This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Chapter Handbook/Chapter 2: Mandatory Chapter Rules

From OWASP
Revision as of 18:28, 28 December 2011 by Sarah Baso (talk | contribs)

Jump to: navigation, search

This section outlines the “musts” for chapter leaders, or stated differently, these are the bottom line rules required of chapter leaders. The rest of the handbook is composed of best practices and guidance, which are only suggestions for chapter leaders.

Organize free and open meetings

Local chapter meetings must be free for everyone to attend, regardless of whether the attendee is a paid member, and open to anyone.


Hold a minimum of 2 local chapter meetings or events each year

While this is the minimum number of chapter meetings which you need to hold, 4 meetings a year is recommended to maintain an active chapter. There are a variety of meeting “formats” or events that may be used to fulfill this requirement including virtual meetings or even small gatherings to discuss application security. Possibilities for meeting formats and events are discussed more below.


Give official meeting notice through the wiki, chapter mailing list, and OWASP Calendar

Chapter meetings must be posted to the OWASP wiki (on the chapter’s page) and a meeting announcement must be sent out to the OWASP mailing list (i.e. [email protected]) to notify the OWASP community of each upcoming meeting. Also, the meeting must be listed on the OWASP Global Events Calendar.

Abide by OWASP principles and the code of ethics

The OWASP Core Purpose, Values, Principles, and Code of Ethics are posted on the About OWASP wiki page.


Protect the privacy of the chapter’s local contacts

The privacy of chapter members and meeting attendees should be protected at all times. You should not disclose names, email addresses, or other identifying information about OWASP members or meeting attendees. Only aggregate statistics can be referenced. If a meeting sponsor is utilized that organization might consider doing a raffle in exchange for business cards.

Maintain vendor neutrality (act independently)

In order to preserve OWASP’s non-profit status and open, non-commercial principles it is important that no commercially-oriented “sales pitch” talks are given at OWASP events, be it chapter meetings or conferences. Such talks are not only against OWASP principles, they also blur the line between OWASP and commercial entities, thus diluting the OWASP brand name and agnostic status globally.


Anybody that observes chapter leaders that are not following these basic rules are urged to report this to: http://sl.owasp.org/contactus.

Spend any chapter funds in accordance with the OWASP goals, code of ethics, and principles

For more suggestions on handling chapter funds, see section 4.7 on "Managing Money".


Chapter Oversight

OWASP Chapters and Chapter Leaders are overseen by the Global Chapters Committee and, ultimately, the Global OWASP Board. If the Global Chapters Committee or Global OWASP Board determines that an OWASP Chapter Leader has not complied with these rules, their status as an OWASP Chapter Leader may be revoked. Additionally, OWASP administrative access (including the leader’s owasp.org email address) may be immediately revoked.