This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Chapter Handbook/Chapter 3: How to Start a Chapter"

From OWASP
Jump to: navigation, search
(Chapter Naming)
 
(27 intermediate revisions by 8 users not shown)
Line 1: Line 1:
[[Category:Chapter_Handbook]]
+
==Start-up Information==
 +
The following information should be provided in an application to start or restart an OWASP Chapter:
 +
* List of the people that are founding the chapter. Each founding member(s) must submit:
 +
** Statement regarding their professional background or resume, and
 +
** Statement of why he or she wants to be an OWASP Leader.
 +
* The geographical area to be covered by the new chapter. Chapter names should represent the immediate city or region that is being served. It is also required that the chapter leader(s) work or live in the immediate geographical area.
 +
* Acknowledgement that founding member(s) read, understands, and agrees to the terms of the Chapter Handbook.
 +
* While it is not mandatory, a good understanding of English will help with communication within the OWASP global community.
 +
Requests to start or restart an OWASP Chapter may be initiated through the Chapter Request form. If at any time you wish to leave your position as leader or add a new leader the same form may be used by selecting “Modify Chapter Leadership” from the drop down menu.
  
'''''(Work in progress)'''''
+
==New Chapter Approval Process==
 +
After receiving the above information via the online form, an OWASP employee will give a cursory check of the above items to ensure new chapter leaders are serious and understand their commitment. Upon review of requester's credentials and resolution of any potential conflicts, the applicant can move forward as a chapter leader. A chapter wiki page and mailing list will be set up for the new leader(s) and the chapter leader(s) will be given an OWASP email account and password to operate as the administrator of the new chapter mailing list. Additionally, every new chapter with at least 2 chapter leaders will be allocated a $500 budget to begin with.  
  
== Starting or Restarting a chapter ==
+
==Chapter Naming==
An OWASP local chapter organizes OWASP activity in a given geographical area. A person or a group (the "founding group") can request to start a new chapter in a geographical area not currently served by an OWASP group. The global chapter committee should actively seen founders to start groups in geographical ares not covered by an OWASP chapter.
 
  
A request to start or restart a chapter should be submitted by the founding group to the OWASP board and should include:
+
The format used for naming a chapter is: OWASP [Insert City, Region, or Country Name of Chapter]. For example: OWASP Austin, OWASP London, OWASP Malaysia.
* '''List of the people that are founding the chapter'''
 
** The founding group members should join as OWASP members
 
** The request should in include their resumes.
 
* '''The geographical area to be covered by the new chapter'''
 
** The geographical area should not overlap with an existing chapter.
 
** OWASP chapters promote face to face meetings and the geographical area covered should be no more than a reasonable travel for an afternoon meeting [1].
 
* '''Recommendation by 5 current OWASP leaders'''
 
* This requirement can be waived by the board, especially if the chapter is started in a remote area in which OWASP currently has no activity.
 
* '''Recommendation by 5 people who practice information security in the covered geography'''
 
** Required to complement the founding group if it is smaller than 5. If there is one founder, 4 recommendations are needed, if there are two founders, 3 recommendations are needed as so on.
 
** Relevant bio details of the recommending people should be added.
 
  
The OWASP board will decide whether to grant the person of group the opportunity to start the new chapter for a trial period, but not before submitting the request for a review by OWASP leaders. The review will enable OWASP 
+
It is not necessary to specify your chapter is a “local” chapter, because by definition any chapter is “local”. When registering your chapter name on Linkedin, Meetup, Twitter, or any other social media site this naming convention must be followed as it makes sorting and finding chapters easier. Where the Foundation owns an account with the same service, it is advisable to follow, join, or otherwise link the chapter’s account to the foundation’s.
  
=== Trial period ===
+
==Geographic area==
The founding members of the local chapter should achieve the minimum activity listed below. The global chapter committee would review the chapters activity after 3 months and after
+
An OWASP chapter organizes OWASP activity in a given geographical area. A person or a group (the "founding members") can request to start a new chapter in a geographical area not currently served by an OWASP group.
  
== Terminating a Chapter ==
+
One key to a successful OWASP chapter is selecting the right geographical area. Naturally, the geographical area should not overlap with an existing chapter. OWASP chapters promote face-to-face meetings and the geographical area covered should be no more than a reasonable travel for a meeting. On the other hand, the area should be large enough to serve enough people who are interested in web application security and enough people to be active in the chapter.
Terminating a chapter should be rare. An OWASP chapter is terminated by a board decision if:
 
* The chapter did not meet the minimum activity requirements
 
* The chapter leadership has not followed the chapter guidelines as outlines in this manual. Critical guidelines are:
 
** Operation with the OWASP charter
 
** Lack of conflict of interest in running the chapter
 
  
The board will inform the chapter leadership about the decision and will allow it to correct the issues leading to the termination within 3 months.
+
If a chapter is to cover a regional or national area, there should be a plan in place to serve all applicable areas.  For instance, both OWASP Germany and OWASP Italy serve an entire nation by hosting larger conference-like meetings in multiple cities throughout the year.  In this way AppSec professionals from the entire geographic region have access.  For example, it would not be acceptable to host OWASP Germany only in a single city and ignore the other regions where a OWASP Chapter is desired.
  
The global chapter committee should periodically review chapters activity and if the do not meet the minimum activity requirement may recommend to the board to terminate them. If terminated, the OWASP Global chapters committee would actively seek a replacing founding team to restart the chapter.
+
==Student, University, or Academic Chapters==
 +
OWASP student, university, academic chapters must follow the same mandatory guidelines set for standard OWASP Chapters, however there are generally special funds and people in place to provide support and guidance for these chapters. Visit the [[OWASP Student Chapters Program|Student Chapters]] and [[Academic Supporter]] pages for details on these guidelines.
  
== Chapter's structure ==
+
[[Category:Chapter_Handbook]]
Since chapters are based on volunteers work, there is no mandatory chapter structure. The only requirement is for chapter needs to have a chairman who is responsible to answer to the OWASP board. We do recommend that a chapter would have also a board with at least 3 members, each one having a specific role (To do: roles list).
 
 
 
Chapters are free to decide on the number of role holders, their titles, how they are selected and for how long. In case there is a dispute that cannot be resolved by the chapters members the following rules will apply:
 
* If more than one person apply for a role, and the candidates cannot find a cooperative solution, elections would be held. The elections would be held by e-mail and every OWASP member who ....
 
* A person would serve in a given role for a period 24 months.
 
* Once the period ends, the
 
 
 
(Open issue: chapter membership)
 
 
 
== Conflict of interest ==
 
* Proper disclosure guidelines
 
 
 
== Minimum activity requirements ==
 
 
 
 
 
== Foot notes ==
 
[1] An open issue is country chapters. As a result of the OWASP chapters geographical area definition, they are usually limited to a city. While country chapters exist, there is currently no formal concept of a country chapter and no guidelines for the relationship between the country chapter and local city chapters. This may be of interest as some activities are national in essence such as translation of OWASP material, participation in regulatory bodies and large scale conferences.
 

Latest revision as of 21:17, 2 July 2019

Start-up Information

The following information should be provided in an application to start or restart an OWASP Chapter:

  • List of the people that are founding the chapter. Each founding member(s) must submit:
    • Statement regarding their professional background or resume, and
    • Statement of why he or she wants to be an OWASP Leader.
  • The geographical area to be covered by the new chapter. Chapter names should represent the immediate city or region that is being served. It is also required that the chapter leader(s) work or live in the immediate geographical area.
  • Acknowledgement that founding member(s) read, understands, and agrees to the terms of the Chapter Handbook.
  • While it is not mandatory, a good understanding of English will help with communication within the OWASP global community.

Requests to start or restart an OWASP Chapter may be initiated through the Chapter Request form. If at any time you wish to leave your position as leader or add a new leader the same form may be used by selecting “Modify Chapter Leadership” from the drop down menu.

New Chapter Approval Process

After receiving the above information via the online form, an OWASP employee will give a cursory check of the above items to ensure new chapter leaders are serious and understand their commitment. Upon review of requester's credentials and resolution of any potential conflicts, the applicant can move forward as a chapter leader. A chapter wiki page and mailing list will be set up for the new leader(s) and the chapter leader(s) will be given an OWASP email account and password to operate as the administrator of the new chapter mailing list. Additionally, every new chapter with at least 2 chapter leaders will be allocated a $500 budget to begin with.  

Chapter Naming

The format used for naming a chapter is: OWASP [Insert City, Region, or Country Name of Chapter]. For example: OWASP Austin, OWASP London, OWASP Malaysia.

It is not necessary to specify your chapter is a “local” chapter, because by definition any chapter is “local”. When registering your chapter name on Linkedin, Meetup, Twitter, or any other social media site this naming convention must be followed as it makes sorting and finding chapters easier. Where the Foundation owns an account with the same service, it is advisable to follow, join, or otherwise link the chapter’s account to the foundation’s.

Geographic area

An OWASP chapter organizes OWASP activity in a given geographical area. A person or a group (the "founding members") can request to start a new chapter in a geographical area not currently served by an OWASP group.

One key to a successful OWASP chapter is selecting the right geographical area. Naturally, the geographical area should not overlap with an existing chapter. OWASP chapters promote face-to-face meetings and the geographical area covered should be no more than a reasonable travel for a meeting. On the other hand, the area should be large enough to serve enough people who are interested in web application security and enough people to be active in the chapter.

If a chapter is to cover a regional or national area, there should be a plan in place to serve all applicable areas.  For instance, both OWASP Germany and OWASP Italy serve an entire nation by hosting larger conference-like meetings in multiple cities throughout the year.  In this way AppSec professionals from the entire geographic region have access.  For example, it would not be acceptable to host OWASP Germany only in a single city and ignore the other regions where a OWASP Chapter is desired.

Student, University, or Academic Chapters

OWASP student, university, academic chapters must follow the same mandatory guidelines set for standard OWASP Chapters, however there are generally special funds and people in place to provide support and guidance for these chapters. Visit the Student Chapters and Academic Supporter pages for details on these guidelines.