[Owasp-leaders] [OWASP-chapters] [Owasp-board] Proposal for OWASP Global Chapters Committee

Karen Staley karen.staley at owasp.org
Mon Sep 10 14:20:22 UTC 2018


Dear Leaders and Community Members,

First of all, thank you for all the comments and for your support of the
Foundation.  We very much value your input on this email thread.


As an open source community we believe that committees will enhance the
engagement and service of the Foundation to the community. A Global Chapter
committee will be helpful to support the chapters and assist them with
their initiatives. Based on this, it is clear, we all want the same thing
for the Foundation. Committees will enhance engagement and community
relationships. Please join one of the three *Town-Hall meetings *to discuss
the Foundation and the path we should take for the future. These meetings
will include ideas for other committees we need to create as well. It is
important that we have the *entire** leader community comment *through the
month of September. We have *over 600 leaders *that should have an
opportunity to share their thoughts and suggestions with the Foundation.
Let's give them this opportunity to respond to the Foundation throughout
the month of September.

The Foundation is very sensitive to recent communications with the
community as well and hosting Town-Hall meetings will allow for collective
input on the committees so that at the AppSec USA leaders meeting we can
address all needed committees with the community. We need to provide the
community *(more than 600 leaders today*) with sufficient time to share
their thoughts on several items concerning the future of the Foundation.
The comments on this email thread are very valuable, but with more than 600
leaders there are many more voices to be heard.

Furthermore, I personally need this time as well to understand the
community better.  There is no need to rush one committee, all committees
will be created in October. Let’s give the greater community time to
respond and speak to the Foundation and the community.


I would also like to ask any community members reading this email to share
their thoughts on the approach of Town-Hall meetings in September and
creation of committees in October.  Please take time to join one of the
Town-Hall meetings, your involvement is vital and we need to hear from you.
I would very much like to hear what you have to say about the Foundation
and its future path.

Thank you for your patience and understanding. If you have any questions or
need additional information on the Foundation or the Town-Hall meetings,
just contact me or Matt T.


Sincerely,

Karen


On Mon, Sep 10, 2018 at 6:14 AM Zoe Braiterman <zoe.braiterman at owasp.org>
wrote:

> Hi Josh and all,
>
> I agree with @Josh and support the proposal. So far, the WIA Committee is
> the only OWASP Committee set to be run under the Committees 2.0 Operational
> Model.
>
> I definitely see the potential opportunity for value and sustainability
> from an OWASP Chapters Committee, at the global and local Chapter community
> levels.
>
> From my experience, the ongoing, extra volunteer work (online
> communications and monthly global Committee calls, outside of local
> meetings / events) has been worthwhile as a means of continuous
> collaboration and driving the global OWASP mission. That said, many
> discussions I’ve had (regarding WIA and otherwise) confirm my reasons for
> agreeing. I also copy the WIA Officers inbox and WIA Committee mailing list
> here.
>
> I look forward to conintued discussion / collaboration of the Committee
> Adoption, based on my perspective as both an OWASP Committee Chair and a
> Brooklyn Chapter member.
>
> Best,
> Zoe
>
>
>
> On Sun, Sep 9, 2018 at 11:59 AM Bev Corwin <bev.corwin at owasp.org> wrote:
>
>> +1 Josh, I support Josh and will be happy to share our experiences with
>> the new Brooklyn chapter.
>>
>> Bev
>>
>>
>> On Sun, Sep 9, 2018 at 11:25 AM, Bil Corry <bil.corry at owasp.org> wrote:
>>
>>> Hi Martin,
>>>
>>> Josh had the same thought, he shared the same link in the first sentence
>>> of the first email in this thread:
>>>
>>> http://lists.owasp.org/pipermail/owasp-leaders/2018-September/019352.html
>>>
>>> - Bil
>>>
>>> On Sep 9, 2018, at 1:41 AM, Martin Knobloch <martin.knobloch at owasp.org>
>>> wrote:
>>>
>>> Hi Josh,
>>>
>>> Just to make sure everyone is on the same page on the committee policy
>>> and guidelines, I want to share this link:
>>>
>>>
>>> https://www.owasp.org/index.php/Governance/OWASP_Committees#OWASP_Committees_2.0_Operational_Model
>>>
>>> Kind regards,
>>> -martin
>>>
>>> On Saturday, September 8, 2018, Josh Sokol <josh.sokol at owasp.org> wrote:
>>>
>>>> This is exactly the kind of issues we are trying to address with this
>>>> committee.  If you have a question about how something should work or want
>>>> advice on how to do something, that shouldn't go into a support queue and
>>>> wait weeks for a response from a staff member.  Instead, my proposal would
>>>> leverage regional and global leaders with actual experience running
>>>> chapters to help answer these questions.  Even better, as a new chapter
>>>> leader, you should be partnered with a mentor from one one of our more
>>>> experienced chapters to help coach you.
>>>>
>>>> Any of our Chapter Leaders, or anyone else for that matter, interested
>>>> in furthering this cause, we don't need the Board or ED's approval to do
>>>> so.  I've started a new #chapters channel in Slack for that purpose.  Come
>>>> and join us:
>>>>
>>>>
>>>> https://join.slack.com/t/owasp/shared_invite/enQtNDI5MzgxMDQ2MTAwLTEyNzIzYWQ2NDZiMGIwNmJhYzYxZDJiNTM0ZmZiZmJlY2EwZmMwYjAyNmJjNzQxNzMyMWY4OTk3ZTQ0MzFhMDY
>>>>
>>>> It's probably worth noting, however, that despite being asked for a
>>>> "civil discussion and substantive proposal", and providing what I felt was
>>>> a genuinely substantive step in that direction, I received a follow-up
>>>> e-mail from Karen saying that they'd like to put this proposal on hold for
>>>> two months while they hold three town halls to discuss the "holistic
>>>> sustainability of the foundation".  To put it another way, what I warned of
>>>> in my response to Greg's e-mail is exactly what the Board and ED were
>>>> looking to do, they just haven't been straightforward in their discussions
>>>> about it.  These conversations have been going on in closed door meetings
>>>> and private e-mail threads, and not on the OWASP-Board mailing list in the
>>>> spirit of openness and transparency.
>>>>
>>>> ~josh
>>>>
>>>> On Sat, Sep 8, 2018 at 12:39 AM John Patrick Lita <
>>>> john.patrick.lita at owasp.org> wrote:
>>>>
>>>>> Hi all
>>>>>
>>>>> I know all that we have problems with each chapters, and i hope that
>>>>> the global committee will also have a program from ASEAN Region.
>>>>>
>>>>> My Chapter in Philippines was idle for a while. I just notice that
>>>>> everytime there is a Conference in STATE no one can answer my questions or
>>>>> query because everyone is busy for Conference.
>>>>>
>>>>> I hope the support is flexible for me as a chapter leader i have so
>>>>> many question and need more guidance to make my chapter more productive and
>>>>> active to the community.
>>>>>
>>>>> Thanks
>>>>>
>>>>> On Fri, Sep 7, 2018, 11:51 PM Travis McPeak <travis.mcpeak at gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hi all,
>>>>>>
>>>>>> After discussing this with Josh, I'd like to say I misunderstood the
>>>>>> intent of the committee. I was concerned that this would turn into a lot of
>>>>>> endless debate with little action items. What Josh is proposing is the
>>>>>> exact opposite of this.
>>>>>>
>>>>>> When I started as a new chapter leader, I found a surprising lack of
>>>>>> resources or lots of outdated resources for me to draw on. With the volume
>>>>>> of experience we all have as chapter leaders there's no reason why common
>>>>>> problems like these shouldn't be addressed quickly with a
>>>>>> divide-and-conquer approach. Those interested can be empowered and
>>>>>> supported with the necessary resources to go make things better. I now
>>>>>> believe this is the intent of the committee and I look forward to the
>>>>>> awesome things that will come from a result of it.
>>>>>>
>>>>>> -Travis (Bay Area)
>>>>>>
>>>>>> On Tue, Sep 4, 2018 at 1:26 PM Milton Smith <milton.smith at owasp.org>
>>>>>> wrote:
>>>>>>
>>>>>>> This seems like a great proposal to me Josh.  The committees
>>>>>>> operational model looks well written and considers OWASP committee
>>>>>>> organization/operations from the OWASP member perspective.  It’s great to
>>>>>>> have your knowledge and the knowledge of past leaders/staff.
>>>>>>>
>>>>>>> Clearly OWASP is experiencing some growing pains.  We are looking at
>>>>>>> committees for this area but perhaps committees should be considered more
>>>>>>> broadly for other areas where diverse opinion exists?  Properly
>>>>>>> representing everyone’s opinions is difficult in a global organization.
>>>>>>> Josh and Martin your both amazing, you’ve both been improving the security
>>>>>>> space for many years, and I appreciate your leadership and enthusiasm for
>>>>>>> building a better OWASP.
>>>>>>>
>>>>>>> —Milton
>>>>>>>
>>>>>>>
>>>>>>> On Sep 1, 2018, at 2:28 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
>>>>>>>
>>>>>>> Dear OWASP Leaders,
>>>>>>>
>>>>>>> As per the OWASP Committees 2.0 Operational Model
>>>>>>> <https://www.owasp.org/index.php/Governance/OWASP_Committees>,
>>>>>>> approved by a vote of the OWASP Board of Directors on July 16, 2014, I
>>>>>>> would like to formally propose the creation of a new "OWASP Global Chapters
>>>>>>> Committee".
>>>>>>>
>>>>>>> My rationale for the creation of this new committee is that our
>>>>>>> community has made a number of observations about inadequacies in the ways
>>>>>>> our Chapters interact with the OWASP Foundation, it's Staff, and the
>>>>>>> Board.  This committee would serve as a new form of governance within the
>>>>>>> OWASP Foundation, cutting red tape and empowering our chapter leaders to
>>>>>>> better serve the mission of OWASP while still adhering to the OWASP Core
>>>>>>> Values of openness, innovation, being a global community, and integrity.
>>>>>>> We will focus on strengthening the OWASP Chapters through education,
>>>>>>> networking, and driving value to our members.
>>>>>>>
>>>>>>> Topics that are within scope for the OWASP Global Chapters Committee
>>>>>>> include, but are not limited to:
>>>>>>>
>>>>>>>    - *Leadership Requirements: *The committee will be responsible
>>>>>>>    for defining requirements for new chapter leaders and create a community
>>>>>>>    vetting process.
>>>>>>>    - *Activity Requirements: *The committee will be responsible for
>>>>>>>    defining the minimum activity requirements for chapters and will
>>>>>>>    periodically review chapters for meeting those minimum requirements.
>>>>>>>    - *Mentorship: *Programs will be created to pair new chapter
>>>>>>>    leaders together with more experienced ones.  Budgets will be established
>>>>>>>    in order to facilitate mentees attendance of mentor chapter meetings.
>>>>>>>    - *Projects Partnership Tours: *To emphasize the importance of
>>>>>>>    projects, a budget will be established for projects to hold regional tours
>>>>>>>    of chapters where they will speak and show off their projects.
>>>>>>>    - *Budgets: *The committee will be a resource for OWASP policies
>>>>>>>    and procedures when it comes to the budget process and ensuring that it is
>>>>>>>    being followed.  The committee will help identify opportunities for chapter
>>>>>>>    leaders to spend their money.
>>>>>>>    - *Policy: *The committee will review and revise the Chapter
>>>>>>>    Leader Handbook on a periodic basis.  They will assess gaps in existing
>>>>>>>    policies and help to create new policies or redefine existing policies to
>>>>>>>    address gaps.
>>>>>>>    - *Guidance: *The committee will serve to help guide other
>>>>>>>    leaders with any questions that they have.  They will assist with finding
>>>>>>>    speakers.  They will help to recommend topics for presentations.
>>>>>>>    - *Feedback: *The committee will survey chapter leadership on
>>>>>>>    pertinent topics and be a listening outlet for chapter needs.
>>>>>>>    - *Conflict Resolution: *The committee will serve as a tribunal
>>>>>>>    for conflicts among and between chapters.
>>>>>>>    - *Local and Regional Events: *The committee will help to guide
>>>>>>>    chapter leaders on how to start and run local and regional events.  A
>>>>>>>    "startup" budget will be formed from existing event revenues in order to
>>>>>>>    seed investment in more events, helping additional chapters to be able to
>>>>>>>    raise enough money to cover their expenses and innovate.
>>>>>>>    - *Board Guidance: *The committee will work with the Board on
>>>>>>>    any initiatives they have as they relate to chapter policies, governance,
>>>>>>>    budgets, or otherwise.
>>>>>>>
>>>>>>> This scoping was developed by myself and Tiffany Long in an effort
>>>>>>> to cover many of the issues our chapters face on a routine basis.  It is
>>>>>>> not a comprehensive list and I'd certainly welcome suggestions from others
>>>>>>> in our community.  Moreso, it is my hope that others will be interested in
>>>>>>> participating in and contributing to this committee.
>>>>>>>
>>>>>>> Per the Committee Creation section of the Committees 2.0 Operational
>>>>>>> Model, this is now up for a community discussion with a Board vote to
>>>>>>> follow.  I hereby formally request that this be added as a topic for vote
>>>>>>> at the September 19th OWASP Board meeting.  Thank you.
>>>>>>>
>>>>>>> Sincerely,
>>>>>>>
>>>>>>> Josh Sokol
>>>>>>>
>>>>>>> OWASP Board Member 2014-2017
>>>>>>> OWASP Austin Chapter Leader
>>>>>>> OWASP LASCON Conference Co-Founder
>>>>>>> _______________________________________________
>>>>>>> OWASP-Leaders mailing list
>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> OWASP-Leaders mailing list
>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> -Travis
>>>>>> _______________________________________________
>>>>>> OWASP-Leaders mailing list
>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>
>>>>> _______________________________________________
>>>>> Owasp-chapters mailing list
>>>>> Owasp-chapters at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-chapters
>>>>>
>>>>
>>>
>>> --
>>> Kind regards,
>>> -martin
>>>
>>> Martin Knobloch
>>> _______________________
>>> OWASP Chairman of the BOD
>>> OWASP Netherlands Chapter Leader
>>>
>>> Email:   martin.knobloch at owasp.org
>>> Mobile: +31623226933
>>> Web:    https://www.owasp.org
>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
> --
> *Zoe Braiterman*
> Chair, OWASP Women in AppSec (WIA) Committee - wia at owasp.org
> Vice Chair, OWASP NIST NSTIC IDESG (NNI) Initiative
> Learning Lead, OWASP Mentors Initiative & Learning Gateway Project
>
>
> _______________________________________________
> Owasp-chapters mailing list
> Owasp-chapters at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-chapters
>


-- 
*OWASP Foundation*
Karen Staley
Executive Director

karen.staley at owasp.org <kelly.santalucia at owasp.org>
Direct: +1 240.446.2951


*Consider giving back, and supporting the open source community by becoming
a member <https://www.owasp.org/index.php/Membership> or making a donation
<https://www.owasp.org/index.php/Donate> today! *

*Join us at AppSec USA 2018 <https://2018.appsecusa.org/> 8-12 October in
San Jose, CA!*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20180910/dd5594ba/attachment-0001.html>


More information about the OWASP-Leaders mailing list