July 3rd, 2018

Meeting Date: July 3rd 2018

Meeting Location: Virtual Meeting Time: July 3rd, 2018 - TBD Virtual: GoToMeeting Meeting ID: 861-328-838

International Toll Free Calling Information

Note: Joining the call acknowledges your awareness of recording and consent to be recorded and public dissemination of the recording

AGENDA

OWASP Executive Director

• Draft Strategic Plan
• AppSec Conference Selection Criteria
• Action on sponsorship guidelines.  No sponsorship can be used to solicit additional chapter donations.  As a non profit it is prohibited to solicit or trade out commercial exposure for donations to chapters.
• New Chapter Opening Guidelines:  Chapter's can only be opened by those who reside and will manage the chapters in the said country and region of the chapter.  Opening of a chapter must be predicated by interviews with the required leadership in said location of the chapter with a confirmation by the leaders that they live and work and will manage the chapter in the location.

CALL TO ORDER

CHANGES TO THE AGENDA

APPROVAL OF MINUTES prior meeting minutes

REPORTS

OLD BUSINESS

NEW BUSINESS

COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS

ADJOURNMENT

Old Business

New Business

• To vote on the high level events strategy as discussed during the June 19th Board meeting
• To hear the foundations feedback on a global (AppSec) event in Tel Aviv and vote on hosting an event there in 2018.
  • I could urge the board to listen back to the recordings on what has been communicated to the community.
  • The recodring can be found here: https://drive.google.com/file/d/1yXPSr8XcFnO63vXSTOCRTb16tn5YTFww/view

Disscussion

1. The structure of the board:
   1. Do we need more diverse views on the board? e.g. adding 1 or 2 indpependent board memebers who have difference experiences in charities/foundations (i.e. specialise in finance/HR/Governance etc..).
   2. The concern is we have a rotating list of board memebers who specialise in AppSec, but not necessarily the skills needed to set the strategy for a foundation. For most foundations (can companies their boards are people form diverse backgrounds for that very reason.
2. Adding Resilence in the managment of the foundation:
   1. An ED for OWASP must be a full time epmployee. If the chairperson would like to step in the role of (interim) ED they can do so, but only if they take a full time position within OWASP (which also means resigning from their current full eomployment roles).
   2. Should we have a clause that says at any time we need a named iterim ED incase anything goes wrong.
   3. Establish a process for the interm period (either we find a new ED, or tranistion the interm ED into the permanent role.
3. Setting Scheduled Cycles for the foundation strategy:
   1. We need a process to develop, review, and adjust the strategic direction for the foundation on a regularl basis, that is also in-sync with the BoD elections.
   2. We still (as of end of June) do not have a strategy for the foundation agreed for the foundation to execute, granted we have a few initiatives we need to address in peice meal but we have not set the over all picture.
   3. I have seen a proposal from Karen but this needs to be reviewed and agreed with the BoD ammendments. As a board we have yet to set one, and I would like us to go over this during the meetings.