This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Governance/ProjectProgramModels"
Line 45: | Line 45: | ||
*OWASP Sunset Projects: Projects like ESAPI or WebScarab would fit under this title. These are projects that are still being used by consumers, but that we cannot directly support as they are not actively maintained or being worked on. | *OWASP Sunset Projects: Projects like ESAPI or WebScarab would fit under this title. These are projects that are still being used by consumers, but that we cannot directly support as they are not actively maintained or being worked on. | ||
|- | |- | ||
− | | ''' | + | | '''Project Quality''' |
||<!--Option 1--> | ||<!--Option 1--> | ||
− | + | Consolidate foundation resources to help improve quality of Flagships only. This will give the majority of our resources to a handful of projects. | |
||<!--Option 2--> | ||<!--Option 2--> | ||
− | + | *Flagship Project Program: As mentioned above, these projects would be the ones OWASP actively maintains and seeks to increase the quality of. We can re-name this program. I recommend that we should have no more than 6 projects in this program for any given year. Further, I recommend that these projects be voted on by the community (which projects should be flagship). | |
+ | *'''Primary Goal of the Program''': To increase the quality of a select few number of OWASP projects selected by our community stakeholders and consumers. | ||
+ | *OWASP Projects Program: This would be similar to what we have now which is a platform for research and innovation. All projects under this platform would have the same designation unless they are sunset or inactive projects. They would get the same benefits they do now and the same opportunities. | ||
+ | *'''Primary Goal of the Program''': To maintain a research and innovation platform for our community to test ideas and theories. | ||
||<!--Option 3--> | ||<!--Option 3--> | ||
− | + | The foundation has no direct influence over the quality of the project. The quality of the project is dependent on the project leader’s individual time, resources, and output. | |
|- | |- | ||
− | | ''' | + | | '''Project Reviews''' |
||<!--Option 1--> | ||<!--Option 1--> | ||
− | + | Only professionally review the community selected Official projects once a year, and the Incubator projects only get reviewed if they ask for one. The reviews are conducted by the community for supported projects. | |
||<!--Option 2--> | ||<!--Option 2--> | ||
− | The | + | *For the OWASP Projects Program, we would only conduct reviews for those projects that ask for them. The reviews will be primarily to give feedback to the leader about their research/ideas and on their project health. |
+ | *For the Flagship Program, reviews would be mandatory, and I recommend the new technical person conduct them. I further recommend they be done every quarter for each project. It is far more manageable since we would only have 6 or so projects in this program. | ||
||<!--Option 3--> | ||<!--Option 3--> | ||
− | + | Project reviews are only done for those projects that want reviews, or that would like to graduate to the next level. | |
|- | |- | ||
− | | ''' | + | | '''Resources and Funding''' |
||<!--Option 1--> | ||<!--Option 1--> | ||
− | + | The majority of our resources and funding will go towards the development of higher quality Official OWASP projects. Supported projects will still have access to resources, but they will be minimal. | |
||<!--Option 2--> | ||<!--Option 2--> | ||
− | + | Each program would need to have their own budget. The Flagship program would only spend their funds on items that increase project quality. I suggest you get a very detailed project plan and budget for these. The Projects Program would have a budget that would fund items like project dev work, the project summit, OSS, marketing/design costs, etc. | |
||<!--Option 3--> | ||<!--Option 3--> | ||
− | All | + | All projects get access to funding; however, Flagships get priority for funding for project development work. Funding items like project dev work, the project summit, OSS, marketing/design costs, etc are still available to all projects. |
|- | |- | ||
| '''Positives of this approach''' | | '''Positives of this approach''' |
Revision as of 23:10, 30 April 2014
Purpose
OWASP needs help from our community to define an OWASP Projects Program model that will meet the needs of our overall community. To do so we are engaging the community to discuss and flush out different options. We would like to have a vote on this to ensure that the community has a say in how the foundation moves forward.
The Options
Please feel free to add additional bullets to any of the cells. Please do not remove existing items.
Option | 1 - Flagships get majority of resources to increase quality. | 2 - Develop two separate programs: Quality focused and Innovation focused | 3 - Community project review centric model |
Summary Description |
We would drop the lab designation, and only have Incubator and Flagship projects. Flagship projects would be voted on by the community, and our resources would go towards developing the Flagship projects, based on community input. Incubators would get less attention and support.
|
This approach separates focus areas into two separate programs. One will focus on increasing the quality of a handful of projects selected by the community, and the other program will focus on developing a platform for new leaders that facilitates innovation, research, and testing.
|
This is the approach we are currently using. This approach requires that the community conduct project reviews to graduate projects, and it requires a twice yearly project audit to demote projects that are currently inactive.
|
How are Flagships Selected? | Community Vote | Community Vote | Community Project Health and Quality Reviews |
New Project Designations |
|
|
|
Project Quality |
Consolidate foundation resources to help improve quality of Flagships only. This will give the majority of our resources to a handful of projects. |
|
The foundation has no direct influence over the quality of the project. The quality of the project is dependent on the project leader’s individual time, resources, and output. |
Project Reviews |
Only professionally review the community selected Official projects once a year, and the Incubator projects only get reviewed if they ask for one. The reviews are conducted by the community for supported projects. |
|
Project reviews are only done for those projects that want reviews, or that would like to graduate to the next level. |
Resources and Funding |
The majority of our resources and funding will go towards the development of higher quality Official OWASP projects. Supported projects will still have access to resources, but they will be minimal. |
Each program would need to have their own budget. The Flagship program would only spend their funds on items that increase project quality. I suggest you get a very detailed project plan and budget for these. The Projects Program would have a budget that would fund items like project dev work, the project summit, OSS, marketing/design costs, etc. |
All projects get access to funding; however, Flagships get priority for funding for project development work. Funding items like project dev work, the project summit, OSS, marketing/design costs, etc are still available to all projects. |
Positives of this approach |
|
|
|
Negatives of this approach |
|
|
|
Any other considerations |
|
|
|
Additional Comments
Use this space to provide additional comments on any of the existing text. For example, perhaps you disagree with something that is above. Please note your thoughts in this section.