[Owasp-leaders] OWASP OCMS

Bev Corwin bev.corwin at owasp.org
Mon May 1 18:27:13 UTC 2017


Thanks Tiffany,

Thank you, makes sense. I noticed that the text seems historically adjusted
/ edited and somewhat contradictory, along with the "enforcement" issues,
seemed also rather inconsistently applied, in any case, good to know,
regardless of the flaws. What is the current process for a regional event
that is interested in operating independently, for example, not interested
in support from OWASP Global Staff, etc. Is there a process for that type
of paid event? Say we wanted to hold a regional conference, with local
chapters, but not involving support from OWASP Global, how would that work?
Thank you and best wishes.

Sincerely,
Bev


On Mon, May 1, 2017 at 2:20 PM, Tiffany Long <tiffany.long at owasp.org> wrote:

> Dear Bev,
> In my experience OCMS
> <https://tracking.cirrusinsight.com/35271ad4-110e-4324-ba7d-1108c9de89cb/owasp-org-index-php-owasp-conference-management-system>is
> a fairly simple form
> <https://tracking.cirrusinsight.com/35271ad4-110e-4324-ba7d-1108c9de89cb/owasp-org-index-php-how-to-host-a-conference>
> that only become complicated when the budget gets big.  Because of our core
> principles
> <https://tracking.cirrusinsight.com/35271ad4-110e-4324-ba7d-1108c9de89cb/owasp-org-index-php-about-the-open-web-application-security-project>,
> which I believe are part of our founding documents, but I could be wrong,
> all regular meetings must be free and open. All paid events must be
> submitted and tracked through OCMS, then they get listed under "events" on
> the wiki.  Paid events are expected to be out of the ordinary due to
> special speakers, training, or OWASP Day activities.
>
> These requirements are equally enforced and covered in our new Chapter
> Leader Orientation given to new chapter leaders. I want to be clear, I
> treat every chapter the same when it comes to OWASP rules no matter who the
> leader is or where the chapter is located.  However, once we are passed the
> handful of restrictions I treat chapters according to their self identified
> needs. For example, some chapter need help reaching out to universities or
> planning activities aimed at growing membership while other chapters just
> need me to leave them alone beyond periodic check in until they have an
> issue.
>
> I hope this answers your questions.
>
> Best,
>
> Tiffany Long
> Community Manager
>
> On Mon, May 1, 2017 at 7:05 PM, Bev Corwin <bev.corwin at owasp.org> wrote:
>
>> Thanks Kate, What is the process for getting an "event" into OCMS? Is it
>> simple, or does it require burdensome hoops to jump through? Also, is this
>> requirement part of the bylaws and was it adopted / voted on by the
>> community? Or was it handed down by staff and/or board? Just curious since
>> it sounds like something that should be in bylaws, not just chapter
>> handbook. Also, it is equally enforced, for example, are *all* chapters
>> subjected to enforcement of this requirement, or only certain chapters?
>> Also, If it cannot be universally enforced, shouldn't it be abandoned? Best
>> wishes, Bev
>>
>> On Mon, May 1, 2017 at 12:04 PM, Kate Hartmann <kate.hartmann at owasp.org>
>> wrote:
>>
>>> I'm sorry if I wasn't clear in my initial comment.
>>>
>>> The concept was created and implemented by the Global Conference
>>> committee in 2009.  The first "platform" was designed by a volunteer.  It
>>> was built on an external system using code that could not be managed by
>>> staff.  This volunteer disengaged (got married, had children, more
>>> challenging career, etc) and was no longer available to manage the platform.
>>>
>>> We created OCMS v2.0 using the tools that we have and integrated it into
>>> other operational activities.  Now there are workflows that help staff keep
>>> track of and support the hundreds of events that occur globally.
>>>
>>> Kate
>>>
>>>
>>> On Mon, May 1, 2017 at 11:58 AM, Evin Hernandez <
>>> evin.hernandez at gmail.com> wrote:
>>>
>>>> But doesn't this contradict the previous statement about it not being
>>>> supported since people were no longer engaged ?
>>>>
>>>> On Mon, May 1, 2017 at 11:55 AM, Kate Hartmann <kate.hartmann at owasp.org
>>>> > wrote:
>>>>
>>>>> OCMS is a tool to track and facilitate events.  The tool itself
>>>>> wouldn't prevent a local chapter from charging on a meetup site for
>>>>> attendees.
>>>>>
>>>>> According to the Chapter Leader Handbook, all chapter meetings are to
>>>>> be free and open (Chapter 2)  https://www.owasp.org/index.p
>>>>> hp/Category:Chapter_Handbook
>>>>>
>>>>> If a chapter is having an event that is charging a fee, then it's no
>>>>> longer a chapter meeting, but is an event and should be entered into OCMS.
>>>>>
>>>>> Kate
>>>>>
>>>>>
>>>>>
>>>>> https://www.owasp.org/index.php/Category:Chapter_Handbook
>>>>>
>>>>>
>>>>> On Mon, May 1, 2017 at 11:43 AM, Bev Corwin <bev.corwin at owasp.org>
>>>>> wrote:
>>>>>
>>>>>> Thanks Kate, Why would the OCMS try to stop a local chapter from
>>>>>> charging on a meetup site for attendees? Best wishes, Bev
>>>>>>
>>>>>> On Mon, May 1, 2017 at 11:36 AM, Kate Hartmann <
>>>>>> kate.hartmann at owasp.org> wrote:
>>>>>>
>>>>>>> The OWASP Conference Management System or "OCMS" was a system that
>>>>>>> was created by and implemented by the Legacy Global Conference Committee in
>>>>>>> 2009.
>>>>>>>
>>>>>>> The intention was to capture all of the amazing event activities
>>>>>>> that our community was participating in so that the Foundation could
>>>>>>> celebrate and support local activities.
>>>>>>>
>>>>>>> It was initially set up as a stand alone system written by a
>>>>>>> volunteer.  When that individual was no longer engaged with OWASP, and the
>>>>>>> code could no longer be maintained, the process was moved to work within
>>>>>>> our other back office functionality.
>>>>>>>
>>>>>>> Kate Hartmann
>>>>>>>
>>>>>>>
>>>>>>> On Mon, May 1, 2017 at 11:25 AM, Bev Corwin <bev.corwin at owasp.org>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Dear OWASP Leaders,
>>>>>>>>
>>>>>>>> Does anyone know what the "OCMS" is? Was this recently created, or
>>>>>>>> is it a new thing? Did OWASP membership vote to approve this, or was it
>>>>>>>> only a board action? Or staff action? Please advise. Thank you and best
>>>>>>>> wishes.
>>>>>>>>
>>>>>>>> Sincerely,
>>>>>>>> Bev
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> OWASP-Leaders mailing list
>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>>
>>>>>>> Kate Hartmann
>>>>>>> kate.hartmann at owasp.org
>>>>>>> +1 301-275-9403 <(301)%20275-9403>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>>
>>>>> Kate Hartmann
>>>>> kate.hartmann at owasp.org
>>>>> +1 301-275-9403 <(301)%20275-9403>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Thank You
>>>>
>>>> Evin Hernandez
>>>>
>>>>
>>>
>>>
>>> --
>>>
>>>
>>> Kate Hartmann
>>> kate.hartmann at owasp.org
>>> +1 301-275-9403 <(301)%20275-9403>
>>>
>>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170501/36407401/attachment-0001.html>


More information about the OWASP-Leaders mailing list