[Owasp-leaders] FW: REQUESTFOR DECISION/CALL FOR CONTRIBUTIONS TO UPDATE THE ASSESSMENTCRITERIA

Eoin eoin.keary at owasp.org
Thu Mar 12 10:23:21 EDT 2009


Sounds good.
The Code review and Testing guides underwent technical writing review which
imporved formatting and overall quality.
The results were very positive and would be a good place to start re the
release docs



2009/3/12 Dinis Cruz <dinis.cruz at owasp.org>

> As Colin mentions below, we have to make sure that EVERYTHING OWASP
> creates and promotes has as much quality as possible (and also that it
> is very clear to Owasp users the quality and maturity level of those
> materials)
>
> This needs to apply to tools,documents and these other 'things' (not a
> document or a tool).
>
> While Reading Colin's email, it struck me that those other 'things'
> were ACTIVITIES
>
> So, what do you think of creating an additional OWASP project
> category , where we would then have: tools, documents and activities
> (each with a unique set of quality assessment criteria fine tune to
> each project type)?
>
> Dinis Cruz
>
> On 12 Mar 2009, at 13:01, Colin Watson <colin.watson at owasp.org> wrote:
>
> > Matt Tesauro wrote:
> >> Buanzo, my friend, this is exactly why we've posted this to the list.
> >> ...  And even though I'm familiar with your project (and think its
> >> very
> >> cool), I'd not considered the misfit between your project and the
> >> criteria.  This is exactly the type of feedback needed.  Perhaps your
> >> project is better assessed under the documentation criteria.  Perhaps
> >> another category is required beyond tool and documentation.
> >
> > I realise this discussion is primarily concerned with projects and
> > tools, but as Buanzo has raised, there may be other types of
> > contribution, like research, that don't fit into the strict criteria.
> > Other examples could include anything from press releases,
> > presentations, official responses, official letters, and outputs from
> > the board, working groups and committees.
> >
> > Whilst it does seem to make sense that Buanzo's work is called a
> > project, there may be other project-like activities going on, which
> > may need some QUALITY review in the future.  It might be good if any
> > Non-Tool-Non-Documentation assessment criteria are as generic as
> > possible, so we can perhaps use them for other, perhaps as yet
> > unidentified, misfits (things not people!). But of course, without
> > being overly bureaucratic.  Perhaps as GUIDANCE, rather than being
> > mandatory?
> >
> > Colin
> > _______________________________________________
> > OWASP-Leaders mailing list
> > OWASP-Leaders at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>



-- 
Eoin Keary CISSP CISA
https://www.owasp.org/index.php/OWASP_Ireland_AppSec_2009_Conference

OWASP Code Review Guide Lead Author
OWASP Ireland Chapter Lead
OWASP Global Committee Member (Industry)

Quis custodiet ipsos custodes
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20090312/5272fe14/attachment.html 


More information about the OWASP-Leaders mailing list