February 17, 2016
- 1 Dial In Info
- 2 Reading Material
- 3 Meeting Agenda
- 3.1 Call to Order /OWASP Mission
- 3.2 Actionable Agenda Topics
- 3.3 Discussion Topics
- 3.4 Misc. Topics (10-15 Minutes)
- 3.5 Old Business
- 3.6 New Business
- 3.7 Action Item Follow-Up
- 3.8 Reports
- 3.9 Reports
- 3.10 Announcements
- 3.11 Adjournment
- 3.12 Motion to close meeting
Dial In Info
Notice of Recording
- Notice to all attendees - board meetings are recorded and publicly available as of March, 2013
- Joining the call acknowledges your awareness of recording and consent to be recorded and public dissemination of the recording.
- Recording of 13 January 2016 OWASP Board Meeting
- February 17, 2016, 15:00-16:30 PST - TimeZone Converter
It is a requirement as a board member to fully read all material prior to the start of the meeting
- Should Project Task Force be 'relaunched' as Project-Review-Committee with same Committee 2.0 procedures and authority?
- Some questions in the proposal may be resolved at Committee level, without needing board motion & approval. (P.Ritchie interpretation)
- Summary of Questions & response from Johanna dated Feb.10, 2016
2. >> READ Staff Status reports below, including Detail Financial Report for 2015 through December 2015 in Excel format. P&L, A/R, A/P, Balance Sheet with cash balances for Foundation & Chapters & Projects
- Which companies or individuals can contribute to help manage Wiki & mailing list with maintenance and patching?
- Status of Bug Bounty management services for projects and other OWAPS assists as the WIKI - through Barter Deals with service providers
Call to Order /OWASP Mission
Open Meeting - Start Recording, List attendees and Agenda update (only if last-minute changes are needed) (5 min)
- Approve minutes from January 13, 2016.
Actionable Agenda Topics
- TO DO
- Review, discuss, act on Johanna proposal. See reading material above.
- OWASP Infrastructure Transformation. AJV.
- Help Secure OWASP assets
Misc. Topics (10-15 Minutes)
All active board proposals are listed here
- Matt K: Action / Update on search for OWASP Compliance officer
- Paul R: Action - Need clarification. Under financial proposal #3 & 4. Do 'Projects' require 2 leaders, or just 1 leader and 1 other active participant? Various emails recommend the latter. Staff recommends 1 leader plus 1 active participant for definition of active project.
- See Oct. 14, 2015 Votes here. https://www.owasp.org/index.php/OWASP_Board_Votes
- Chapters are being managed with a 2 leader requirement.
All active board proposals are listed here
- TO DO
- See Johanna new Project Review proposal above.
Action Item Follow-Up
- 2016 Action Item Status from Past BoD Meetings
- This is new excel sheet showing AI as either OPEN or Closed with status for monthly Board reporting
Chairmain's Report - Matt Konda
Vice Chairmain's Report - Josh Sokol
Treasurer Report - Andrew van der Stock
I have had a kick off meeting with Paul, Alison, Matt, and Tom Pappas (our CFO) from Virtual to discuss a financial handover.
This meeting went well, and filled in a number of gaps for me. The main action items from my point of view are:
- Establishing an OWASP archive for our financial and other corporate records that is accessible by Alison so we don't lose the lot if something happened to Alison's residence or computer. This applies primarily to our old records, which we need to keep for 7 years, but aren't necessarily used daily.
- Ensuring that our FY15 year is closed out and our annual report is ready on time. This seems to be in hand, but I will keep on eye on things.
- Paul is considering moving our accounts to a better financial institution as our current one requires us to use yet another payment service. This should improve our visibility of bills and make reconciliation easier. I support this move, as it should improve our transparency and reduce costs.
- Once we have final reconciliation and the FY15 books are closed, I will ask my wife (a CPA) to look over the records to ensure things are okay.
Additionally, I asked about a line of credit that I heard was being established. Apparently there is something happening here. My main concern is that it shows up on the books so we can make sure we don't get into trouble by using it for operational expenditure unnecessarily. I understand the need for it, but we could easily get into trouble if we are paying bills on credit without a supporting income.
Secretary Report - Jim Manico
Updates from Members at Large
- Executive Director Status Report for 17 Feb 2016 Exec.Director Status Report - 17Feb2016
- Detail 2015 Financial Report through Dec. 2015 in Excel Format Note: These are PRELIMINARY numbers and will be final once the 2015 Books are officially 'closed' by Accounting firm approx. Mar 1, 2016
- Membership & Business Liaison Report - Kelly Santalucia January Membership Report Strategic Goal #2 Report and CodeMash 2016 update
- Event Manager Report - Laura Grau February Report
- Operations Report - Kate Hartmann report
- Project Coordinator Report - Claudia Casanovas Report
- Community Manager Report -Noreen Whysel Report
- IT Update from Matt T.
- MediaWiki has been updated 3 times since AppSec USA 2015 (Sept. 2015)
- Upgrade to Mailman 3.0 & server delayed due to Website demands from CalifAppSec Team 'emergency', AppSec USA & AppSec EU website builds.
- Some dead and inactive email lists cleaned out. Generally low priority re: other demands.
- 10 hours /month is completely too little for demands from Community, especially for breakage & repair after Matt sets items up for community use. (Matt has details & examples)
- Net, net Paul now working with staff and Matt T to define how to add resource with 'Matt level access' to cover more common community support needs, vs. Infrastructure/domain/server admin to remain with Matt T.
Community Initiative Reports