Difference between revisions of "Documents Assessment Criteria"

From OWASP
Jump to: navigation, search
(initial input)
(Updated to reflect new revisions of the criteria v2)
Line 9: Line 9:
 
Pre-Assessment Checklist:
 
Pre-Assessment Checklist:
 
#Is your document licensed under a free and open license? (see Project Licensing section of the [http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects Guidelines for OWASP Projects])
 
#Is your document licensed under a free and open license? (see Project Licensing section of the [http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects Guidelines for OWASP Projects])
#Is the Project Identification template on the project wiki page complete and accurate?
+
#Is the document available as a PDF (Portable Document Format) and an editable (.Doc) format on the project site?
#Is the document compiled into an exported (PDF) and editable (.Doc) format available on-line?
+
 
#Are all articles that constitute the project properly tagged within project category and available from main project Wiki page?  
 
#Are all articles that constitute the project properly tagged within project category and available from main project Wiki page?  
#Is there an OWASP mail list for the project?
+
#Is there a roadmap for this project release which will take it from Alpha to Quality release?
#Is there a statement of the application security issue the document addresses on the OWASP project wiki page?  
+
  
  
Line 19: Line 17:
  
 
Pre-Assessment Checklist:
 
Pre-Assessment Checklist:
 +
#Are the Alpha pre-assessment items complete?
 
#Are all document contents (articles) present and listed on the OWASP project wiki page?  
 
#Are all document contents (articles) present and listed on the OWASP project wiki page?  
 
#Is there an “About This Document” section in the document listing:   
 
#Is there an “About This Document” section in the document listing:   
Line 27: Line 26:
 
##Current version and/or release date
 
##Current version and/or release date
 
##Project's web page address  
 
##Project's web page address  
#Is the document compiled into an exported (PDF) and editable (.Doc) format available on-line?
 
#Are all articles that constitute the project properly tagged within project category and available from main project Wiki page?
 
#Are the Alpha pre-assessment items complete?
 
  
  
 
Reviewer Action Items:
 
Reviewer Action Items:
 
#Does the document consider the [http://www.owasp.org/index.php/OWASP_Writing_Style OWASP Writing Style]?  
 
#Does the document consider the [http://www.owasp.org/index.php/OWASP_Writing_Style OWASP Writing Style]?  
#Do contents from wiki articles match compiled document?
+
#Do contents from wiki articles match download-able documents? (PDF and .doc versions)
 
#Does the document have an “About This Document” section which allows the end user to get an overview of the state of the document?  
 
#Does the document have an “About This Document” section which allows the end user to get an overview of the state of the document?  
 
+
# How completely does the release address the goal of the project?  Is is overall document complete in structure and organization?  Are any missing or incomplete sections critical enough to keep the document at an Alpha quality level?
  
 
====Quality Release Document Criteria====
 
====Quality Release Document Criteria====
  
 
Pre-Assessment Checklist:
 
Pre-Assessment Checklist:
 +
#Are the Alpha and Beta pre-assessment items complete?
 
#Have any limitations been documented?  
 
#Have any limitations been documented?  
#Is there a conference style presentation that describes the document in at least 3 slides?
 
#Is there a one sheet overview document about the project?
 
 
#Does the document considering [http://www.owasp.org/index.php/OWASP_Writing_Style OWASP Writing Style] and OWASP Template for Docs?  
 
#Does the document considering [http://www.owasp.org/index.php/OWASP_Writing_Style OWASP Writing Style] and OWASP Template for Docs?  
 
#Is there a one sheet overview document about the project?
 
#Is there a one sheet overview document about the project?
#Are the Alpha and Beta pre-assessment items complete?  
+
#Is the document in a format which can be converted to an OWASP book? (books are currently via Lulu.com)
  
  
 
Reviewer Action Items:
 
Reviewer Action Items:
 +
#Have all the Beta Reviewer Action Items been completed? These will need to be completed if they have not already occurred during a previous assessment.
 
#Does the document substantially address the application security issues it was created to solve?  
 
#Does the document substantially address the application security issues it was created to solve?  
 
#Does the document respecting OWASP Writing Style and OWASP Template for Docs?
 
#Does the document respecting OWASP Writing Style and OWASP Template for Docs?
 
#Have you noted any limitations of the document that are not already documented by the project lead.  
 
#Have you noted any limitations of the document that are not already documented by the project lead.  
#Have all the Beta Reviewer Action Items been completed? These will need to be completed if they have not already occurred during a previous assessment.
+
# Would you consider using this document in your day to day work assuming your professional work includes a reason to use this document? Would you recommend this document to others in the profession? Why or why not?
 +
# What, if anything, is missing which would make this a more useful document? Is what is missing critical enough to keep the release at a beta quality?

Revision as of 23:03, 26 April 2009


This is a DRAFT page still under review by the Global Projects Committee

This page is maintained by the Global Projects Committee to help assist Project Leaders with information about successfully running an OWASP Project. It will be updated from time to time, and changes will be discussed and announced on the OWASP-Leaders list.

Alpha Release Document Criteria

Pre-Assessment Checklist:

  1. Is your document licensed under a free and open license? (see Project Licensing section of the Guidelines for OWASP Projects)
  2. Is the document available as a PDF (Portable Document Format) and an editable (.Doc) format on the project site?
  3. Are all articles that constitute the project properly tagged within project category and available from main project Wiki page?
  4. Is there a roadmap for this project release which will take it from Alpha to Quality release?


Beta Release Document Criteria

Pre-Assessment Checklist:

  1. Are the Alpha pre-assessment items complete?
  2. Are all document contents (articles) present and listed on the OWASP project wiki page?
  3. Is there an “About This Document” section in the document listing:
    1. Document Name
    2. Author(s)
    3. Contributor(s)
    4. Contact email address
    5. Current version and/or release date
    6. Project's web page address


Reviewer Action Items:

  1. Does the document consider the OWASP Writing Style?
  2. Do contents from wiki articles match download-able documents? (PDF and .doc versions)
  3. Does the document have an “About This Document” section which allows the end user to get an overview of the state of the document?
  4. How completely does the release address the goal of the project? Is is overall document complete in structure and organization? Are any missing or incomplete sections critical enough to keep the document at an Alpha quality level?

Quality Release Document Criteria

Pre-Assessment Checklist:

  1. Are the Alpha and Beta pre-assessment items complete?
  2. Have any limitations been documented?
  3. Does the document considering OWASP Writing Style and OWASP Template for Docs?
  4. Is there a one sheet overview document about the project?
  5. Is the document in a format which can be converted to an OWASP book? (books are currently via Lulu.com)


Reviewer Action Items:

  1. Have all the Beta Reviewer Action Items been completed? These will need to be completed if they have not already occurred during a previous assessment.
  2. Does the document substantially address the application security issues it was created to solve?
  3. Does the document respecting OWASP Writing Style and OWASP Template for Docs?
  4. Have you noted any limitations of the document that are not already documented by the project lead.
  5. Would you consider using this document in your day to day work assuming your professional work includes a reason to use this document? Would you recommend this document to others in the profession? Why or why not?
  6. What, if anything, is missing which would make this a more useful document? Is what is missing critical enough to keep the release at a beta quality?