[Owasp-leaders] Leading Effective Change
tomb at owasp.org
Thu Feb 21 23:27:59 UTC 2013
Thanks Michael for your opinion, here is mine to add to it;
"When needed, manage to policy, when no policy is available discuss. if the outcome requires written guidance, create and draft the initiative (usually by the person raising the issue with passion) float for rough consensus to the wider community with influencing facts including and not limited to legal, moral, petition results (aka Public survey) and written response/comment period.
When ready add as motion as new business at a monthly board meeting, so the elected by membership officers can vote as proxy representatives to the effective action then apply it globally to all moving forward while providing a window of "compliance" #OWASP
Shouting does not work, creating work for others does not work in building a better mousetrap and professional association that anyone will respect or be proud to be a member of as a participant, member or employee.
My 5-cents, look forward to seeing you at RSA next week.
On Feb 22, 2013, at 5:01 AM, Michael Coates <michael.coates at owasp.org> wrote:
> We had a lively debate of various points this week. The actual issues aside, I’d like to provide some perspective on leading change.
> The takeaway from the heated discussion was:
> 1. Some people feel X is bad
> 2. Other people feel X is fine
> 3. Some people feel some small tweaks would have made X better
> There was some good civil discussion, some shouting occurred, accusations where thrown around, and in the end the issue slowly fell away.
> What were the results of this conversation?
> 1. Some people felt better to share their thoughts on an issue
> 2. Other people were likely offended from accusations
> 3. A list of several hundred people watched the back and forth
> 4. We ended where we started – this may be because our current stance is acceptable or because or approach to initiating change was poor
> My two cents on how to lead effective change at OWASP
> Keep the stones you are about to throw in your pocket. Use those stones to build a bridge.
> * Change happens when people evaluate a situation, receive a variety of feedback, and build consensus around a path forward
> * Assume good intent – everyone is putting in countless hours of time, when situations get close to the grey zone, let’s assume good intent and act as a team
> * Apply change in a forward-looking fashion. Most people are happy to get on board with an approach that is well thought out, socialized with the community, and better for OWASP.
> * Look at issues holistically. If the whole forest is on fire, it doesn’t do any good to pick a single tree and focus on that. Look at the overall incentive structure, and the public guidance – we likely need to rethink the overall program.
> How does this manifest at OWASP?
> Do you think X, Y, or Z can be better? If so, start a global initiative and get some people involved from various perspectives (for and against, various vantage points/backgrounds). Evaluate the situation and consider the various incentives at play.
> Is this red tape? Not really, you’re free to approach the problem however you choose. But please consider this advice as you drive to lead change in an organization that spans the world, is completely open and volunteer driven, and is trying to fundamentally change knowledge sharing around an area that many people don’t understand.
> Michael Coates | OWASP | @_mwc
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders