[Owasp-leaders] OWASP Summit 11/11/2009

Rex Booth, OWASP rex.booth at owasp.org
Mon Oct 5 08:26:06 EDT 2009

(forgive the long reply...)

Related to the vote for the new Board member, I'd like to recommend 
three changes related to the OWASP Board and structure:

1) All Board members must be approved by popular vote for 2-year terms 
(no term limits).
2) The Board adopts a role more focused on strategic leadership and 
3) OWASP establishes a select set of positions within OWASP in order to 
provide operational leadership (a COO, CIO, etc).  These individuals are 
appointed by and serve at the pleasure of the Board.

I make these recommendations for the following reasons:

1) While the existing Board has done an exemplary job of growing and 
developing the organization, we have numerous passionate and capable 
leaders within OWASP who would like to continue to rise within the 
organization.  The establishment of the GCC was a fantastic first step 
to this end, but the ultimate goal for many is to serve on the Board.  
The organization obviously cannot simply create sufficient additional 
Board positions to accommodate this need - the existing positions need 
to be available for rotation.

2) Applying popular vote to the Board positions may help increase the 
geographic diversity of the Board which does not currently fully 
represent the international nature of the organization.

3) While the current approach of the Board as a group of equals has 
worked well thus far, the past few years have seen growth within OWASP 
that requires an additional level of maturity and focus in order to 
continue fulfilling and expanding the mission of OWASP.  Because of the 
increasing complexity of the organization, the standard operational 
functions (authorizing payments to vendors, approving project 
sponsorship, etc) compete for the same valuable time and attention of 
the Board as the requirements of strategic leadership.  Establishing 
positions within the organization with the authorization of the Board to 
take tactical action on it's behalf would 1) free the Board to focus on 
strategic issues, 2) introduce efficiencies for such operational, 
task-level activities and 3) provide additional positions of leadership 
for OWASP members that go beyond the thought leadership positions 
afforded by the GCC.

I'm certainly open to suggestions on how to improve this suggested 
approach. However, as a growing and maturing organization, I think we 
should adopt and adapt to some of the common structures and practices 
that have benefited other similar organizations - structures and 
practices that I feel can improve the way we fulfill our mission.


Tom Brennan - OWASP wrote:
> On November 11th 2009 (Veterans Day in the USA) will be the next OWASP 
> Global Summit.
> http://www.owasp.org/index.php/Summit_2009
> As the agenda gets locked in several candidates from the Global 
> Committee's ( http://www.owasp.org/index.php/Global_Committee_Pages ) 
> are seeking your support to be elected by the membership by vote.
> Let the discussions begin
> Eligible individuals have already volunteered time, served as a 
> project leader and or chapter leader and have have demonstrated global 
> leadership acumen.  If you will be in attendance you will hear from 
> each of the candidates discuss issues of why they want your support. 
> If you have never attended a OWASP Summit (such as Portugal 2008 
> http://www.owasp.org/index.php/OWASP_EU_Summit_2008 ) you will not 
> want to miss this event - when you get passion filled OWASP persons 
> together things happen don't miss it.
> Semper Fi,
> Tom Brennan
> 973.506.9303
> ------------------------------------------------------------------------
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

More information about the OWASP-Leaders mailing list