[Owasp-leaders] Accounting Error - IRS

Tom Brennan - OWASP tomb at owasp.org
Wed Sep 19 11:10:55 UTC 2018

Board, Executive Director, Members,

In comparison of OWASP Foundation’s IRS 990 to a similar organization that
I am doing work for, I have identified a flaw in the IRS 990’s of OWASP
Foundation that needs to be remedied. This has also been confirmed
independently with a CPA.


See page 22 (contributing organizations aka: member/donators)

See page 24 on this one same

Alert to the board as a new business topic for appsecusa f2f board meeting
and leader meeting.

The 2017 and then future reports can only be accurate when ANYONE spending
5,000usd + as a charitable undirected donation more must be listed on the
990 explicitly.

As the OWASP Secretary in 2017 please share with me the draft ASAP so I can
review prior to approval/signatures if my name will be associated with it.
As it is not yet filed or copy published online at
filing extension is coming due

Corporate members that will need to be listed include

Details of member allocation (no date of last update so not clear how
accurate this is anymore)

Finally, if OWASP continues the practice of purchases of conference space
for exhibiting as “donations” then these also must be listed if exceeding
the threshold and reported accurately to the IRS.

After identification of this, I was surprised that this was not called out
at the past audit but perhaps it was and is already been reviewed by the
now current board?  The last audit findings appears to be published from

Please post subsequent documents for the benefit of members and
organizational faith/transparency

Finally it is useful to ensure the House is in order to update Charity
Navigator accordingly. This demonstrates due care for an organization of
our OWASP Foundations size


Tom Brennan
OWASP Foundation, NYC Metro Chapter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20180919/37ca0ae3/attachment.html>

More information about the OWASP-Leaders mailing list