[Owasp-board] Lessons from being on the OWASP Board
sherif.mansour at owasp.org
Mon Feb 4 02:35:16 UTC 2019
I've been thinking for a while of writing down some thoughts on some
lessons from last year.
First I'll say that I am very excited about 2019 on the board and what we
can accomplish for the community. We have already had an offsite, and now
the ED & staff are working on a proposed plan based on the priorities we
have set and we'll build a budget based on said plan.
This is great.
Here are some lessons I have learned from passing some motions - including
having more than two global OWASP events & having Tel Aviv in 2019:
Discuss the issue with the community: Be transparent, rip the band-aid,
and show courage. Articulate the problem and ask for solutions (It is what
Discuss the issue with the staff: The staff are the ones who implement a
lot (almost all) of this work so without their buy-in or proposed options -
even if the vote passes - may not get done. It would be even better if the
motion makes their life easier too.
Work with the board out in the open on a proposed solution - you'd be
surprised who turns up to lend a hand, and they ideas you get - just don't
be to precious about your ideas - pick what is best for the community.
Give the board time to review - I usually present the board with a draft
solution to discuss, but only vote on it in the following month to give
people time to digest and ask questions.
Respect and take your peers feedback to heart - No one has the exact
perspective as you, be considerate, understand what people's red-lines are
and craft a proposal that keeps that in mind.
So - with buy-in and feedback from both the community and staff - BoD
members would have some confidence in the motion - by being transparent and
giving board members time to think about it, it could cause limited issues
during the vote - and finally if you factor the board members concerns in
the motion (or as best as you can) then you should be fine.
Keep in mind that anything we do - we have to do it as 7 people and not one.
This is sometimes the challenge I have seen in the past as a source of
All 7 of us have different perspectives on what will help the foundation
the most - and each has different interests. So not all of us will have the
same level of enthusiasm for the same thing (naturally), but it's important
to push each other forward, be constructive and think of the foundation's
I should know, I've put one or two motions last year.
Many times in the past a board member would place a major change (that they
feel strongly about ) a few days before a vote - and because the rest of
the board haven't had a chance to review it, it feels a bit "hey! let's do
this today" - The discussion would take too long, confusion would rise and
the motion wouldn't get voted on. Beyond that it would cause frustration
for the board member who worked on it. That also does not even include
vocal community members nor if the staff have the bandwidth to implement a
motion (or know how to do it) even if it gets voted on.
As I look back at this email I am guessing some of you might be exhausted
just thinking about it. I'll be honest by heart sank when Tanya decided not
to run, because I thought she would (and still can be) amazing as a board
member. However the rewards are worth it.
OWASP Global Board Member & OWASP London Chapter Leader
Email: sherif.mansour at owasp.org
Follow OWASP London Chapter on Twitter: @owasplondon
"Like" us on Facebook: https://www.facebook.com/OWASPLondon
Subscribe to our (lightweight) mailing list:
Consider giving back, and supporting the open source community by becoming
a member <https://www.owasp.org/index.php/Membership> or making a donation
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-board