[Owasp-leaders] (Why the need to enable the use of OWASP chapter funds) Re: Membership funds

Jason Johnson jason.johnson at owasp.org
Fri Jun 7 13:05:01 UTC 2013

So you saying I could get 2000$ to buy raspberry PI's for my HIVE project
today? Its hard to start projects ill be honest. I have a idea and I want
it to stay OWASP. Not that anyone can not just go out to the HIVE project
page and build one on all by their onesy. I have been waiting on EU Grand
awarding. I guess anyone can go start a project off with ones own cash

After all if we all had a hive maybe it would stimulate projects....just

This idea is nice how many projects are orphans? I wonder how many of those
are that way because of funding or the lack of knowledge to get it.

I think financial stuff over a certain amount needs to be handled and
accounted for by not me (chapter leader). If its not for our mission we
could get into trouble. So projects like mine and some others that require
parts need to be regulated on what is purchased. Maybe im wrong but me and
the IRS do not get along.



Donate raspberry PI's to the HIVE project... It will love you in return.
On Jun 7, 2013 5:34 AM, "Dinis Cruz" <dinis.cruz at owasp.org> wrote:

> Tim's solution (see below) is great and we should apply it now (using data
> from the last year). The only thing I would change is to remove the C (soft
> cap) and  P (hard cap). This would have a net positive result for all
> chapters (and not move the money to the 'OWASP mothership' which is a very
> sensitive topic).
> For the ones really interested in this thread/topic, you should read the
> amazing Seth Godin's post Non-profits have a charter to be innovators<http://sethgodin.typepad.com/seths_blog/2012/11/non-profits-more-innovative.html> which
> really explains why OWASP (as an organisation) as the DUTY and moral
> responsibility to spend its available funds, to experiment, to get things
> done, etc....)
> The other very important question is *WHY!  *(as explained by the also
> amazing 'Why how what' presentation by Simon Sinek<http://www.ted.com/talks/simon_sinek_how_great_leaders_inspire_action.html>
> )
> Why does OWASP need money?
> Why do chapters need money?
> Why should owasp leaders use their political/business/personal capital in
> becoming a 'vendor' for OWASP?
> In my view, OWASP needs money to *Get Stuff Done!*
> *
> *
> And although there is always an idea that OWASP funds will be massively
> wasted, the reality (just look back at History) is that *It is very hard
> to spend OWASP Money*
> *
> *
> The best examples are the dormant funds in the Chapters, the Project
> Reboot funds that have barely been used and (my failed attempt) at the GSD
> project (Get Stuff Done)<https://www.owasp.org/index.php/OWASP_GSD_Project> which
> has *3k USD that any of you could spend TODAY*
> As I mentioned in my OWASP Revenue Splits and the "Non-profits have a
> charter to be innovators"<http://blog.diniscruz.com/2012/12/owasp-revenue-splits-and-non-profits.html> post,
> OWASP has a* 'How to spend the money' *problem and in the 160k USD
> available to OWASP Chapters and Projects<http://blog.diniscruz.com/2012/04/160k-usd-available-to-owasp-chapters.html> (written
> in April 2012 hence the smaller amount) I wrote:
> *In fact, the 160k USD currently available, shows that the model is not
> working as well as it should, i.e. OWASP leaders are not spending (i.e.
> investing) the money make available to them!*
> *
> *
> *I think there are two reasons for it:*
>    - *spending money in an organization like OWASP is not easy*
>    - *there is an idea that 'money should be kept' in the bank since it
>    is not wise to spend it all (i.e. be fiscally conservative)*
> *The problem here is that the amount of missed opportunities caused by
> the non-spending on these funds ie enormous, but because that is very hard
> to measure (how do you quantify missed opportunities?), it is hard to
> visualize the solutions and ideas we have not executed on.*
> *
> *
> *I think that one way to help the chapters to spend the $ allocated to
> them is for them to 'invest' in OWASP Projects under a program like the one
> I present at OWASP Project Reboot 2012 - Here is a better model
> <http://diniscruz.blogspot.co.uk/2012/04/owasp-project-reboot-2012-here-is.html>
> *
> What is great about such* 'owasp chapters global fund' *is that:
>    - It moves the discussion from '*how much money do I have*' to '*what
>    should I do with the funds available*'
>    - It really supports the chapters that don't have a lot of funds today
>    - It can also also benefit chapters with substancial funds today,
>    since there is no reason why they can't also access those resources
>    - it promotes accountability and ownership of funds allocated
>    - it puts an 'artificial' timeline on the use of funds allocated (i.e.
>    there is a 'pressure' to deliver)
>    - it helps to find the OWASP leaders who know how to spend OWASP funds
>    and make magic happen (like Fabio with the Latam and EU tours)
>    - It empowers action, and promotes the idea that '*we trust our
>    chapter leaders to do the right thing'*
>    - it documents the places where OWASP funds are used (making those
>    ideas/actions easy to replicated)
>    - it also documents the failed experiments (which are healthy, but
>    don't need to be repeated :)  ).
>    - it stops the 'ownership of funds' and 'lets keep it in a safe place'
>    that we currently have
>    - It can dramatically simplify how the funds are accessed since there
>    will be a central point of contact and pot (with better/faster processes
>    that world worldwide)
>    - it turns up the volume/pressure on the '*% of OWASP funds used',  *since
>    everytime *something that could happen, doesn't happen, *OWASP misses
>    an opportunity (and we need some 'urgency' and focus on 'not lossing
>    those opportunities).
> See the rules I wrote down at the GSD project<https://www.owasp.org/index.php/OWASP_GSD_Project> for
> how this could work in practice.
> Like I mentioned before, I don't really care about where the money is, and
> what percentages there are in place (in fact history is showing us how
> divisive those splits can be). The point is that *OWASP Funds MUST be
> available to Who wants to use them!*
> *
> *
> And as I listed in I wish that OWASP in 2014 ....<http://blog.diniscruz.com/2012/11/i-wish-that-owasp-in-2014.html>,
> it would be great that one day we will have at OWASP:
>    - *....*
>    - *a model where OWASP leaders are empowered to make financial
>    decisions/commitments and spend the available OWASP funds in the way they
>    believe is best, with no (very little) questions asked and very fast
>    approval cycles (see the GSD project for details)
>    *
>    - *....*
> Dinis Cruz
> Blog: http://diniscruz.blogspot.com
> Twitter: http://twitter.com/DinisCruz
> Web: http://www.owasp.org/index.php/O2
> On 6 June 2013 17:35, Tim <tim.morgan at owasp.org> wrote:
>> Yes, this is what came to my mind as well.  Incorporating Dinis
>> suggestion and some of my own ideas, what about this:
>> Individual membership dues: 75% to chapter, 25% to foundation
>> Corporate membership dues: 25% to chapter, 75% to foundation
>> Conference/event profits: 25% to chapter, 75% to foundation
>> Let C be the chapter funds "soft" cap
>> Let P be the shared chapter pool "hard" cap
>> Once per year, do the following:
>>  For any chapter with funds greater than C, move %50 of any excess
>>  funds C into a shared chapter pool
>>  If the the chapter pool is greater than P, move all excess funds to
>>  the global foundation
>> Any chapters can "overdraw" their chapter account and pull from the
>> chapter pool.  Perhaps some kind of limit should be put on how much
>> any given chapter pulls from the shared pool in a year.
>> Reasoning:
>> I think individual membership dues are important to keep with the
>> chapter.  It encourages contribution and participation at the local
>> level.  Corporate membership is probably not quite the same in that
>> way.  Also, I'm guessing individual membership dues are not the
>> biggest contributor to chapter funds right now (whereas conferences
>> and corporate contributions probably are), so it isn't going to cause
>> a big lockup of funds by putting more of the individual dues toward a
>> chapter.
>> In this system, the shared chapter pool is not so much different than
>> what we are doing this year in 2013 where a $500 overdraw was offered
>> to poor chapters.  I think this overdraw ability is *very* useful to
>> new chapters.
>> Of course all suggested numbers above are negotiable, it's just a
>> framework for more fairly unlocking excess funds.
>> tim
>> On Thu, Jun 06, 2013 at 03:38:50PM +0100, Daniel Turner wrote:
>> > What about if the split was left the same as it is now so chapters can
>> > access funds as needed, but after a period of time, say the financial
>> year,
>> > unspent funds were lost and used for OWASP as a whole?
>> >
>> >
>> > On Thu, Jun 6, 2013 at 3:21 PM, Eoin <eoin.keary at owasp.org> wrote:
>> >
>> > > Hello leaders,
>> > >
>> > > There is a foundation proposal to remove the split 60/40 from the
>> > > individual membership dues. 100% if the funding goes to the
>> foundation.
>> > > The funds are to be used to hire additional staff but also what
>> prompts
>> > > this is the lack of spending.....
>> > >
>> > > Chapters simply are not spending their funds and we have 0000's
>> building
>> > > up in owasp bank accounts, all ring fenced and going nowhere!!
>> > >
>> > > Please share your thoughts with myself and the board.
>> > >
>> > >
>> > >
>> > > Eoin Keary
>> > > Owasp Global Board
>> > > +353 87 977 2988
>> > >
>> > > _______________________________________________
>> > > OWASP-Leaders mailing list
>> > > OWASP-Leaders at lists.owasp.org
>> > > https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> > >
>> > _______________________________________________
>> > OWASP-Leaders mailing list
>> > OWASP-Leaders at lists.owasp.org
>> > https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130607/9244a958/attachment.html>

More information about the OWASP-Leaders mailing list