[Owasp-leaders] (Why the need to enable the use of OWASP chapter funds) Re: Membership funds

Jason Johnson jason.johnson at owasp.org
Fri Jun 7 13:52:56 UTC 2013

I can do this, sir
On Jun 7, 2013 8:19 AM, "Dinis Cruz" <dinis.cruz at owasp.org> wrote:

> Yes I'm saying that, that would be a great use of OWASP or GSD funds.
> It would be great to have all those PIs available, specially since other
> OWASP leaders might find other cool uses of it.
> Ok, so can you update the GSD page with your request and start figuring
> out the best place to buy the PIs from.
> Dinis Cruz
> On 7 Jun 2013, at 14:05, Jason Johnson <jason.johnson at owasp.org> wrote:
> So you saying I could get 2000$ to buy raspberry PI's for my HIVE project
> today? Its hard to start projects ill be honest. I have a idea and I want
> it to stay OWASP. Not that anyone can not just go out to the HIVE project
> page and build one on all by their onesy. I have been waiting on EU Grand
> awarding. I guess anyone can go start a project off with ones own cash
> flow.....
> After all if we all had a hive maybe it would stimulate projects....just
> sayin.
> This idea is nice how many projects are orphans? I wonder how many of
> those are that way because of funding or the lack of knowledge to get it.
> I think financial stuff over a certain amount needs to be handled and
> accounted for by not me (chapter leader). If its not for our mission we
> could get into trouble. So projects like mine and some others that require
> parts need to be regulated on what is purchased. Maybe im wrong but me and
> the IRS do not get along.
> Jason
> P.S.
> Donate raspberry PI's to the HIVE project... It will love you in return.
> On Jun 7, 2013 5:34 AM, "Dinis Cruz" <dinis.cruz at owasp.org> wrote:
>> Tim's solution (see below) is great and we should apply it now (using
>> data from the last year). The only thing I would change is to remove the C
>> (soft cap) and  P (hard cap). This would have a net positive result for all
>> chapters (and not move the money to the 'OWASP mothership' which is a very
>> sensitive topic).
>> For the ones really interested in this thread/topic, you should read the
>> amazing Seth Godin's post Non-profits have a charter to be innovators<http://sethgodin.typepad.com/seths_blog/2012/11/non-profits-more-innovative.html> which
>> really explains why OWASP (as an organisation) as the DUTY and moral
>> responsibility to spend its available funds, to experiment, to get things
>> done, etc....)
>> The other very important question is *WHY!  *(as explained by the also
>> amazing 'Why how what' presentation by Simon Sinek<http://www.ted.com/talks/simon_sinek_how_great_leaders_inspire_action.html>
>> )
>> Why does OWASP need money?
>> Why do chapters need money?
>> Why should owasp leaders use their political/business/personal capital in
>> becoming a 'vendor' for OWASP?
>> In my view, OWASP needs money to *Get Stuff Done!*
>> *
>> *
>> And although there is always an idea that OWASP funds will be massively
>> wasted, the reality (just look back at History) is that *It is very hard
>> to spend OWASP Money*
>> *
>> *
>> The best examples are the dormant funds in the Chapters, the Project
>> Reboot funds that have barely been used and (my failed attempt) at the GSD
>> project (Get Stuff Done)<https://www.owasp.org/index.php/OWASP_GSD_Project> which
>> has *3k USD that any of you could spend TODAY*
>> As I mentioned in my OWASP Revenue Splits and the "Non-profits have a
>> charter to be innovators"<http://blog.diniscruz.com/2012/12/owasp-revenue-splits-and-non-profits.html> post,
>> OWASP has a* 'How to spend the money' *problem and in the 160k USD
>> available to OWASP Chapters and Projects<http://blog.diniscruz.com/2012/04/160k-usd-available-to-owasp-chapters.html> (written
>> in April 2012 hence the smaller amount) I wrote:
>> *In fact, the 160k USD currently available, shows that the model is not
>> working as well as it should, i.e. OWASP leaders are not spending (i.e.
>> investing) the money make available to them!*
>> *
>> *
>> *I think there are two reasons for it:*
>>    - *spending money in an organization like OWASP is not easy*
>>    - *there is an idea that 'money should be kept' in the bank since it
>>    is not wise to spend it all (i.e. be fiscally conservative)*
>> *The problem here is that the amount of missed opportunities caused by
>> the non-spending on these funds ie enormous, but because that is very hard
>> to measure (how do you quantify missed opportunities?), it is hard to
>> visualize the solutions and ideas we have not executed on.*
>> *
>> *
>> *I think that one way to help the chapters to spend the $ allocated to
>> them is for them to 'invest' in OWASP Projects under a program like the one
>> I present at OWASP Project Reboot 2012 - Here is a better model
>> <http://diniscruz.blogspot.co.uk/2012/04/owasp-project-reboot-2012-here-is.html>
>> *
>> What is great about such* 'owasp chapters global fund' *is that:
>>    - It moves the discussion from '*how much money do I have*' to '*what
>>    should I do with the funds available*'
>>    - It really supports the chapters that don't have a lot of funds today
>>    - It can also also benefit chapters with substancial funds today,
>>    since there is no reason why they can't also access those resources
>>    - it promotes accountability and ownership of funds allocated
>>    - it puts an 'artificial' timeline on the use of funds allocated
>>    (i.e. there is a 'pressure' to deliver)
>>    - it helps to find the OWASP leaders who know how to spend OWASP
>>    funds and make magic happen (like Fabio with the Latam and EU tours)
>>    - It empowers action, and promotes the idea that '*we trust our
>>    chapter leaders to do the right thing'*
>>    - it documents the places where OWASP funds are used (making those
>>    ideas/actions easy to replicated)
>>    - it also documents the failed experiments (which are healthy, but
>>    don't need to be repeated :)  ).
>>    - it stops the 'ownership of funds' and 'lets keep it in a safe
>>    place' that we currently have
>>    - It can dramatically simplify how the funds are accessed since there
>>    will be a central point of contact and pot (with better/faster processes
>>    that world worldwide)
>>    - it turns up the volume/pressure on the '*% of OWASP funds used',  *since
>>    everytime *something that could happen, doesn't happen, *OWASP misses
>>    an opportunity (and we need some 'urgency' and focus on 'not lossing
>>    those opportunities).
>> See the rules I wrote down at the GSD project<https://www.owasp.org/index.php/OWASP_GSD_Project> for
>> how this could work in practice.
>> Like I mentioned before, I don't really care about where the money is,
>> and what percentages there are in place (in fact history is showing us how
>> divisive those splits can be). The point is that *OWASP Funds MUST be
>> available to Who wants to use them!*
>> *
>> *
>> And as I listed in I wish that OWASP in 2014 ....<http://blog.diniscruz.com/2012/11/i-wish-that-owasp-in-2014.html>,
>> it would be great that one day we will have at OWASP:
>>    - *....*
>>    - *a model where OWASP leaders are empowered to make financial
>>    decisions/commitments and spend the available OWASP funds in the way they
>>    believe is best, with no (very little) questions asked and very fast
>>    approval cycles (see the GSD project for details)
>>    *
>>    - *....*
>> Dinis Cruz
>> Blog: http://diniscruz.blogspot.com
>> Twitter: http://twitter.com/DinisCruz
>> Web: http://www.owasp.org/index.php/O2
>> On 6 June 2013 17:35, Tim <tim.morgan at owasp.org> wrote:
>>> Yes, this is what came to my mind as well.  Incorporating Dinis
>>> suggestion and some of my own ideas, what about this:
>>> Individual membership dues: 75% to chapter, 25% to foundation
>>> Corporate membership dues: 25% to chapter, 75% to foundation
>>> Conference/event profits: 25% to chapter, 75% to foundation
>>> Let C be the chapter funds "soft" cap
>>> Let P be the shared chapter pool "hard" cap
>>> Once per year, do the following:
>>>  For any chapter with funds greater than C, move %50 of any excess
>>>  funds C into a shared chapter pool
>>>  If the the chapter pool is greater than P, move all excess funds to
>>>  the global foundation
>>> Any chapters can "overdraw" their chapter account and pull from the
>>> chapter pool.  Perhaps some kind of limit should be put on how much
>>> any given chapter pulls from the shared pool in a year.
>>> Reasoning:
>>> I think individual membership dues are important to keep with the
>>> chapter.  It encourages contribution and participation at the local
>>> level.  Corporate membership is probably not quite the same in that
>>> way.  Also, I'm guessing individual membership dues are not the
>>> biggest contributor to chapter funds right now (whereas conferences
>>> and corporate contributions probably are), so it isn't going to cause
>>> a big lockup of funds by putting more of the individual dues toward a
>>> chapter.
>>> In this system, the shared chapter pool is not so much different than
>>> what we are doing this year in 2013 where a $500 overdraw was offered
>>> to poor chapters.  I think this overdraw ability is *very* useful to
>>> new chapters.
>>> Of course all suggested numbers above are negotiable, it's just a
>>> framework for more fairly unlocking excess funds.
>>> tim
>>> On Thu, Jun 06, 2013 at 03:38:50PM +0100, Daniel Turner wrote:
>>> > What about if the split was left the same as it is now so chapters can
>>> > access funds as needed, but after a period of time, say the financial
>>> year,
>>> > unspent funds were lost and used for OWASP as a whole?
>>> >
>>> >
>>> > On Thu, Jun 6, 2013 at 3:21 PM, Eoin <eoin.keary at owasp.org> wrote:
>>> >
>>> > > Hello leaders,
>>> > >
>>> > > There is a foundation proposal to remove the split 60/40 from the
>>> > > individual membership dues. 100% if the funding goes to the
>>> foundation.
>>> > > The funds are to be used to hire additional staff but also what
>>> prompts
>>> > > this is the lack of spending.....
>>> > >
>>> > > Chapters simply are not spending their funds and we have 0000's
>>> building
>>> > > up in owasp bank accounts, all ring fenced and going nowhere!!
>>> > >
>>> > > Please share your thoughts with myself and the board.
>>> > >
>>> > >
>>> > >
>>> > > Eoin Keary
>>> > > Owasp Global Board
>>> > > +353 87 977 2988
>>> > >
>>> > > _______________________________________________
>>> > > OWASP-Leaders mailing list
>>> > > OWASP-Leaders at lists.owasp.org
>>> > > https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>> > >
>>> > _______________________________________________
>>> > OWASP-Leaders mailing list
>>> > OWASP-Leaders at lists.owasp.org
>>> > https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130607/28a30bc1/attachment.html>

More information about the OWASP-Leaders mailing list