[Owasp-leaders] OWASP Project Sponsorship - What Model does OWASP want?

Dennis Groves dennis.groves at owasp.org
Thu Oct 10 06:36:37 UTC 2013


On 9 Oct 2013, at 20:33, Chris Schmidt wrote:

> Another point worth bringing up is that I think it is a mistake to 
> posit
> that organizations cannot target their contributions to a specific
> project simply because while we may wish that organizations would
> embrace OWASP as a whole, it is much more likely that they are 
> embracing
> projects that they use, and being selfish "individuals", orgs want to
> further development on the stuff that they are actively using.

However, as a registered non-profit - we are actually already required 
by law to do this. By law donators may dictate exactly how they want the 
funds used. Anybody may make a donation to a project or chapter and not 
to the foundation. And not only must we do this we must be able to 
demonstrate our compliance with the donators wishes. Incidentally the 
IRS does audit for this regularly; and it is the fastest way to loose 
your non-profit status.

> There are
> exceptions to every rule, but my gut feel is that organizations are 
> far
> more likely to contribute funds to the stuff their people are using
> simply because they have a vested interest in those projects already.

Unfortunately, this is usually the way things work in the USA.

> As for the statement of altruism, I think that most of the people that
> are working on projects will happily continue to do so for free, but
> there are things that are certainly *not* free that enable them to 
> take
> their projects to the next level. Marketing, site hosting, graphic
> design, printed materials, (and the list goes on and on). There are a
> great many reasons that a project needs a budget, and to cut those
> projects off at the knees is a surefire way IMHO to cripple them to
> obsolescence in the long run.

Yes, the message is free but the mission cost money.


[Dennis Groves](http://about.me/dennis.groves), MSc
[Email me](mailto:dennis.groves at owasp.org) or [schedule a 
meeting](http://goo.gl/8sPIy).

     Unless someone like you...cares a whole awful lot...
     nothing is going to get better...It's not."
                                             -- The Lorax


More information about the OWASP-Leaders mailing list