[Owasp-leaders] Vote by email: Establishing OWASP Regional Security Councils

Jim Manico jim.manico at owasp.org
Sat Jan 9 07:15:26 UTC 2016


Tom,

I vote yes. To

I think it's important to support experimentation.

To some degree I do not think we should need to vote; just do it.

If a new structure causes more people to get together and talk about 
security and making OWASP better then awesome.

- Jim


>
>         On Wed, Jan 6, 2016 at 1:58 PM, Tom Brennan - OWASP
>         <tomb at owasp.org
>         <javascript:_e(%7B%7D,'cvml','tomb at owasp.org');>> wrote:
>
>             *Board Members:*
>             *
>             *
>             A vote by email has been requested per *section 3.09
>             *Foundation Bylaws
>             https://www.owasp.org/images/e/e1/OWASPByLawsOfficial-25Sept2015CLEAN.pdf
>
>             *Motion:*
>             Approve the establishment of Regional Representation of
>             OWASP Foundation to focus on the core projects and efforts
>             of the foundation to be known as:
>
>             *-- Asia-Pacific Security Council (APSC)
>             -- North America Security Council (NASC)
>             -- Europe Middle East and Africa Security Council (ESC)
>             -- Latin America Security Council (LASC) *
>
>             VOTES (please reply-all with your vote)
>             Tom - Motion / Yes
>             Jim -
>             Tobias -
>             Matt -
>             Anthony -
>             Michael -
>             Josh -
>
>             *On Background:*
>
>             *_OWASP is built on self-organized efforts bottom up._* 
>             Regional and cultures are different around the world...
>             never mind time zones.  OWASP needs to reenergize regional
>             coordination of projects activities, events, summits,
>             etc.  The motion is requesting a formal approval process
>             to establish regional advisory councils/committees as the
>             first order of business for our community volunteers in
>             2016. Each committee should be 8-12 people. Since we have
>             "45,000" people in the community should not be to hard to
>             pick +/- 40 from the membership of 2508 as of today.
>             https://docs.google.com/spreadsheets/d/1-yoQ0XTBPfmZEvVSvXey0w3nGZXG2Ctbn3o_mXL7dAU/edit
>             <https://docs.google.com/spreadsheets/d/1-yoQ0XTBPfmZEvVSvXey0w3nGZXG2Ctbn3o_mXL7dAU/edit>
>
>             Once approved OWASP has highlighted and empowered more
>             volunteers to self-organize and participate on core
>             aspects of OWASP Foundation and recognition of their time
>             investment, locally and raises visibility globally in key
>             regions.
>
>             *FAQ1*
>             *How do we then fill the Councils with members?*
>             *
>             *
>             *Step #2 is simple*, the board will ask for self
>             nominations, solicit and appoint interested parties vetted
>             with assistance of community members and staff associated
>             with industry users and/or leaders of projects to be
>             appointed for a (1) year term to these advisory boards.
>             *This creates quick and swift action and energy around the
>             world aligned to the mission of the charity and the
>             strategic goals of 2016.*
>
>             *FAQ2*
>             *But isn't that why Committee 2.0 was created?*
>
>             Yes, but it needs help to get off the ground and
>             implementation. So to jump start it, you must start off
>             with one year appointment of task forces then we can
>             follow Committee 2.0
>             https://owasp.org/index.php/Governance/OWASP_Committees and adjust
>             as needed.  This fantastic guidance document has had
>             unfortunately no action taken by the community so we need
>             to *JUMP START IT *and the community will evolve bottom up.
>             *
>             *
>             *FAQ3*
>             *How do we know what they are working on?*
>             Not a big fan of micro management.. but I agree that if it
>             is worth doing, funding then metrics should be measured.
>             Requesting a summary roll-up report from each committee
>             chairman simply outlining PLANS for next three months,
>             PROGRESS from last three months and PROBLEMS that they may
>             need the board to noodle on and help with.  This should be
>             supplied starting with Q2 board meeting to update on any
>             efforts that they have self organized and to demonstrate
>             the cascading communication
>             (https://www.owasp.org/index.php/OWASP_Strategic_Goals) of
>             strategic goals globally
>
>             In edition to encouraging virtual meetings, the groups
>             will self regulate and will likely rally at min.,  2x per
>             year. 1x locally at regional project summary  and 1x at
>             global project summit off-site.  This will self level.
>
>             *FAQ4*
>             *What are the roles of the OWASP staff in these groups?*
>             The councils are self-organized by the regional members.
>             Employees aka: OWASP Foundation Operations provide support
>             to EVERYONE so if a council needs something they can
>             request it just like everyone does everyday example:
>             https://www.tfaforms.com/308703 and the requests will be
>             responded to or escalated as needed.  We are establishing
>             working committees and leaders in regional groups, this is
>             going back to basics and helping to drive regional
>             coordination and advisory status.
>
>             *FAQ5*
>             *Who do you think should be appointed Tom?*
>
>             IMHO Tip of my tongue are the candidates from 2015/2014
>             elections in their regions of the world have already
>             stated the "why me" lets not lose that energy rather
>             encourage it!
>
>             Abbas Naderi Afooshteh
>             Jonathan Carter
>             Bill Corry
>             Nigel Phair
>             Milton Smith
>             Timur Khrotko
>             Tahir Khan
>             <insert others that are regionally recognized by their
>             peers have expressed they want to help the OWASP Mission>
>
>             *FAQ6*
>             *We need a taskforce or a committee for X this will mess
>             that up...*
>             When a defined need is established for a short or long
>             term taskforce, project, committee etc...etc.. the first
>             thing we do is ask each of these councils to represent
>             their region of the world and take a active part in the
>             discussion.  If that does not fit then it does not limit a
>             additional *"get things done committee"* to work on and as
>             we know is true it will be a collection of people that
>             have time to volunteer and that is OPEN to everyone.
>
>             *FAQ7*
>             If we do this will it upset the annual election process?
>             *It will enhance it actually..... *This model provides a
>             pool of 40+ vetted people in the community that if they
>             want to serve on a regional board and then run for a
>             global board they have a proven track record of getting
>             things done.
>
>             *FAQ8*
>             If more discussion is needed happy to discuss on the NEXT
>             board meeting OR if you prefer to discuss it more just
>             call me to understand the spirit of the end goal.
>
>             Skype: proactiverisk
>             Phone: 973-506-9304 <tel:973-506-9304>
>
>             Tom Brennan
>             Global Board Member
>             OWASP Foundation
>
>
>
>
>             The information contained in this message and any
>             attachments may be privileged, confidential, proprietary
>             or otherwise protected from disclosure. If you, the reader
>             of this message, are not the intended recipient, you are
>             hereby notified that any dissemination, distribution,
>             copying or use of this message and any attachment is
>             strictly prohibited. If you have received this message in
>             error, please notify the sender immediately by replying to
>             the message, permanently delete it from your computer and
>             destroy any printout.
>             _______________________________________________
>             OWASP-Leaders mailing list
>             OWASP-Leaders at lists.owasp.org
>             <javascript:_e(%7B%7D,'cvml','OWASP-Leaders at lists.owasp.org');>
>             https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
>
>
> -- 
>
> Tom Brennan
> ProactiveRISK | www.proactiverisk.com <http://www.proactiverisk.com>
> 973-506-9304
>
> Need to book time with me to discuss an existing or a future project 
> click on my virtual calendar https://secure.scheduleonce.com/TomBrennan
>
> The information contained in this message and any attachments may be 
> privileged, confidential, proprietary or otherwise protected from 
> disclosure. If you, the reader of this message, are not the intended 
> recipient, you are hereby notified that any dissemination, 
> distribution, copying or use of this message and any attachment is 
> strictly prohibited. If you have received this message in error, 
> please notify the sender immediately by replying to the message, 
> permanently delete it from your computer and destroy any printout. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20160108/bbe89b54/attachment-0001.html>


More information about the OWASP-Leaders mailing list