This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Assessing Project Health"
m (Assessing Projects moved to Assessing Project Sites: Change in how the criteria worked) |
(Updated to reflect new revisions of the criteria v2) |
||
| Line 6: | Line 6: | ||
| − | + | === Assessing Project Sites === | |
| + | Project sites themselves have a much simpler assessment criteria than releases. Project sites are categorized as either "New" or "Established". The best method to illustrate the difference is to explain the progress of an example project through these categories: | ||
| − | * | + | * A security professional has an idea to address an issue in application security and proposes a new project to the Global Projects Committee (GPC). |
| − | * | + | * The GPC agrees with the proposal, gathers some initial data from the security professional and creates a new project page. |
| − | + | * The security professional, now the project lead, works on the project and creates a release which reaches Beta quality. | |
| − | + | * The example project is still a new project but has a release of beta quality. It will be listed at the top of the new project list since it has a Beta quality release. | |
| − | * | + | * The project lead continues to work on the project release and reaches a Quality release. The project site will then be assessed based on the criteria below and moved to the Established projects list. |
| − | + | === Project Site Criteria === | |
| + | |||
| + | The following questions will be answered by the project lead or project maintainer and be reviewed by the Global Projects Committee: | ||
| + | |||
| + | * Does the project site... | ||
| + | # have an up to date project template with current project information? | ||
| + | # have a conference style presentation that describes the tool in at least 3 slides? | ||
| + | # have a one sheet overview document about the project? | ||
| + | # have a link to a working mail list? | ||
| + | # have a statement of the application security issue the project addresses? | ||
For OWASP project wiki pages, please see the Project Wiki Pages section of the [http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects Guidelines for OWASP Projects] for additional suggestions/recommendations. | For OWASP project wiki pages, please see the Project Wiki Pages section of the [http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects Guidelines for OWASP Projects] for additional suggestions/recommendations. | ||
| + | |||
| + | === Archiving Project Sites === | ||
| + | |||
| + | The exact criteria for archiving project sites has not yet been determined. However, the Global Projects Committee sees that an archive of projects that are kept for historical purposes will be needed. This page or subsequent pages will determine the situation under which project pages are archived. | ||
| + | |||
| + | === Pre-existing project sites === | ||
| + | |||
| + | The Global Projects Committee realizes that there are many current project sites which pre-existed the above assessment criteria. Those project sites will be reviewed and classified in the near future. The exact timing and methodology for addressing existing sites has not yet been determined. | ||
Revision as of 04:52, 27 April 2009
This is a DRAFT page still under review by the Global Projects Committee
This page is maintained by the Global Projects Committee to help assist Project Leaders with information about successfully running an OWASP Project. It will be updated from time to time, and changes will be discussed and announced on the OWASP-Leaders list.
Assessing Project Sites
Project sites themselves have a much simpler assessment criteria than releases. Project sites are categorized as either "New" or "Established". The best method to illustrate the difference is to explain the progress of an example project through these categories:
- A security professional has an idea to address an issue in application security and proposes a new project to the Global Projects Committee (GPC).
- The GPC agrees with the proposal, gathers some initial data from the security professional and creates a new project page.
- The security professional, now the project lead, works on the project and creates a release which reaches Beta quality.
- The example project is still a new project but has a release of beta quality. It will be listed at the top of the new project list since it has a Beta quality release.
- The project lead continues to work on the project release and reaches a Quality release. The project site will then be assessed based on the criteria below and moved to the Established projects list.
Project Site Criteria
The following questions will be answered by the project lead or project maintainer and be reviewed by the Global Projects Committee:
- Does the project site...
- have an up to date project template with current project information?
- have a conference style presentation that describes the tool in at least 3 slides?
- have a one sheet overview document about the project?
- have a link to a working mail list?
- have a statement of the application security issue the project addresses?
For OWASP project wiki pages, please see the Project Wiki Pages section of the Guidelines for OWASP Projects for additional suggestions/recommendations.
Archiving Project Sites
The exact criteria for archiving project sites has not yet been determined. However, the Global Projects Committee sees that an archive of projects that are kept for historical purposes will be needed. This page or subsequent pages will determine the situation under which project pages are archived.
Pre-existing project sites
The Global Projects Committee realizes that there are many current project sites which pre-existed the above assessment criteria. Those project sites will be reviewed and classified in the near future. The exact timing and methodology for addressing existing sites has not yet been determined.
