This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Talk:Summit 2011 Working Sessions/Session013

Jump to: navigation, search

The Summit is really shaping up to be an exciting event. There are many great working sessions developing and I'm sure the "hallway con" will be just as good. That said there is one session on OWASP Governance that I'd like to draw your attention to ( As we grow we constantly need to examine and refine how we operate to ensure that OWASP is best positioned to accomplish the mission of increasing visibility and securing web applications. "OWASP Board/Committee Governance" co-hosted by Tom Brennan, Jason Li and myself is focused more on "how the sausage is made" of OWASP. While not a "sexy" session we are going make an attempt at answering some of the hard questions about OWASP as an organization and how we can improve OWASP to further the mission.

At the 2008 Summit we began to mature as an organization with the establishment of the Global Committee structure, and after 2 years under the new structure there are a number of lingering questions, concerns, objections and murmurings regarding the organization as a whole. While some of these questions have been expressed, what we really need are YOUR thoughts, ideas, questions and contributions about OWASP's operations and governance so we can discuss them at this important session. Tom, Jason and I have developed the following outline of topics to get us started (by no means final):

  • Universal Committee Governance Document/Policies - Set quorum rules, minimum meeting frequency, member requirements, operational policies (such as reimbursements and OWASP funded travel) that apply to all committees
  • Review Board Governance and By-Laws
    • Change in Board composition to fit a more international model (2 US, 2 EU, 1 SA, 1 Asia, 1 Asia-Pacific has been proposed)
  • Committee alignment to OWASP Goals/Mission including Authorities, Individual Missions and Areas of Responsibility (AoR).
  • Clarification of Committee Authorities - How the Committees and the board will interact in the committee policy areas
  • Providing budgets to committees for direct oversight and spending in their AoR
  • Additional transparency in OWASP accounting (Expenditures, Expense Reports for Officers/Committee Members.....)

Please feel free to email me or update the Wiki Page with any questions or comments you may have. I'd like to start collecting and categorizing them so we can set a final agenda for the session. Also, if your planning on being at the summit and would like to attend, be sure to add your name to the attendee list.