[Owasp-website] Website Redesign Request for OPEN Quotations

Colin Watson colin.watson at owasp.org
Wed Jul 20 13:17:04 EDT 2011

Hi Rory!

Thank you for the response.  I have put some replies in line:

> Cool thanks for the questions.  Some answers as far as I know them.
> I think the main point initial point is budget.  A request went to the last
> board meeting for indicative funding of $5000 - $10000 for funding of the
> website re-design (although that's purely a ballpark figure).  We've not
> heard back officially from the board on the status of that request, although
> I understand that unfortunately there wasn't time to cover it at the latest
> meeting.


> Closing date for quotations - None set.  My feeling here being that we'd
> decide this once we have agreed funding :)

Yes, makes sense.  I think it will be necessary to set some sort of
timescales and stick with them.  Since OWASP is completely open, this
will probably mean the submitted quotes are made public, and bidders
might not want to submit before anyone else (and thus give their
ideas/understanding to competitors).

I have to declare an interest here.  I am considering submitting a
quotation (jointly with others).  Therefore all my comments here are
open, and to be shared with everyone, but it helps explain my intent!

> Criteria for judging and whos responsible - Good question. My current
> thought would be that we'd need to engage appropriate OWASP leaders
> (although I'd be keen to keep the numbers here small to help maintain
> momentum).  In terms of criteria, I'm open to suggestions here, but I was
> thinking that it would be a combination of portfolio/track record (ie that
> the company has delivered good designs in the past), cost (that the company
> can deliver what's required within budget), how well the designs fit with
> the specification, and how well the proposal demonstrates an uderstanding of
> the requirements.

That all sounds reasonable, maybe except for "how well the designs fit
with the specification" which would only be known after appointment
and work has begun?  Or have I misunderstood the process?

> Timescales - I'd be interested to hear from anyone on the list who's
> commissioned this kind of work before.  My feeling was that we'd be looking
> at iterating the design and delivery of the templates and graphical assets
> over a period of 2-3 weeks, but happy to hear if that's a unrealistic
> timescale...

It would be worth allowing longer, as "iterations" take time to do,
and receive feedback.  Allowing for iterations will probably increase
the bid values.  You may want to define how many rounds this involves.

> Mocks approval - This would be along the lines of a) hopefully the same
> OWASP leaders who were involved in choosing the designer and b) agreeing
> that they meet the design as specified in the winning proposal.


> Approval process - Agreed, I don't think it's realistic to try to engage the
> whole OWASP community for this. I'd hope to have a small approvals
> committee, who would be the same throughout the process.


> CMS - Nope.  Initially what we're looking to deliver is a pure HTML/CSS/JS
> solution.  this is primarily for ease of integration with the existing OWASP
> website (we can place static content easily in the same webroot as the
> mediawiki, without disrupting it), and ease of delivery (the process of
> choosing a CMS for use here would add considerably to the delivery
> timescales and may also overlap with other, more strategic, initiavitve
> around products like Jive)


> HTH, Of course any comments/corrections/suggestions welcome :)
> cheers

Thanks for this,


> On Wed, Jul 20, 2011 at 12:25 PM, Colin Watson <colin.watson at owasp.org>
> wrote:
>> I read about this request on Twitter, and have added some questions:
>> https://www.owasp.org/index.php/RFO_Web_Design#Questions_from_Potential_Contractors
>> Colin
>> _______________________________________________
>> Owasp-website mailing list
>> Owasp-website at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-website

More information about the Owasp-website mailing list