[Owasp-leaders] Call for OWASP Governance comments/participation

Mark Bristow mark.bristow at owasp.org
Wed Jan 19 13:31:40 EST 2011


The Summit is really shaping up to be an exciting event.  There are many
great working sessions developing and I'm sure the "hallway con" will be
just as good.  That said there is one session on OWASP Governance that I'd
like to draw your attention to (
http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session013).  As
we grow we constantly need to examine and refine how we operate to ensure
that OWASP is best positioned to accomplish the mission of increasing
visibility and securing web applications.  "OWASP Board/Committee
Governance" co-hosted by Tom Brennan, Jason Li and myself is focused more on
"how the sausage is made" of OWASP.  While not a "sexy" session we are going
make an attempt at answering some of the hard questions about OWASP as an
organization and how we can improve OWASP to further the mission.

At the 2008 Summit we began to mature as an organization with the
establishment of the Global Committee structure, and after 2 years under the
new structure there are a number of lingering questions, concerns,
objections and murmurings regarding the organization as a whole.  While some
of these questions have been expressed, what we really need are *YOUR
thoughts, ideas, questions and contributions* about OWASP's operations and
governance so we can discuss them at this important session. Tom, Jason and
I have developed the following outline of topics to get us started (by no
means final):

   - Universal Committee Governance Document/Policies - Set quorum rules,
   minimum meeting frequency, member requirements, operational policies (such
   as reimbursements and OWASP funded travel) that apply to all committees
   - Review Board Governance and By-Laws
      - Change in Board composition to fit a more international model (2 US,
      2 EU, 1 SA, 1 Asia, 1 Asia-Pacific has been proposed)
   - Committee alignment to OWASP Goals/Mission including Authorities,
   Individual Missions and Areas of Responsibility (AoR).
   - Clarification of Committee Authorities - How the Committees and the
   board will interact in the committee policy areas
   - Providing budgets to committees for direct oversight and spending in
   their AoR
   - Additional transparency in OWASP accounting (Expenditures, Expense
   Reports for Officers/Committee Members.....)

Please feel free to email me or update the Wiki Page with any questions or
comments you may have.  I'd like to start collecting and categorizing them
so we can set a final agenda for the session.  Also, if your planning on
being at the summit and would like to attend, be sure to add your name to
the attendee list.


Mark Bristow
(703) 596-5175
mark.bristow at owasp.org

OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
AppSec DC Organizer - https://www.appsecdc.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20110119/a31401db/attachment-0001.html 

More information about the OWASP-Leaders mailing list