[Owasp-leaders] OWASP ISO Project, request for comments

Sebastien Gioria sebastien.gioria at owasp.org
Fri Jan 24 13:07:44 UTC 2014


Hi all,

We make a progress last night (europe time :)) with the presentation made
by Tatsuaki Takebe (
https://speakerdeck.com/owaspmontreal/iec-introduction-by-tatsuaki-takebe).

 In another email Jonathan explain a possible organisation to made some
cool contributions with ISO/IEC.


After exchanging I think we need made cooperation with ISO. It can help us
in the spread of our values and knowledge.


*Operational solution : *

1/ Setting up a OWASP ISO Project
2/ Having a small group of what we call OWASP ISO Liaison. In the OWASP
Terminology it's an OWASP Project leader(s).
3/ Setting some contributors to the OWASP Project.

*Role of the OWASP ISO Liaison:* This is mostly  "project manager(s)". He
need to find the good contributors in the OWASP projects/community to
review and or contribute to the ISO guidances. *OWASP ISO Liaison must
attend and participate *to the ISO Working Group physically and to ISO
Ad-hoc meeting remotely or physically (depending of the meeting site).

*Role of the OWASP Contributors : *This is mostly an expert on the subject.
They contribute in reviewing/commenting and or contributing to the ISO
guidances. => Best Effort role.

OWASP Contributor can be a chapter leader to facilitate for the country
langage/facilities/... or  project leader or event just a member as
long as *the
OWASP ISO Liaison trust him*.

OWASP Contributor can also decide to join in and help the OWASP ISO Liaison
online
as well. An OWASP ISO Liaison can also be OWASP Contributor at the same
time if the opportunity is there.


*Costs/Charges : *
- There is 2 meeting per working group at ISO per year. It's seem OWASP
could be in 2 group.  So there will be 4 meeting/year for OWASP ISO Liaison.
- I think a OWASP ISO Liaison agent will have a charge of 1 or 2 day per
month to compile and exchanges with the contributors/ISO.

I recommend to have 3 or 4 OWASP ISO Liaison all over the world. (EU, US,
ASIA, ...) to optimize flying cost and timezone attend to the meetings


*First Step : *

I'm proposing myself as the OWASP Project leader on this and as First
Liaison agent with ISO, and Jonathan Marcil as a Field Agent for
ISO27034/ASC.


Now, you could fire and comment this :)

If we agree mostly on this, I will submit a OWASP project ASAP.

-- 
OWASP French Chapter Leader
http://www.linkedin.com/in/gioria
GSM: +33 6 70 59 11 44
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140124/677f2c53/attachment.html>


More information about the OWASP-Leaders mailing list