September 2022 Agenda/Minutes

Meeting Details

  • Date: Wednesday 28 September 2022 (Note: moved to Wednesday)
  • Time: 12PM US Eastern, UTC 1700 convert
  • Location: Remote
  • Call-in: Zoom Meeting
  • Recording

Agenda

CALL TO ORDER

Board Members

  • Vandana Verma Sehgal
  • Grant Ongers
  • Avi Douglen
  • Glenn ten Cate
  • Joubin Jabbari
  • Bil Corry

Guests

  • Andrew van der Stock
  • Kelly Santalucia
  • Harold Blankenship
  • Dawn Aitken
  • Lisa Jones
  • Lauren Thomas
  • Tom Pappas
  • Shelby Graham
  • Zoe Braiterman
  • Bjorn Kimminich
  • Spyros G
  • Eva Thakran

CONFLICT OF INTEREST AND ANTI-TRUST STATEMENT

As the Board consists of individuals from many competing organizations, OWASP and its Board shall abide by all applicable anti-trust and competition laws. To avoid any perceived or actual conflict of interest, or anti-trust concerns under US federal, state, or regulations, only the published agenda shall be discussed or voted upon, or amended as below. If there are any conflicts of interest, Board members are expected to disclose the conflict of interest and must recuse themselves from discussion and voting.

CHANGES TO THE AGENDA

Changes to the agenda - unless otherwise prohibited by anti-trust or competition laws - including adding, altering, or tabling of motions is permitted by following Roberts Rules of Order (RONR 12th Ed) 41:63, which requires an affirmative two-thirds vote.

APPROVAL OF MINUTES

Vote:

  • Vandana Verma: Yes
  • Grant Ongers: Yes
  • Avi Douglen: Yes
  • Glenn ten Cate: Yes
  • Martin Knobloch: ABSENT
  • Joubin Jabbari: Yes
  • Bil Corry: Yes

Passes 6-0

PRE-READING MATERIAL

Staff reports

Pre-reading material

e-Votes and Special Meeting Motions to read into minutes

No motions this month.

NEW BUSINESS

Motion to perform audit of OWASP Projects for semi-commercial and commercial projects

Background - The OWASP Foundation has a number of projects that are semi-commercial or commercial in nature. These projects have been subject to various complaints and are not necessarily in the best interests of OWASP’s open source mission. The Board has been discussing the need to perform an audit of OWASP projects to ensure that they are following the OWASP Foundation’s policies and procedures.

Motion: “Resolved, that the OWASP Foundation Board of Directors authorizes the Executive Director to perform an audit for semi-commercial and commercial projects in concert with the Project Committee to ensure that they are following the OWASP Foundation’s policies and procedures. Any identified gaps in the project policy relating to semi-commercial and commercial projects will be brought to the Board for discussion and resolution.”

Sponsor: Avi Douglen Second: Glenn ten Cate

Vote:

  • Vandana Verma: Yes
  • Grant Ongers: ABSTAIN
  • Avi Douglen: Yes
  • Glenn ten Cate: Yes
  • Martin Knobloch: ABSENT
  • Joubin Jabbari: ABSTAIN
  • Bil Corry: Yes

Passes 4-0, 2 Abstain

Motion to merge the OWASP WIA, Diversity and Inclusion Committee and OWASP Outreach Committee to form OWASP Diversity & Inclusion Outreach Committee

Background - These two committees have discovered that many of their activities are co-joined and that their intended goals are very aligned. The charters of the two committees actually overlap in several places. They also share the same resources from a volunteer perspective, which leads to another potential violation of the OWASP Committee 2.0 policy by possibly needing to have leaders from the one committee serve on the other too.

Motion: “Resolved, that the OWASP Foundation Board of Directors authorizes the merger of the OWASP WIA, Diversity and Inclusion Committee and OWASP Outreach Committee to form the OWASP Diversity & Inclusion Outreach Committee, calling for the Charter of the new Committee to be rewritten to encompass the Scopes and Purposes from the two committees to be disolved and authorising the closure of those two committees.”

Sponsor: Vandana Verma Second: Grant Ongers

Vote:

  • Vandana Verma: Yes
  • Grant Ongers: Yes
  • Avi Douglen: No
  • Glenn ten Cate: No
  • Martin Knobloch: ABSENT
  • Joubin Jabbari: Yes
  • Bil Corry: Yes

Passes 4-2

Motion to grant the Executive Director a general power of attorney

Background - To successfully complete the incorporation of a Dutch foundation it would make sense to grant the Executive Director a general power of attorney as described in the linked recitals and resolution.

Motion: “In order to enable the effective handling of incorporation of the Dutch foundation and any other foundation’s affairs regarding to the incorporation process, the Board wishes to appoint its Executive Director Mr. Andrew Van der Stock listed below as the holder of a general power of attorney to represent and act on behalf of the Company in all matters relating to its incorporation of a Dutch foundation.”

Sponsor: Grant Ongers Second: Avi Douglen

Vote:

  • Vandana Verma: Yes
  • Grant Ongers: Yes
  • Avi Douglen: Yes
  • Glenn ten Cate: Yes
  • Martin Knobloch: ABSENT
  • Joubin Jabbari: Yes
  • Bil Corry: Yes

Passes 6-0

COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS

Meeting with Shelby Graham

Background Tom Pappas is retiring from Virtual Inc after 9 years, with his last day being 30th of September, 2022. Tom’s replacement is Shelby Graham. Shelby will be joining the meeting to introduce herself and answer any questions the Board might have.

Discussion on town halls and engagement

Background Vandana Verma will lead a discussion on town halls, relating to membership, chapters, and how to best engage with the community.

Discussion on policies post bylaws

Background Once the bylaws are approved, the Board will need to discuss and approve a number of policies. Avi Douglen will lead a discussion on the policies that need to be improved.

Discussion on improving transparency and oversight of grants

Background The Board has been discussing the need to improve transparency and oversight of grants. Glenn ten Cate will discuss some ideas to improve the policy and process, using the tools and systems that we have available.

ADJOURNMENT

Adjournment motion

The next general Board meeting is on October 25, at 12 pm US Eastern Time. This meeting returns to the standard cadence of the fourth Tuesday of every month.

“It is moved, and seconded to adjourn. Those in favor, say “aye””

  • Sponsor: Vandana
  • Second: Grant

Staff Reports

Executive Director

See Foundation Board Summary for September 2022

Finance

Attached please find the financial package for OWASP US which represents financial performance for the seven months of 2022 ended August 31st, 2022.

Regarding the Dissolution process for VZW, we have received and approved the proposal for the incorporation of a Foundation in the Netherlands and hope to have that begin in the next month or so. The financials ONLY consider the US activities through August 2022 YTD.

Statement of Activities – Accrual Basis

The following is a summary of the YTD Statement of Activities:

Revenue: On an accrual basis (EARNED Revenue), total revenue through August 2022, is $1,036,949 vs 2022 Budget of $903,000 or $133,949 ahead of Budget as of 8.31.22 (excluding the “grant” that has not arrived actual revenue is $233,949 ahead of Budget thru 8.31.22) The reasons for this include:

  • Actual, recognized Corp Membership at $370,338 was $203,671 AHEAD of the YTD 2022 Budget of $166,667
  • Actual recognized Individual Membership at $192,684 (an increase of $32,177 from YTD as of 7.31.22) is now only $7,316 UNDER the YTD 2022 Budget of $200,000 and cut the variance through 7.31.22 by half
  • Actual recognized Donations, YTD of $92,951 was $66,382, UNDER the YTD budgeted amount of $159,333 (however $100,000 of the shortfall is due to the budgeted/estimated Grant that has not occurred as of 8.31.22, so actual donations are $33,618 ahead of budget through 8.31.22, due to a “true up” of the MoD Security project donation, through 8.31.22. Also, GSOC was budgeted at $6K and came in at $10K
  • YTD Event income of $379,567 was $24,567 AHEAD of the YTD budget of $355,000
  • Merch and Trademark income is UNDER Budget by $20,592, combined, YTD

Expenses: On an accrual basis (INCURRED), total expenses through August 2022, were $881,207 as compared to an approved YTD budget of $1,056,725. The results are OWASP is $175,518 UNDER the approved YTD 2022 budget for expenses (though excluding the budgeted expenses associated with the “grant” of $90,000, which has not occurred yet, in the 2022 Budget actual expenses are only $85,518 below budget thru 8.31.22, though the $4,000 the board approved for the Grant Writer was allocated here so actual expense are 89,518 under budget through 8.31.22).

The reasons for this Variance to YTD include:

  • Projects were $127,651 under budget excluding the $90,000 (actual is $86,000 due to $4,000 for grant writer in 8.31.22) for the estimated “grant” expenses that have not occurred, actual underspending in Projects is only $41,651 due to underspending on Projects and marketing.
  • Events are Over Budget by $4,840 due to slightly more spending on events, offset by being over budget in Event income by more than $24K as of 8.31.22.
  • Chapters and Outreach were a combined $46,873 Under budget due primarily under spending in Chapter spending, Marketing and timing of YM platform fees
  • G&A was under budget by $3,009 due to over pending on Legal fees offset by underspending on EU expenses compared to Budget as of 8.31.22
  • All other depts were a combined under budget in spending by $2,825

Net Income/Loss: Net Profit (Loss) as of August 31st, 2022, is $155,742. The approved budgeted net profit (loss) was Negative -$153,725. The actual net profit is AHEAD of budget by $309,467 due to underspending in certain areas and exceeding the Revenue budget YTD 2022. Net income is up from 7.31.22 by $84,402

Months of Operational Reserve: With a cash balance of $ 1,941,732 it is $123,211 MORE than 7.31.22 and $853,536 more than the 8.31.21 balance or a 78.4% (10% more than 7.31.22) increase in our cash balance in a continually challenging Pandemic year is a fantastic achievement and a testament to the OWASP Staff and the OWASP Community’s support of the Foundation. If we segregate the AP and assumed Project bal we would have approximately $1,841,785 ($354,128 more than 7.31.22 due primarily to the “true up” of the Project balance from 12.31.21) or 15.2 months of reserve at the $121,000 of avg monthly Operating expenses (2 more months than 7.31.22) and 10.2 months of reserve at the $180K of avg of all monthly expenses (this includes all the event expenses and is an additional month compared to 7.31.22). Again, a very good metric as the Non-Profit industry avg months of Operational reserve is 6 months. As we approach the back half of 2022, we need to be mindful that the APAC and APSEC US events are a significant amount of our budgeted FY 22 Net income so we should focus on maximizing revenue while keeping expenses in line with the budget. We should also be mindful of our operating expenses and not exceed the budget for FY22 for the remaining months of 2022, unless they bring us a significant return on the investment. I will see you all on Wed Sept 28th for the Board call.