Difference between revisions of "Chapter Handbook/Chapter 2: Mandatory Chapter Rules"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
[[Category:Chapter Handbook]]
+
'''This section outlines the “musts” for chapter leaders, or stated differently, these are the bottom line rules required of chapter leaders. The rest of the handbook is composed of best practices and guidance, which are only suggestions for chapter leaders.'''
While the internal affairs of a chapter are in the hand of the chapter leadership, some rules apply to all chapter and must be followed. Those rules are summarized below.
+
  
==Legal==
+
==Organize free and open meetings==
Local Chapters operate independently from the [[OWASP Foundation]], and Local Chapter leaders are responsible for all aspects of their meetings. Local Chapters should use the official OWASP Portal ([[Main Page|www.owasp.org]]) and [http://lists.owasp.org/mailman/listinfo mailing lists] for communications, and should not use or display the OWASP logo on other websites. Commercial use of the OWASP name or logo is strictly prohibited.
+
Local chapter meetings must be free for everyone to attend, regardless of whether the attendee is a paid member, and open to anyone.
  
==Charter==
 
Each Local Chapter agrees to the [http://www.owasp.org/index.php/About_OWASP#CODE_OF_ETHICS Code of Ethics and Principles] and adhere to the general concept of OWASP: to produce free and open unbiased tools and documentation promoting software and application security.
 
  
==Privacy==
+
==Hold a minimum of 2 local chapter meetings or events each year==
The privacy of chapter members and meeting attendees should be protected. Local Chapters should not disclose names, email addresses, or other identifying information about members. Only aggregate statistics can be referenced. If a meeting co-sponsor is utilized that organization might consider doing a raffle in exchange for business cards.
+
While this is the minimum number of chapter meetings which you need to hold, 4 meetings a year is recommended to maintain an active chapter. There are a variety of meeting “formats” or events that may be used to fulfill this requirement including virtual meetings or even small gatherings to discuss application security. Possibilities for meeting formats and events are discussed more below.
  
==Minimum Activity==
 
Each chapter is required to maintain a minimum activity as set forth in the [[Chapter Handbook: Chapter's life cycle|life cycle chapter]].
 
  
==Resolving Dispute==
+
==Give official meeting notice through the wiki, chapter mailing list, and OWASP Calendar==
While chapters are free to chose their method of conduct as long as it is withing the guidelines listed above, any person (OWASP member or not) can bringan issue under dispute before the OWASP Global Chapter Committee (GCC). The GCC will investigate and advise the OWASP board on a course of action to resolve the matter.
+
Chapter meetings must be posted to the OWASP wiki (on the chapter’s page) and a meeting announcement must be sent out to the OWASP mailing list (i.e. owasp-CHAPTERNAME@lists.owasp.org) to notify the OWASP community of each upcoming meeting. Also, the meeting must be listed on the OWASP Global Events Calendar.
 +
 
 +
==Abide by OWASP principles and the code of ethics==
 +
The OWASP [[About_OWASP#Core_Purpose|Core Purpose]], [[About_OWASP#Core_Values|Values]], [[About_OWASP#Principles|Principles]], and [[About_OWASP#Code_of_Ethics|Code of Ethics]] are posted on the [[About OWASP]] wiki page.
 +
 
 +
 
 +
==Protect the privacy of the chapter’s local contacts==
 +
The privacy of chapter members and meeting attendees should be protected at all times. You should not disclose names, email addresses, or other identifying information about OWASP members or meeting attendees. Only aggregate statistics can be referenced. If a meeting sponsor is utilized that organization might consider doing a raffle in exchange for business cards.
 +
 
 +
==Maintain vendor neutrality (act independently)==
 +
In order to preserve OWASP’s non-profit status and open, non-commercial principles it is important that no commercially-oriented “sales pitch” talks are given at OWASP events, be it chapter meetings or conferences. Such talks are not only against OWASP principles, they also blur the line between OWASP and commercial entities, thus diluting the OWASP brand name and agnostic status globally.
 +
 
 +
 
 +
Anybody that observes chapter leaders that are not following these basic rules are urged to report this to: http://sl.owasp.org/contactus.
 +
 
 +
==Spend any chapter funds in accordance with the OWASP goals, code of ethics, and principles==
 +
 
 +
For more suggestions on handling chapter funds, see section 4.7 on "Managing Money".
 +
 
 +
 
 +
==Chapter Oversight==
 +
OWASP Chapters and Chapter Leaders are overseen by the Global Chapters Committee and, ultimately, the Global OWASP Board. If the Global Chapters Committee or Global OWASP Board determines that an OWASP Chapter Leader has not complied with these rules, their status as an OWASP Chapter Leader may be revoked. Additionally, OWASP administrative access (including the leader’s owasp.org email address) may be immediately revoked.
 +
 
 +
 
 +
[[Category:Chapter Handbook]]

Revision as of 13:28, 28 December 2011

This section outlines the “musts” for chapter leaders, or stated differently, these are the bottom line rules required of chapter leaders. The rest of the handbook is composed of best practices and guidance, which are only suggestions for chapter leaders.

Contents

Organize free and open meetings

Local chapter meetings must be free for everyone to attend, regardless of whether the attendee is a paid member, and open to anyone.


Hold a minimum of 2 local chapter meetings or events each year

While this is the minimum number of chapter meetings which you need to hold, 4 meetings a year is recommended to maintain an active chapter. There are a variety of meeting “formats” or events that may be used to fulfill this requirement including virtual meetings or even small gatherings to discuss application security. Possibilities for meeting formats and events are discussed more below.


Give official meeting notice through the wiki, chapter mailing list, and OWASP Calendar

Chapter meetings must be posted to the OWASP wiki (on the chapter’s page) and a meeting announcement must be sent out to the OWASP mailing list (i.e. owasp-CHAPTERNAME@lists.owasp.org) to notify the OWASP community of each upcoming meeting. Also, the meeting must be listed on the OWASP Global Events Calendar.

Abide by OWASP principles and the code of ethics

The OWASP Core Purpose, Values, Principles, and Code of Ethics are posted on the About OWASP wiki page.


Protect the privacy of the chapter’s local contacts

The privacy of chapter members and meeting attendees should be protected at all times. You should not disclose names, email addresses, or other identifying information about OWASP members or meeting attendees. Only aggregate statistics can be referenced. If a meeting sponsor is utilized that organization might consider doing a raffle in exchange for business cards.

Maintain vendor neutrality (act independently)

In order to preserve OWASP’s non-profit status and open, non-commercial principles it is important that no commercially-oriented “sales pitch” talks are given at OWASP events, be it chapter meetings or conferences. Such talks are not only against OWASP principles, they also blur the line between OWASP and commercial entities, thus diluting the OWASP brand name and agnostic status globally.


Anybody that observes chapter leaders that are not following these basic rules are urged to report this to: http://sl.owasp.org/contactus.

Spend any chapter funds in accordance with the OWASP goals, code of ethics, and principles

For more suggestions on handling chapter funds, see section 4.7 on "Managing Money".


Chapter Oversight

OWASP Chapters and Chapter Leaders are overseen by the Global Chapters Committee and, ultimately, the Global OWASP Board. If the Global Chapters Committee or Global OWASP Board determines that an OWASP Chapter Leader has not complied with these rules, their status as an OWASP Chapter Leader may be revoked. Additionally, OWASP administrative access (including the leader’s owasp.org email address) may be immediately revoked.