[Owasp-leaders] OWASP Board, Rebooted

Eoin eoin.keary at owasp.org
Mon Jan 10 11:31:40 EST 2011


I have to agree with the idea of empowering committee members more.....

Committee members "put it out there" try to take responsibility for driving
goals. Industry and Conference committees are great examples and of vital
importance to OWASP if we want to grow.

Regarding fundraising, the majority of it is from conferences. Private
organisations can either donate via membership or sponsorship of projects,
events.

As a board member I don't believe the board should be the final decision
makers on many issues such as budget. We need to develop mechanics wherein
we can leave these decisions to the committees but trust needs to be
developed for obvious reasons.....how do we do this? Do the individuals need
to be established leaders with a proven track record of delivery and
leadership? The boards role is more of a governance role and they should
have the right to decline a request but that needs to be based on a core set
of principles.
The board are currently developing core values which should feed into said
principles.

Should we have a decision tree where; if a request gets enough signatures
(from OWASP leaders in good standing) it should just be the board's task to
simply signoff? Problem is there is only so much money available so we need
to do this at the start of every quarter or every 6 months in order to
appoint budget. Is this decision a joint task of the committee leads so
there is a cross-approval process which shall lend itself to transparency
and openness?

Do we need a session with the committee leads to discuss governance at the
summit, methinks we do.

Looking forward to meeting you all at the summit.
-ek
On 9 January 2011 17:09, Jim Manico <jim.manico at owasp.org> wrote:

>  One of the things I do at OWASP is poke my nose into several committees
> to see what they are up to. J
>
>
>
> Lately, there has been a great deal of anger directed at the board, and I
> think it’s time for a board policy reboot.
>
>
>
> I have experience working in non-profits prior to OWASP. Board/volunteer
> conflict is very common in non-profits, and it’s easier to fix these kinds
> of problems from the top-down.
>
>
>
> First of all, what is the primary role of any non-profit board member?
> Fundraising and more fundraising. At least 80% of board members time, by my
> estimate, should be dedicated to fundraising.  Second, board members should
> not be involved in the operations of a non-profit. They should set policy
> and guidance (fiduciary oversight), but should let the volunteers and staff
> run the day to day operations.
>
>
>
> What I see is the exact opposite. We have board members getting deeply
> involved with operations, often over-riding committee decisions or dictating
> operational decisions without consulting with the appropriate committees.
>  This is very harmful to the organization.  But we also have a history where
> some committees do not fully execute or take responsibility – in these
> situations the board has no choice but to step in.
>
>
>
> I invite you to read http://www.idea.org/board.html - it mirrors some of
> my (and others) thoughts about how a non-profit board should run.
>
>
>
> Although I’m stating that we need to reboot the board, we also need to
> reboot clarifying committee responsibilities. This goes for me and my
> contributions to OWASP as well.
>
>
>
> The summit is coming up soon – I’m sure this topic will come up in a
> working session. Conflict can and will be converted into solutions there.  I
> hope you can make it, it’s going to be a great show.
>
>
>
> Regards,
>
> Jim Manico
>
>
>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


-- 
Eoin Keary
OWASP Global Board Member
OWASP Code Review Guide Lead Author

Sent from my i-Transmogrifier
http://asg.ie/
https://twitter.com/EoinKeary
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20110110/c365d930/attachment.html 


More information about the OWASP-Leaders mailing list