This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "February 17, 2016"
m (→Time) |
Paul Ritchie (talk | contribs) (→Meeting Minutes) |
||
(50 intermediate revisions by 11 users not shown) | |||
Line 4: | Line 4: | ||
* Joining the call acknowledges your awareness of recording and consent to be recorded and public dissemination of the recording. | * Joining the call acknowledges your awareness of recording and consent to be recorded and public dissemination of the recording. | ||
* [https://www.dropbox.com/s/9v88xcox5rb6pkc/2016-01-13%2016.09%20OWASP%20Board%20Meeting.wmv?dl=0 Recording of 13 January 2016 OWASP Board Meeting] | * [https://www.dropbox.com/s/9v88xcox5rb6pkc/2016-01-13%2016.09%20OWASP%20Board%20Meeting.wmv?dl=0 Recording of 13 January 2016 OWASP Board Meeting] | ||
+ | * [https://www.dropbox.com/s/rksh4zr5sf6z2un/2016-02-17%2015.02%20OWASP%20Board%20Meeting.wmv?dl=0 Recording of 17 February 2016 OWASP Board Meeting] | ||
===Time=== | ===Time=== | ||
Line 20: | Line 21: | ||
=== Meeting Minutes=== | === Meeting Minutes=== | ||
− | * | + | |
+ | * [https://docs.google.com/document/d/1NgJB0B98pP2-THUMks0fNf_yZmGsDKs_uCJMsAYuZ-Y/edit Jan.2016 Meeting Minutes for Approval] | ||
+ | * [https://docs.google.com/a/owasp.org/document/d/1J9BZ2DIgItMpajbAaPGzA1HcbkVQ5SKzfLUFDa06H4s/edit?usp=sharing 17 February 2016 Board Meeting Minutes] | ||
= Reading Material = | = Reading Material = | ||
'''''It is a requirement as a board member to fully read all material prior to the start of the meeting''''' | '''''It is a requirement as a board member to fully read all material prior to the start of the meeting''''' | ||
+ | 1. [https://docs.google.com/document/d/1PvNeEWgoO1w51VhHLwqqSgo0mBh-RvmSFUKMTz4QrYg/edit?pref=2&pli=1#heading=h.lw77ixr6kxi Proposal from Johanna on OWASP-Project-Review Updates & Incentives] | ||
+ | * Should Project Task Force be 'relaunched' as Project-Review-Committee with same Committee 2.0 procedures and authority? | ||
+ | * Some questions in the proposal may be resolved at Committee level, without needing board motion & approval. (P.Ritchie interpretation) | ||
+ | * [https://docs.google.com/document/d/1QPaSEgNOkfOkk8L4X-PDT2WA9ya1E6braN5-JfgEzMQ/edit?usp=sharing Summary of Questions & response from Johanna dated Feb.10, 2016] | ||
+ | |||
+ | 2. >> READ Staff Status reports below, including Detail Financial Report for 2015 through December 2015 in Excel format. P&L, A/R, A/P, Balance Sheet with cash balances for Foundation & Chapters & Projects | ||
+ | |||
+ | 3.[https://www.owasp.org/index.php/Help_Secure_Owasp_assests Help Secure OWASP assets initiative, contributions from volunteers ] | ||
+ | * Which companies or individuals can contribute to help manage Wiki & mailing list with maintenance and patching? | ||
+ | * Status of Bug Bounty management services for projects and other OWAPS assists as the WIKI - through Barter Deals with service providers | ||
+ | |||
+ | 4. [https://drive.google.com/file/d/0B4xgbqJzimL4YUtpM0dubEFudXM/view?usp=sharing IT Transformation Discussion paper] | ||
+ | * IT Transformation Discussion paper | ||
= Meeting Agenda = | = Meeting Agenda = | ||
Line 32: | Line 48: | ||
== Actionable Agenda Topics == | == Actionable Agenda Topics == | ||
+ | * Review, discuss, act on Johanna proposal. See reading material above. | ||
− | + | == Discussion Topics == | |
− | * | + | * OWASP Infrastructure Transformation. AJV. [https://drive.google.com/file/d/0B4xgbqJzimL4YUtpM0dubEFudXM/view?usp=sharing IT Transformation Discussion paper] |
− | |||
− | |||
− | |||
− | + | * Help Secure OWASP assets : https://www.owasp.org/index.php/Help_Secure_Owasp_assests | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== Misc. Topics (10-15 Minutes) == | == Misc. Topics (10-15 Minutes) == | ||
− | * | + | * Temperature on Training + Leader Summit |
+ | * Second 5K sponsor package as outlined here: https://docs.google.com/document/d/1NG8C27_RuNmwfTnrUE_-gB5IyHlmTYo1lv-CTXo25p8/edit | ||
==Old Business== | ==Old Business== | ||
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here] | All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here] | ||
− | * | + | |
+ | * Matt K: Action / Update on search for OWASP Compliance officer | ||
+ | |||
+ | * Paul R: Action - Need clarification. Under financial proposal #3 & 4. Do 'Projects' require 2 leaders, or just 1 leader and 1 other active participant? Various emails recommend the latter. Staff recommends 1 leader plus 1 active participant for definition of active project. | ||
+ | ** See Oct. 14, 2015 Votes here. https://www.owasp.org/index.php/OWASP_Board_Votes | ||
+ | |||
+ | ** Chapters are being managed with a 2 leader requirement. | ||
==New Business== | ==New Business== | ||
All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here] | All active board proposals are listed [https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing here] | ||
− | * | + | * See Johanna new Project Review proposal above. |
− | |||
− | |||
== Action Item Follow-Up == | == Action Item Follow-Up == | ||
− | * | + | * [https://docs.google.com/spreadsheets/d/1LtYN2QSCUBSM53_M0HGAISqiGiXbxO9k8LXv2ZoIVgQ/edit?usp=sharing 2016 Action Item Status from Past BoD Meetings] |
+ | ** This is new excel sheet showing AI as either OPEN or Closed with status for monthly Board reporting | ||
== Reports == | == Reports == | ||
− | === Chairmain's Report - | + | === Chairmain's Report - Matt Konda === |
− | * | + | * Identified compliance team. (Fiona, Bil, Richard) |
+ | * ED annual review underway. (Feedback solicited, reviewing materials) | ||
+ | * Handoff from Tobias. | ||
+ | * Financials call with Andrew and Virtual | ||
+ | * Talked to 6 potential sponsors. | ||
+ | * Participated in Project call. | ||
+ | * Wrote sponsor letter for AppSecEU | ||
+ | * Discussion with Kate about Training + Leader Summit and software sponsor tier. | ||
+ | * Weekly one on one call. | ||
+ | Detail here: https://trello.com/b/YWY4pf8I/global-board | ||
+ | |||
=== Vice Chairmain's Report - Josh Sokol === | === Vice Chairmain's Report - Josh Sokol === | ||
*TODO | *TODO | ||
− | === Treasurer Report - | + | === Treasurer Report - Andrew van der Stock === |
− | * | + | |
− | === Secretary Report - | + | I have had a kick off meeting with Paul, Alison, Matt, and Tom Pappas (our CFO) from Virtual to discuss a financial handover. |
+ | |||
+ | This meeting went well, and filled in a number of gaps for me. The main action items from my point of view are: | ||
+ | |||
+ | * Establishing an OWASP archive for our financial and other corporate records that is accessible by Alison so we don't lose the lot if something happened to Alison's residence or computer. This applies primarily to our old records, which we need to keep for 7 years, but aren't necessarily used daily. | ||
+ | * Ensuring that our FY15 year is closed out and our annual report is ready on time. This seems to be in hand, but I will keep on eye on things. | ||
+ | * Paul is considering moving our accounts to a better financial institution as our current one requires us to use yet another payment service. This should improve our visibility of bills and make reconciliation easier. I support this move, as it should improve our transparency and reduce costs. | ||
+ | * Once we have final reconciliation and the FY15 books are closed, I will ask my wife (a CPA) to look over the records to ensure things are okay. | ||
+ | |||
+ | Additionally, I asked about a line of credit that I heard was being established. Apparently there is something happening here. My main concern is that it shows up on the books so we can make sure we don't get into trouble by using it for operational expenditure unnecessarily. I understand the need for it, but we could easily get into trouble if we are paying bills on credit without a supporting income. | ||
+ | |||
+ | === Secretary Report - Jim Manico === | ||
*TODO | *TODO | ||
− | === | + | === Updates from Members at Large === |
− | + | * Michael Coates (Chapters) | |
+ | ** Focus areas for investment into chapters this year include: | ||
+ | *** Chapter Leader Call by region (work with staff) | ||
+ | *** Chapter speaker rating system | ||
+ | *** Centralized chapter speaker recommendation system | ||
==Reports== | ==Reports== | ||
− | * | + | * Executive Director Status Report for 17 Feb 2016 [https://docs.google.com/document/d/131tVN6DamrOat1Io4ez3Nn4nVc_1iekeiEoUGhhTpf4/edit?usp=sharing Exec.Director Status Report - 17Feb2016] |
+ | ** [https://docs.google.com/spreadsheets/d/1OdiijD2toRgkhIKupbrFMqAEZSBH_NrTxHxkKe7XDzM/edit?usp=sharing Detail 2015 Financial Report through Dec. 2015 in Excel Format] Note: These are PRELIMINARY numbers and will be final once the 2015 Books are officially 'closed' by Accounting firm approx. Mar 1, 2016 | ||
+ | * Membership & Business Liaison Report - Kelly Santalucia [https://www.owasp.org/index.php/January_2016_Membership_Report January Membership Report] | ||
+ | **[https://docs.google.com/a/owasp.org/document/d/1GTC7FT1VYGird1gnKXwbziyOAUYDqNkm9HwPHPnXFc4/edit?usp=sharing Strategic Goal #2 Report and CodeMash 2016 update] | ||
+ | * Event Manager Report - Laura Grau [https://www.owasp.org/images/5/5b/February2016ConferenceManagerReport.pdf February Report] | ||
+ | * Operations Report - Kate Hartmann [https://docs.google.com/a/owasp.org/document/d/1gM66GBHD1y_Q3s9x_mz6hGASRhVM8nXQIwnE1TUYYyU/edit?usp=sharing report] | ||
+ | * Project Coordinator Report - Claudia Casanovas [https://docs.google.com/a/owasp.org/presentation/d/1bPsEydCrPZ_Xwm639h2GTjC1V7YCPawCoT-cjVnDEAs/edit?usp=sharing Report] | ||
+ | * Community Manager Report -Noreen Whysel [https://docs.google.com/a/owasp.org/document/d/1-4fIJfiLa8l02Hf1XBMqRYEiY2z6g4qwln-_ZLQ6GIs/edit?usp=docslist_api Report] | ||
+ | * IT Update from Matt T. | ||
+ | ** MediaWiki has been updated 3 times since AppSec USA 2015 (Sept. 2015) | ||
+ | ** Upgrade to Mailman 3.0 & server delayed due to Website demands from CalifAppSec Team 'emergency', AppSec USA & AppSec EU website builds. | ||
+ | ** Some dead and inactive email lists cleaned out. Generally low priority re: other demands. | ||
+ | ** 10 hours /month is completely too little for demands from Community, especially for breakage & repair after Matt sets items up for community use. (Matt has details & examples) | ||
+ | ** Net, net Paul now working with staff and Matt T to define how to add resource with 'Matt level access' to cover more common community support needs, vs. Infrastructure/domain/server admin to remain with Matt T. | ||
=== Community Initiative Reports === | === Community Initiative Reports === | ||
Line 89: | Line 137: | ||
==Adjournment== | ==Adjournment== | ||
− | * Next meeting date/time: | + | * Willing to shift to March 15? |
+ | * Next meeting date/time: [[March 16, 2016]], 16:00-17:00 PST - [http://www.timeanddate.com/worldclock/meetingdetails.html?year=2016&month=03&day=16&hour=23&min=0&sec=0&p1=224&p2=24&p3=263&p4=78&p5=37&p6=102&p7=152 TimeZone Converter ] | ||
==Motion to close meeting== | ==Motion to close meeting== |
Latest revision as of 17:15, 18 February 2016
- 1 Dial In Info
- 2 Reading Material
- 3 Meeting Agenda
Dial In Info
Notice of Recording
- Notice to all attendees - board meetings are recorded and publicly available as of March, 2013
- Joining the call acknowledges your awareness of recording and consent to be recorded and public dissemination of the recording.
- Recording of 13 January 2016 OWASP Board Meeting
- Recording of 17 February 2016 OWASP Board Meeting
Time
- February 17, 2016, 15:00-16:30 PST - TimeZone Converter
Location
Teleconference Information:
https://www3.gotomeeting.com/join/861328838
International Toll Free Calling Information
Attendance Tracker
Board Meeting Attendance Tracker
Meeting Minutes
Reading Material
It is a requirement as a board member to fully read all material prior to the start of the meeting
1. Proposal from Johanna on OWASP-Project-Review Updates & Incentives
- Should Project Task Force be 'relaunched' as Project-Review-Committee with same Committee 2.0 procedures and authority?
- Some questions in the proposal may be resolved at Committee level, without needing board motion & approval. (P.Ritchie interpretation)
- Summary of Questions & response from Johanna dated Feb.10, 2016
2. >> READ Staff Status reports below, including Detail Financial Report for 2015 through December 2015 in Excel format. P&L, A/R, A/P, Balance Sheet with cash balances for Foundation & Chapters & Projects
3.Help Secure OWASP assets initiative, contributions from volunteers
- Which companies or individuals can contribute to help manage Wiki & mailing list with maintenance and patching?
- Status of Bug Bounty management services for projects and other OWAPS assists as the WIKI - through Barter Deals with service providers
4. IT Transformation Discussion paper
- IT Transformation Discussion paper
Meeting Agenda
Call to Order /OWASP Mission
Open Meeting - Start Recording, List attendees and Agenda update (only if last-minute changes are needed) (5 min)
- Approve minutes from January 13, 2016.
Actionable Agenda Topics
- Review, discuss, act on Johanna proposal. See reading material above.
Discussion Topics
- OWASP Infrastructure Transformation. AJV. IT Transformation Discussion paper
- Help Secure OWASP assets : https://www.owasp.org/index.php/Help_Secure_Owasp_assests
Misc. Topics (10-15 Minutes)
- Temperature on Training + Leader Summit
- Second 5K sponsor package as outlined here: https://docs.google.com/document/d/1NG8C27_RuNmwfTnrUE_-gB5IyHlmTYo1lv-CTXo25p8/edit
Old Business
All active board proposals are listed here
- Matt K: Action / Update on search for OWASP Compliance officer
- Paul R: Action - Need clarification. Under financial proposal #3 & 4. Do 'Projects' require 2 leaders, or just 1 leader and 1 other active participant? Various emails recommend the latter. Staff recommends 1 leader plus 1 active participant for definition of active project.
- See Oct. 14, 2015 Votes here. https://www.owasp.org/index.php/OWASP_Board_Votes
- Chapters are being managed with a 2 leader requirement.
New Business
All active board proposals are listed here
- See Johanna new Project Review proposal above.
Action Item Follow-Up
- 2016 Action Item Status from Past BoD Meetings
- This is new excel sheet showing AI as either OPEN or Closed with status for monthly Board reporting
Reports
Chairmain's Report - Matt Konda
- Identified compliance team. (Fiona, Bil, Richard)
- ED annual review underway. (Feedback solicited, reviewing materials)
- Handoff from Tobias.
- Financials call with Andrew and Virtual
- Talked to 6 potential sponsors.
- Participated in Project call.
- Wrote sponsor letter for AppSecEU
- Discussion with Kate about Training + Leader Summit and software sponsor tier.
- Weekly one on one call.
Detail here: https://trello.com/b/YWY4pf8I/global-board
Vice Chairmain's Report - Josh Sokol
- TODO
Treasurer Report - Andrew van der Stock
I have had a kick off meeting with Paul, Alison, Matt, and Tom Pappas (our CFO) from Virtual to discuss a financial handover.
This meeting went well, and filled in a number of gaps for me. The main action items from my point of view are:
- Establishing an OWASP archive for our financial and other corporate records that is accessible by Alison so we don't lose the lot if something happened to Alison's residence or computer. This applies primarily to our old records, which we need to keep for 7 years, but aren't necessarily used daily.
- Ensuring that our FY15 year is closed out and our annual report is ready on time. This seems to be in hand, but I will keep on eye on things.
- Paul is considering moving our accounts to a better financial institution as our current one requires us to use yet another payment service. This should improve our visibility of bills and make reconciliation easier. I support this move, as it should improve our transparency and reduce costs.
- Once we have final reconciliation and the FY15 books are closed, I will ask my wife (a CPA) to look over the records to ensure things are okay.
Additionally, I asked about a line of credit that I heard was being established. Apparently there is something happening here. My main concern is that it shows up on the books so we can make sure we don't get into trouble by using it for operational expenditure unnecessarily. I understand the need for it, but we could easily get into trouble if we are paying bills on credit without a supporting income.
Secretary Report - Jim Manico
- TODO
Updates from Members at Large
- Michael Coates (Chapters)
- Focus areas for investment into chapters this year include:
- Chapter Leader Call by region (work with staff)
- Chapter speaker rating system
- Centralized chapter speaker recommendation system
- Focus areas for investment into chapters this year include:
Reports
- Executive Director Status Report for 17 Feb 2016 Exec.Director Status Report - 17Feb2016
- Detail 2015 Financial Report through Dec. 2015 in Excel Format Note: These are PRELIMINARY numbers and will be final once the 2015 Books are officially 'closed' by Accounting firm approx. Mar 1, 2016
- Membership & Business Liaison Report - Kelly Santalucia January Membership Report
- Event Manager Report - Laura Grau February Report
- Operations Report - Kate Hartmann report
- Project Coordinator Report - Claudia Casanovas Report
- Community Manager Report -Noreen Whysel Report
- IT Update from Matt T.
- MediaWiki has been updated 3 times since AppSec USA 2015 (Sept. 2015)
- Upgrade to Mailman 3.0 & server delayed due to Website demands from CalifAppSec Team 'emergency', AppSec USA & AppSec EU website builds.
- Some dead and inactive email lists cleaned out. Generally low priority re: other demands.
- 10 hours /month is completely too little for demands from Community, especially for breakage & repair after Matt sets items up for community use. (Matt has details & examples)
- Net, net Paul now working with staff and Matt T to define how to add resource with 'Matt level access' to cover more common community support needs, vs. Infrastructure/domain/server admin to remain with Matt T.
Community Initiative Reports
- TODO
Announcements
- TODO
Adjournment
- Willing to shift to March 15?
- Next meeting date/time: March 16, 2016, 16:00-17:00 PST - TimeZone Converter