[Owasp-leaders] [OWASP-chapters] [Owasp-board] Proposal for OWASP Global Chapters Committee

Matt Tesauro matt.tesauro at owasp.org
Mon Sep 10 16:39:07 UTC 2018


Town hall meeting schedule and information:
https://www.owasp.org/index.php/Leaders_Town_Hall

--
-- Matt Tesauro
*OWASP Foundation*
Director of Community and Operations
matt.tesauro at owasp.org

Consider giving back, and supporting the open source community by becoming
a member <https://www.owasp.org/index.php/Membership> or making a donation
<https://www.owasp.org/index.php/Donate> today!


Join us at AppSec USA 2018 <https://2018.appsecusa.org/> 8-12 October in
San Jose, CA!




On Mon, Sep 10, 2018 at 11:29 AM Timur 'x' Khrotko [owasp] <timur at owasp.org>
wrote:

> [not to interfere with the questions of Carlos below]
>
> Dear All, is my observation correct that the committee Josh initiated to
> establish is to review the functioning and the management of the Foundation
> and the quality of the services provided to the community, and probably the
> role of the Board in maybe letting the operational/organizational problems
> persist, etc.?
>
> If so then that committee is in the first iteration an audit body and
> probably in the second is a crisis management body. One of the subjects of
> the review is then the Foundation staff and management. Correct? If so the
> management and the Board should not make decisions regarding the
> establishment of the committee, beyond the formalities and the control of
> the ethical conduct and compliance.
>
> Please correct me if I'm lost!
>
> Ps. The rules say that the committee operates on behalf of the Foundation,
> I guess it reads as on behalf of the legal body (the charity and the
> represented community).
>
> Timur
>
> On Mon, 10 Sep 2018 at 17:43, Carlos Allendes <carlos.allendes at owasp.org>
> wrote:
>
>> Dear Karen
>>
>> IMO is very sad to read your message if you say that there is no need to
>> rush a committee ... then it is still not clear enough that precisely we
>> are doing it for delays of months and the lack of feedback from the current
>> structure to answer requests or create new chapters (including the new
>> student chapters).
>>
>>  and then I am even more perplexed when you say that "all the committees"
>> will be created in October (?) ... it is realistic to think about creating
>> several committees (with what that implies)  when objectively there is no
>> capacity to create a chapter of students in less than 2.5 months (!)
>>
>>
>> *Finally, I request you please send us the information indicated
>> below.... **to have an objective context of the gap size, that we should
>> solve**:*
>>
>> *A) Those 600 leaders that you mention can indicate us in percentages (%)
>> to which project and / or chapter those leaders belong.*
>>
>> *B) Information of current request records tipified by categories*
>> *B.1) quantity of requests initiated during 2018*
>> *B.2) quantity of requests closed and with the approval of the initiator*
>> *B.3) quantity of requests open and pending yet*
>>
>>
>>
>> Thanks in advance
>>
>> ----------
>> Carlos Allendes Droguett
>> OWASP Chile, chapter leader.
>> Links  e-List <http://goo.gl/LBELa>   www <http://goo.gl/9wuFX>    mail
>> <carlos.allendes at owasp.org>   linkedIN
>> <http://cl.linkedin.com/in/carlosallendes>
>> ----------
>>
>>
>>
>>
>> 2018-09-10 11:20 GMT-03:00 Karen Staley <karen.staley at owasp.org>:
>>
>>> Dear Leaders and Community Members,
>>>
>>> First of all, thank you for all the comments and for your support of the
>>> Foundation.  We very much value your input on this email thread.
>>>
>>>
>>> As an open source community we believe that committees will enhance the
>>> engagement and service of the Foundation to the community. A Global Chapter
>>> committee will be helpful to support the chapters and assist them with
>>> their initiatives. Based on this, it is clear, we all want the same thing
>>> for the Foundation. Committees will enhance engagement and community
>>> relationships. Please join one of the three *Town-Hall meetings *to
>>> discuss the Foundation and the path we should take for the future. These
>>> meetings will include ideas for other committees we need to create as well.
>>> It is important that we have the *entire** leader community comment *through
>>> the month of September. We have *over 600 leaders *that should have an
>>> opportunity to share their thoughts and suggestions with the Foundation.
>>> Let's give them this opportunity to respond to the Foundation throughout
>>> the month of September.
>>>
>>> The Foundation is very sensitive to recent communications with the
>>> community as well and hosting Town-Hall meetings will allow for collective
>>> input on the committees so that at the AppSec USA leaders meeting we can
>>> address all needed committees with the community. We need to provide the
>>> community *(more than 600 leaders today*) with sufficient time to share
>>> their thoughts on several items concerning the future of the Foundation.
>>> The comments on this email thread are very valuable, but with more than 600
>>> leaders there are many more voices to be heard.
>>>
>>> Furthermore, I personally need this time as well to understand the
>>> community better.  There is no need to rush one committee, all committees
>>> will be created in October. Let’s give the greater community time to
>>> respond and speak to the Foundation and the community.
>>>
>>>
>>> I would also like to ask any community members reading this email to
>>> share their thoughts on the approach of Town-Hall meetings in September and
>>> creation of committees in October.  Please take time to join one of the
>>> Town-Hall meetings, your involvement is vital and we need to hear from you.
>>> I would very much like to hear what you have to say about the Foundation
>>> and its future path.
>>>
>>> Thank you for your patience and understanding. If you have any questions
>>> or need additional information on the Foundation or the Town-Hall meetings,
>>> just contact me or Matt T.
>>>
>>>
>>> Sincerely,
>>>
>>> Karen
>>>
>>>
>>> On Mon, Sep 10, 2018 at 6:14 AM Zoe Braiterman <zoe.braiterman at owasp.org>
>>> wrote:
>>>
>>>> Hi Josh and all,
>>>>
>>>> I agree with @Josh and support the proposal. So far, the WIA Committee
>>>> is the only OWASP Committee set to be run under the Committees 2.0
>>>> Operational Model.
>>>>
>>>> I definitely see the potential opportunity for value and sustainability
>>>> from an OWASP Chapters Committee, at the global and local Chapter community
>>>> levels.
>>>>
>>>> From my experience, the ongoing, extra volunteer work (online
>>>> communications and monthly global Committee calls, outside of local
>>>> meetings / events) has been worthwhile as a means of continuous
>>>> collaboration and driving the global OWASP mission. That said, many
>>>> discussions I’ve had (regarding WIA and otherwise) confirm my reasons for
>>>> agreeing. I also copy the WIA Officers inbox and WIA Committee mailing list
>>>> here.
>>>>
>>>> I look forward to conintued discussion / collaboration of the Committee
>>>> Adoption, based on my perspective as both an OWASP Committee Chair and a
>>>> Brooklyn Chapter member.
>>>>
>>>> Best,
>>>> Zoe
>>>>
>>>>
>>>>
>>>> On Sun, Sep 9, 2018 at 11:59 AM Bev Corwin <bev.corwin at owasp.org>
>>>> wrote:
>>>>
>>>>> +1 Josh, I support Josh and will be happy to share our experiences
>>>>> with the new Brooklyn chapter.
>>>>>
>>>>> Bev
>>>>>
>>>>>
>>>>> On Sun, Sep 9, 2018 at 11:25 AM, Bil Corry <bil.corry at owasp.org>
>>>>> wrote:
>>>>>
>>>>>> Hi Martin,
>>>>>>
>>>>>> Josh had the same thought, he shared the same link in the first
>>>>>> sentence of the first email in this thread:
>>>>>>
>>>>>>
>>>>>> http://lists.owasp.org/pipermail/owasp-leaders/2018-September/019352.html
>>>>>>
>>>>>> - Bil
>>>>>>
>>>>>> On Sep 9, 2018, at 1:41 AM, Martin Knobloch <
>>>>>> martin.knobloch at owasp.org> wrote:
>>>>>>
>>>>>> Hi Josh,
>>>>>>
>>>>>> Just to make sure everyone is on the same page on the committee
>>>>>> policy and guidelines, I want to share this link:
>>>>>>
>>>>>>
>>>>>> https://www.owasp.org/index.php/Governance/OWASP_Committees#OWASP_Committees_2.0_Operational_Model
>>>>>>
>>>>>> Kind regards,
>>>>>> -martin
>>>>>>
>>>>>> On Saturday, September 8, 2018, Josh Sokol <josh.sokol at owasp.org>
>>>>>> wrote:
>>>>>>
>>>>>>> This is exactly the kind of issues we are trying to address with
>>>>>>> this committee.  If you have a question about how something should work or
>>>>>>> want advice on how to do something, that shouldn't go into a support queue
>>>>>>> and wait weeks for a response from a staff member.  Instead, my proposal
>>>>>>> would leverage regional and global leaders with actual experience running
>>>>>>> chapters to help answer these questions.  Even better, as a new chapter
>>>>>>> leader, you should be partnered with a mentor from one one of our more
>>>>>>> experienced chapters to help coach you.
>>>>>>>
>>>>>>> Any of our Chapter Leaders, or anyone else for that matter,
>>>>>>> interested in furthering this cause, we don't need the Board or ED's
>>>>>>> approval to do so.  I've started a new #chapters channel in Slack for that
>>>>>>> purpose.  Come and join us:
>>>>>>>
>>>>>>>
>>>>>>> https://join.slack.com/t/owasp/shared_invite/enQtNDI5MzgxMDQ2MTAwLTEyNzIzYWQ2NDZiMGIwNmJhYzYxZDJiNTM0ZmZiZmJlY2EwZmMwYjAyNmJjNzQxNzMyMWY4OTk3ZTQ0MzFhMDY
>>>>>>>
>>>>>>> It's probably worth noting, however, that despite being asked for a
>>>>>>> "civil discussion and substantive proposal", and providing what I felt was
>>>>>>> a genuinely substantive step in that direction, I received a follow-up
>>>>>>> e-mail from Karen saying that they'd like to put this proposal on hold for
>>>>>>> two months while they hold three town halls to discuss the "holistic
>>>>>>> sustainability of the foundation".  To put it another way, what I warned of
>>>>>>> in my response to Greg's e-mail is exactly what the Board and ED were
>>>>>>> looking to do, they just haven't been straightforward in their discussions
>>>>>>> about it.  These conversations have been going on in closed door meetings
>>>>>>> and private e-mail threads, and not on the OWASP-Board mailing list in the
>>>>>>> spirit of openness and transparency.
>>>>>>>
>>>>>>> ~josh
>>>>>>>
>>>>>>> On Sat, Sep 8, 2018 at 12:39 AM John Patrick Lita <
>>>>>>> john.patrick.lita at owasp.org> wrote:
>>>>>>>
>>>>>>>> Hi all
>>>>>>>>
>>>>>>>> I know all that we have problems with each chapters, and i hope
>>>>>>>> that the global committee will also have a program from ASEAN Region.
>>>>>>>>
>>>>>>>> My Chapter in Philippines was idle for a while. I just notice that
>>>>>>>> everytime there is a Conference in STATE no one can answer my questions or
>>>>>>>> query because everyone is busy for Conference.
>>>>>>>>
>>>>>>>> I hope the support is flexible for me as a chapter leader i have so
>>>>>>>> many question and need more guidance to make my chapter more productive and
>>>>>>>> active to the community.
>>>>>>>>
>>>>>>>> Thanks
>>>>>>>>
>>>>>>>> On Fri, Sep 7, 2018, 11:51 PM Travis McPeak <
>>>>>>>> travis.mcpeak at gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Hi all,
>>>>>>>>>
>>>>>>>>> After discussing this with Josh, I'd like to say I misunderstood
>>>>>>>>> the intent of the committee. I was concerned that this would turn into a
>>>>>>>>> lot of endless debate with little action items. What Josh is proposing is
>>>>>>>>> the exact opposite of this.
>>>>>>>>>
>>>>>>>>> When I started as a new chapter leader, I found a surprising lack
>>>>>>>>> of resources or lots of outdated resources for me to draw on. With the
>>>>>>>>> volume of experience we all have as chapter leaders there's no reason why
>>>>>>>>> common problems like these shouldn't be addressed quickly with a
>>>>>>>>> divide-and-conquer approach. Those interested can be empowered and
>>>>>>>>> supported with the necessary resources to go make things better. I now
>>>>>>>>> believe this is the intent of the committee and I look forward to the
>>>>>>>>> awesome things that will come from a result of it.
>>>>>>>>>
>>>>>>>>> -Travis (Bay Area)
>>>>>>>>>
>>>>>>>>> On Tue, Sep 4, 2018 at 1:26 PM Milton Smith <
>>>>>>>>> milton.smith at owasp.org> wrote:
>>>>>>>>>
>>>>>>>>>> This seems like a great proposal to me Josh.  The committees
>>>>>>>>>> operational model looks well written and considers OWASP committee
>>>>>>>>>> organization/operations from the OWASP member perspective.  It’s great to
>>>>>>>>>> have your knowledge and the knowledge of past leaders/staff.
>>>>>>>>>>
>>>>>>>>>> Clearly OWASP is experiencing some growing pains.  We are looking
>>>>>>>>>> at committees for this area but perhaps committees should be considered
>>>>>>>>>> more broadly for other areas where diverse opinion exists?  Properly
>>>>>>>>>> representing everyone’s opinions is difficult in a global organization.
>>>>>>>>>> Josh and Martin your both amazing, you’ve both been improving the security
>>>>>>>>>> space for many years, and I appreciate your leadership and enthusiasm for
>>>>>>>>>> building a better OWASP.
>>>>>>>>>>
>>>>>>>>>> —Milton
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Sep 1, 2018, at 2:28 PM, Josh Sokol <josh.sokol at owasp.org>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>> Dear OWASP Leaders,
>>>>>>>>>>
>>>>>>>>>> As per the OWASP Committees 2.0 Operational Model
>>>>>>>>>> <https://www.owasp.org/index.php/Governance/OWASP_Committees>,
>>>>>>>>>> approved by a vote of the OWASP Board of Directors on July 16, 2014, I
>>>>>>>>>> would like to formally propose the creation of a new "OWASP Global Chapters
>>>>>>>>>> Committee".
>>>>>>>>>>
>>>>>>>>>> My rationale for the creation of this new committee is that our
>>>>>>>>>> community has made a number of observations about inadequacies in the ways
>>>>>>>>>> our Chapters interact with the OWASP Foundation, it's Staff, and the
>>>>>>>>>> Board.  This committee would serve as a new form of governance within the
>>>>>>>>>> OWASP Foundation, cutting red tape and empowering our chapter leaders to
>>>>>>>>>> better serve the mission of OWASP while still adhering to the OWASP Core
>>>>>>>>>> Values of openness, innovation, being a global community, and integrity.
>>>>>>>>>> We will focus on strengthening the OWASP Chapters through education,
>>>>>>>>>> networking, and driving value to our members.
>>>>>>>>>>
>>>>>>>>>> Topics that are within scope for the OWASP Global Chapters
>>>>>>>>>> Committee include, but are not limited to:
>>>>>>>>>>
>>>>>>>>>>    - *Leadership Requirements: *The committee will be
>>>>>>>>>>    responsible for defining requirements for new chapter leaders and create a
>>>>>>>>>>    community vetting process.
>>>>>>>>>>    - *Activity Requirements: *The committee will be responsible
>>>>>>>>>>    for defining the minimum activity requirements for chapters and will
>>>>>>>>>>    periodically review chapters for meeting those minimum requirements.
>>>>>>>>>>    - *Mentorship: *Programs will be created to pair new chapter
>>>>>>>>>>    leaders together with more experienced ones.  Budgets will be established
>>>>>>>>>>    in order to facilitate mentees attendance of mentor chapter meetings.
>>>>>>>>>>    - *Projects Partnership Tours: *To emphasize the importance
>>>>>>>>>>    of projects, a budget will be established for projects to hold regional
>>>>>>>>>>    tours of chapters where they will speak and show off their projects.
>>>>>>>>>>    - *Budgets: *The committee will be a resource for OWASP
>>>>>>>>>>    policies and procedures when it comes to the budget process and ensuring
>>>>>>>>>>    that it is being followed.  The committee will help identify opportunities
>>>>>>>>>>    for chapter leaders to spend their money.
>>>>>>>>>>    - *Policy: *The committee will review and revise the Chapter
>>>>>>>>>>    Leader Handbook on a periodic basis.  They will assess gaps in existing
>>>>>>>>>>    policies and help to create new policies or redefine existing policies to
>>>>>>>>>>    address gaps.
>>>>>>>>>>    - *Guidance: *The committee will serve to help guide other
>>>>>>>>>>    leaders with any questions that they have.  They will assist with finding
>>>>>>>>>>    speakers.  They will help to recommend topics for presentations.
>>>>>>>>>>    - *Feedback: *The committee will survey chapter leadership on
>>>>>>>>>>    pertinent topics and be a listening outlet for chapter needs.
>>>>>>>>>>    - *Conflict Resolution: *The committee will serve as a
>>>>>>>>>>    tribunal for conflicts among and between chapters.
>>>>>>>>>>    - *Local and Regional Events: *The committee will help to
>>>>>>>>>>    guide chapter leaders on how to start and run local and regional events.  A
>>>>>>>>>>    "startup" budget will be formed from existing event revenues in order to
>>>>>>>>>>    seed investment in more events, helping additional chapters to be able to
>>>>>>>>>>    raise enough money to cover their expenses and innovate.
>>>>>>>>>>    - *Board Guidance: *The committee will work with the Board on
>>>>>>>>>>    any initiatives they have as they relate to chapter policies, governance,
>>>>>>>>>>    budgets, or otherwise.
>>>>>>>>>>
>>>>>>>>>> This scoping was developed by myself and Tiffany Long in an
>>>>>>>>>> effort to cover many of the issues our chapters face on a routine basis.
>>>>>>>>>> It is not a comprehensive list and I'd certainly welcome suggestions from
>>>>>>>>>> others in our community.  Moreso, it is my hope that others will be
>>>>>>>>>> interested in participating in and contributing to this committee.
>>>>>>>>>>
>>>>>>>>>> Per the Committee Creation section of the Committees 2.0
>>>>>>>>>> Operational Model, this is now up for a community discussion with a Board
>>>>>>>>>> vote to follow.  I hereby formally request that this be added as a topic
>>>>>>>>>> for vote at the September 19th OWASP Board meeting.  Thank you.
>>>>>>>>>>
>>>>>>>>>> Sincerely,
>>>>>>>>>>
>>>>>>>>>> Josh Sokol
>>>>>>>>>>
>>>>>>>>>> OWASP Board Member 2014-2017
>>>>>>>>>> OWASP Austin Chapter Leader
>>>>>>>>>> OWASP LASCON Conference Co-Founder
>>>>>>>>>> _______________________________________________
>>>>>>>>>> OWASP-Leaders mailing list
>>>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> OWASP-Leaders mailing list
>>>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> -Travis
>>>>>>>>> _______________________________________________
>>>>>>>>> OWASP-Leaders mailing list
>>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> Owasp-chapters mailing list
>>>>>>>> Owasp-chapters at lists.owasp.org
>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-chapters
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> Kind regards,
>>>>>> -martin
>>>>>>
>>>>>> Martin Knobloch
>>>>>> _______________________
>>>>>> OWASP Chairman of the BOD
>>>>>> OWASP Netherlands Chapter Leader
>>>>>>
>>>>>> Email:   martin.knobloch at owasp.org
>>>>>> Mobile: +31623226933
>>>>>> Web:    https://www.owasp.org
>>>>>>
>>>>>> _______________________________________________
>>>>>> Owasp-board mailing list
>>>>>> Owasp-board at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Owasp-board mailing list
>>>>>> Owasp-board at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>>
>>>>>>
>>>>> _______________________________________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>
>>>> --
>>>> *Zoe Braiterman*
>>>> Chair, OWASP Women in AppSec (WIA) Committee - wia at owasp.org
>>>> Vice Chair, OWASP NIST NSTIC IDESG (NNI) Initiative
>>>> Learning Lead, OWASP Mentors Initiative & Learning Gateway Project
>>>>
>>>>
>>>> _______________________________________________
>>>> Owasp-chapters mailing list
>>>> Owasp-chapters at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-chapters
>>>>
>>>
>>>
>>> --
>>> *OWASP Foundation*
>>> Karen Staley
>>> Executive Director
>>>
>>> karen.staley at owasp.org <kelly.santalucia at owasp.org>
>>> Direct: +1 240.446.2951
>>>
>>>
>>> *Consider giving back, and supporting the open source community by
>>> becoming a member <https://www.owasp.org/index.php/Membership> or making
>>> a donation <https://www.owasp.org/index.php/Donate> today! *
>>>
>>> *Join us at AppSec USA 2018 <https://2018.appsecusa.org/> 8-12
>>> October in San Jose, CA!*
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Owasp-chapters mailing list
>>> Owasp-chapters at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-chapters
>>>
>>>
>>
>> This message may contain confidential information - you should handle it
>> accordingly.
>> _______________________________________________
>> Owasp-chapters mailing list
>> Owasp-chapters at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-chapters
>>
> --
>
> secmachine․net #wepowersecdev
> _______________________________________________
> Owasp-chapters mailing list
> Owasp-chapters at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-chapters
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20180910/5c767a9d/attachment-0001.html>


More information about the OWASP-Leaders mailing list