February 17, 2016

Notice of Recording

 * Notice to all attendees - board meetings are recorded and publicly available as of March, 2013
 * Joining the call acknowledges your awareness of recording and consent to be recorded and public dissemination of the recording.
 * Recording of 13 January 2016 OWASP Board Meeting
 * Recording of 17 February 2016 OWASP Board Meeting

Time

 * February 17, 2016, 15:00-16:30 PST - TimeZone Converter

Location
Teleconference Information:

https://www3.gotomeeting.com/join/861328838

International Toll Free Calling Information

Attendance Tracker
Board Meeting Attendance Tracker

Meeting Minutes

 * Feb.17 Minutes template
 * Jan.2016 Meeting Minutes for Approval

= Reading Material = It is a requirement as a board member to fully read all material prior to the start of the meeting

1. Proposal from Johanna on OWASP-Project-Review Updates & Incentives
 * Should Project Task Force be 'relaunched' as Project-Review-Committee with same Committee 2.0 procedures and authority?
 * Some questions in the proposal may be resolved at Committee level, without needing board motion & approval. (P.Ritchie interpretation)
 * Summary of Questions & response from Johanna dated Feb.10, 2016

2. >> READ Staff Status reports below, including Detail Financial Report for 2015 through December 2015 in Excel format. P&L, A/R,  A/P, Balance Sheet with cash balances for Foundation & Chapters & Projects

3.Help Secure OWASP assets initiative, contributions from volunteers
 * Which companies or individuals can contribute to help manage Wiki & mailing list with maintenance and patching?
 * Status of Bug Bounty management services for projects and other OWAPS assists as the WIKI - through Barter Deals with service providers

4. IT Transformation Discussion paper
 * IT Transformation Discussion paper

= Meeting Agenda =

Call to Order /OWASP Mission
Open Meeting - Start Recording, List attendees and Agenda update (only if last-minute changes are needed) (5 min)
 * Approve minutes from January 13, 2016.

Actionable Agenda Topics

 * Review, discuss, act on Johanna proposal. See reading material above.

Discussion Topics

 * OWASP Infrastructure Transformation. AJV. IT Transformation Discussion paper


 * Help Secure OWASP assets : https://www.owasp.org/index.php/Help_Secure_Owasp_assests

Misc. Topics (10-15 Minutes)

 * Temperature on Training + Leader Summit
 * Second 5K sponsor package as outlined here: https://docs.google.com/document/d/1NG8C27_RuNmwfTnrUE_-gB5IyHlmTYo1lv-CTXo25p8/edit

Old Business
All active board proposals are listed here


 * Matt K: Action / Update on search for OWASP Compliance officer


 * Paul R: Action - Need clarification.  Under financial proposal #3 & 4.  Do 'Projects' require 2 leaders, or just 1 leader and 1 other active participant?  Various emails recommend the latter.  Staff recommends 1 leader plus 1 active participant for definition of active project.
 * See Oct. 14, 2015 Votes here. https://www.owasp.org/index.php/OWASP_Board_Votes


 * Chapters are being managed with a 2 leader requirement.

New Business
All active board proposals are listed here
 * See Johanna new Project Review proposal above.

Action Item Follow-Up

 * 2016 Action Item Status from Past BoD Meetings
 * This is new excel sheet showing AI as either OPEN or Closed with status for monthly Board reporting

Chairmain's Report - Matt Konda
Detail here: https://trello.com/b/YWY4pf8I/global-board
 * Identified compliance team. (Fiona, Bil, Richard)
 * ED annual review underway. (Feedback solicited, reviewing materials)
 * Handoff from Tobias.
 * Financials call with Andrew and Virtual
 * Talked to 6 potential sponsors.
 * Participated in Project call.
 * Wrote sponsor letter for AppSecEU
 * Discussion with Kate about Training + Leader Summit and software sponsor tier.
 * Weekly one on one call.

Vice Chairmain's Report - Josh Sokol

 * TODO

Treasurer Report - Andrew van der Stock
I have had a kick off meeting with Paul, Alison, Matt, and Tom Pappas (our CFO) from Virtual to discuss a financial handover.

This meeting went well, and filled in a number of gaps for me. The main action items from my point of view are:


 * Establishing an OWASP archive for our financial and other corporate records that is accessible by Alison so we don't lose the lot if something happened to Alison's residence or computer. This applies primarily to our old records, which we need to keep for 7 years, but aren't necessarily used daily.
 * Ensuring that our FY15 year is closed out and our annual report is ready on time. This seems to be in hand, but I will keep on eye on things.
 * Paul is considering moving our accounts to a better financial institution as our current one requires us to use yet another payment service. This should improve our visibility of bills and make reconciliation easier. I support this move, as it should improve our transparency and reduce costs.
 * Once we have final reconciliation and the FY15 books are closed, I will ask my wife (a CPA) to look over the records to ensure things are okay.

Additionally, I asked about a line of credit that I heard was being established. Apparently there is something happening here. My main concern is that it shows up on the books so we can make sure we don't get into trouble by using it for operational expenditure unnecessarily. I understand the need for it, but we could easily get into trouble if we are paying bills on credit without a supporting income.

Secretary Report - Jim Manico

 * TODO

Updates from Members at Large

 * Michael Coates (Chapters)
 * Focus areas for investment into chapters this year include:
 * Chapter Leader Call by region (work with staff)
 * Chapter speaker rating system
 * Centralized chapter speaker recommendation system

Reports

 * Executive Director Status Report for 17 Feb 2016  Exec.Director Status Report - 17Feb2016
 * Detail 2015 Financial Report through Dec. 2015 in Excel Format Note:  These are PRELIMINARY numbers and will be final once the 2015 Books are officially 'closed' by Accounting firm approx. Mar 1, 2016
 * Membership & Business Liaison Report - Kelly Santalucia January Membership Report
 * Strategic Goal #2 Report and CodeMash 2016 update
 * Event Manager Report - Laura Grau February Report
 * Operations Report - Kate Hartmann report
 * Project Coordinator Report - Claudia Casanovas Report
 * Community Manager Report -Noreen Whysel Report
 * IT Update from Matt T.
 * MediaWiki has been updated 3 times since AppSec USA 2015 (Sept. 2015)
 * Upgrade to Mailman 3.0 & server delayed due to Website demands from CalifAppSec Team 'emergency', AppSec USA & AppSec EU website builds.
 * Some dead and inactive email lists cleaned out. Generally low priority re: other demands.
 * 10 hours /month is completely too little for demands from Community, especially for breakage & repair after Matt sets items up for community use. (Matt has details & examples)
 * Net, net Paul now working with staff and Matt T to define how to add resource with 'Matt level access' to cover more common community support needs, vs. Infrastructure/domain/server admin to remain with Matt T.

Community Initiative Reports

 * TODO

Announcements

 * TODO

Adjournment

 * Willing to shift to March 15?
 * Next meeting date/time: March 16, 2016, 16:00-17:00 PST - TimeZone Converter