>
>>>>>>> Kind regards
>>>>>>>
>>>>>>> Seba
>>>>>>>
>>>>>>> ---------- Forwarded message ---------
>>>>>>> From: Tom Pappas <tpappas at virtualmgmt.com>
>>>>>>> Date: Mon, Sep 11, 2017 at 1:14 AM
>>>>>>> Subject: RE: [owasp accounting] SAMM project funds status
>>>>>>> To: Seba <seba at owasp.org>, Andrew van der Stock (vanderaj at owasp.org)
>>>>>>> <vanderaj at owasp.org>
>>>>>>> Cc: Matt Tesauro (matt.tesauro at owasp.org) <matt.tesauro at owasp.org>
>>>>>>>
>>>>>>>
>>>>>>> Hello Seba,  here you go there are two tabs as Open SAMM has both a
>>>>>>> US and EU balance.  These are from the beginning of the proj through
>>>>>>> 7.31.17 which is the last month we have closed.  Take care
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Thomas S. Pappas, MSA |   Senior Vice President of Finance &
>>>>>>> Administration | Virtual, Inc.
>>>>>>>
>>>>>>> D: +1-781-876-8914 <(781)%20876-8914>
>>>>>>>
>>>>>>> F:  +1-781-623-8460 <(781)%20623-8460>
>>>>>>>
>>>>>>> *tpappas at virtualmgmt.com <tpappas at virtualmgmt.com>*
>>>>>>>
>>>>>>> 401 Edgewater Place, Suite 600, Wakefield, MA 01880
>>>>>>> <https://maps.google.com/?q=401+Edgewater+Place,+Suite+600,+Wakefield,+MA+01880&entry=gmail&source=g>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> <image001.png>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> *From:* Seba [mailto:seba at owasp.org]
>>>>>>> *Sent:* Sunday, September 10, 2017 5:46 AM
>>>>>>> *To:* Alison Shrader <accounting at owasp.org>
>>>>>>> *Subject:* [owasp accounting] SAMM project funds status
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> hi,
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Can you provide a detailed overview of income/expenses for the SAMM
>>>>>>> project for the last year?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Thank you
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Seba
>>>>>>>
>>>>>>> --
>>>>>>> You received this message because you are subscribed to the Google
>>>>>>> Groups "OWASP Accounting group" group.
>>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>>> send an email to accounting+unsubscribe at owasp.org.
>>>>>>>
>>>>>>> <OpenSamm US and EU Balance as of 7.31.17.xlsx>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Owasp-board mailing list
>>>>>>> Owasp-board at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>>
>>>>>>>
>>>>>>
>>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
>
> --
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>


-- 


Claudia Aviles-Casanovas <claudia.aviles-casanovas at owasp.org>
Project Coordinator
Phone:973-288-1697
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20171009/80f1c222/attachment-0001.html>


More information about the Owasp-board mailing list