February 2023 Strategy Meeting - Dublin - Agenda/Minutes

Meeting Details

  • Date: 14 February 2023
  • Time: 3am US Eastern, UTC 0800 convert
  • Location: Global AppSec Dublin 2023
  • Call-in: Recording

Agenda

CALL TO ORDER

Board Members in person:

  • Vandana Verma Sehgal
  • Grant Ongers
  • Avi Douglen
  • Matt Tesauro
  • Bil Corry

Board members remote:

  • Glenn ten Cate
  • Mark Curphey

Guests

  • Andrew van der Stock

CONFLICT OF INTEREST AND ANTI-TRUST STATEMENT

As the Board consists of individuals from many competing organizations, OWASP and its Board shall abide by all applicable anti-trust and competition laws. To avoid any perceived or actual conflict of interest, or anti-trust concerns under US federal, state, or regulations, only the published agenda shall be discussed or voted upon, or amended as below. If there are any conflicts of interest, Board members are expected to disclose the conflict of interest and must recuse themselves from discussion and voting.

CHANGES TO THE AGENDA

Changes to the agenda - unless otherwise prohibite

NEW BUSINESS

Motion to make all board meetings available to the public:

Background: In the spirit of transparency the OWASP board would like to make all meetings open to public disclosure and review. There currently are (generally speaking) three types of meetings of the board:

  1. Public meetings - which are the gazetted meetings during which the monthly business of the board is discussed and during which the members are encouraged to attend;
  2. Strategy meetings - which are arranged in accordance with the board rules and the Foundation by-laws to allow the board to meet and discuss various matters. These meetings are not open to the public however any decisions made during them, are included in the following public meeting under the header of e-Votes and Special Meeting Motions to read into minutes; and
  3. Executive sessions - which are closed sessions in line with Roberts Rules of Order (RONR 12th Ed) 9:24–27 and therefore closed to the public for legal reasons.

Meetings of type 3 (Executive sessions) are unavoidable and although meetings of type 2 have always had and business minuted and the voting upon which ratified during the normal public meetings there have not previously been recordings made nor minutes published of those meetings.

Motion: “Resolved that all official meetings of the Board must be open to public attendance, and recordings and minutes published accordingly. However, private Board meetings or portions of the meeting should be closed to Directors and their delegates as required by legal, liability, or regulatory requirements, or when discussing issues of a personal nature such as HR or personnel issues and Compliance complaints. The bylaws (currently sections 4.8 and 4.9 – ‘Regular Meetings’ and ‘Special Meetings’, respectively should be updated to reflect this change.”

Sponsor: Mark Curphey Second: Glenn Ten Cate

Votes: Passed 7-0

  • Vandana Verma Sehgal - YES
  • Grant Ongers - YES
  • Avi Douglen - YES
  • Matt Tesauro - YES
  • Bil Corry - YES
  • Glenn ten Cate - YES
  • Mark Curphey - YES

Motion to ensure that no active board member or his company can directly receive sponsorship (?) funds while serving as a board member.

Background: Although the board has a fiduciary duty to the Foundation and that duty, along with the conflict of interest and anti-trust statement made by the members of the board, should prevent self-enrichment of this kind. There it is a feeling by some members of the board that having this explicitly stated is in the Foundation’s best interest.

Motion: “Resolved that all potential grants or directed funding that might go to a member of the Board or to a company to which they have any financial interest must be brought to the Board for discussion and the rules around conflict of interest apply. Expenses and grants policies must be updated to reflect this.”

Sponsor: Mark Curphey Second: Glenn Ten Cate

Votes: Passed 6-1

  • Vandana Verma Sehgal - YES
  • Grant Ongers - YES
  • Avi Douglen - YES
  • Matt Tesauro - YES
  • Bil Corry - NO
  • Glenn ten Cate - YES
  • Mark Curphey - YES

Motion to change the OWASP travel policy

Background: Given the current state of the economy and the Foundation’s coffers the board would like to discuss a reversion of the recent change to the travel policy made in December and to no longer reimburse any other travel than economy class, unless there are medical reasons to do otherwise.

Motion: “Resolved that the OWASP travel policy is altered to only cover economy class flights, unless there is a valid medical reason to allow other travel options.”

Sponsor: Mark Curphey Second: Glenn Ten Cate

Votes: Passed 4-3

  • Vandana Verma Sehgal - NO
  • Grant Ongers - YES
  • Avi Douglen - NO
  • Matt Tesauro - YES
  • Bil Corry - NO
  • Glenn ten Cate - YES
  • Mark Curphey - YES

THE ROLE OF THE BOARD

Grant will lead a discussion on the how the board works today to provide some clarification of the role of the board and the power it does (or doesn’t wield).

THE OPEN LETTER

Mark and Glenn have co-signed an open letter to the board which high-lights five items that the signatories are asking for. Based on the discussion above we’ll walk through the approach neccessary to answer the open letter.

STRATEGIC DISCUSSIONS

  • OWASP’s global perception - Netguru UX
    • Waiting on a proposal for the full implementation from Netguru however: Teaser looks excellent and we are very happy to continue the work with them.
    • Funding may be required and once Andrew gets sight of this he will bring it to the Board.
    • Mark will work to find a way for this to be affordable to OWASP.
  • Alignment on Mission / Vision
    • If the Vision is: “No more insecure software”
    • And the Mission is: “To be the global open community that powers secure software through education, tools, and collaboration”
    • What are our Objectives, Strategies, and Tactics?

Planned activities parked:

  • Future Board Structure
  • Strategic plan for raising funding
  • Strategic plan for Projects
  • Strategic plan for Events
  • Role of Committees
  • Tooling for the future
  • Staffing for the future

ADJOURNMENT

Adjournment motion

The next general Board meeting is on 15 February 2023, at 7:30pm Central European Time (convert), together with the Leader’s Meeting to be held at that same time.

“It is moved, and seconded to adjourn. Those in favor, say “aye””

Sponsor: Chair Second: Vice-Chair


Staff Reports

Executive Director

TBA

Finance

TBA