July 2024 Agenda/Minutes

Meeting Details

• Date: 23 July 2024
• Time: 12PM US Eastern, UTC 1600 convert
• Location: Remote
• Call-in: Recording

Agenda

CALL TO ORDER

Board Members

• Sam Stepanyan: YES
• Steve Springett: YES
• Kevin Johnson: NO (Sent apologies)
• Avi Douglen: YES
• Matt Tesauro: NO (Sent apologies)
• Bil Corry: YES
• Ricardo Griffith: YES

Guests

• Andrew van der Stock
• Dawn Aitken
• Starr Brown
• Kelly Santalucia
• Lauren Thomas
• Chris Barbeau
• Leea Hudson-Wilson

CONFLICT OF INTEREST AND ANTI-TRUST STATEMENT

As the Board consists of individuals from many competing organizations, OWASP and its Board shall abide by all applicable anti-trust and competition laws. To avoid any perceived or actual conflict of interest, or anti-trust concerns under US federal, state, or regulations, only the published agenda shall be discussed or voted upon, or amended as below. If there are any conflicts of interest, Board members are expected to disclose the conflict of interest and must recuse themselves from discussion and voting.

• OWASP Conflict of Interest Policy
• Director’s Commitment Agreement

CHANGES TO THE AGENDA

Changes to the agenda - unless otherwise prohibited by anti-trust or competition laws - including adding, altering, or tabling of motions is permitted by following Roberts Rules of Order (RONR 12th Ed) 41:63, which requires an affirmative two-thirds vote.

Vote to move items onto the agenda

Vote

• Sam Stepanyan: YES
• Steve Springett: YES
• Avi Douglen: YES
• Bil Corry: YES
• Ricardo Griffith: YES

Votes PASSES 5-0.

APPROVAL OF MINUTES

• Previous Meeting Minutes - June 2024

“Andrew van der Stock provided an update to the minutes approximately 30 minutes ago to remove a duplicate entry. Avi Douglen moved to read the minutes into the record, with the expectation that Andrew will correct the duplicate item.”

Vote

• Sam Stepanyan: YES
• Steve Springett: YES
• Avi Douglen: YES
• Bil Corry: YES
• Ricardo Griffith: YES

Vote PASSES 5-0.

PRE-READING MATERIAL

• OWASP Foundation Board Summary
• Finance Management Report
• Finance Cash Flow Statement
• Finance Uncategorized Expenses

OLD BUSINESS

Discuss OWASP Foundation’s Corporate Supporter Benefits

Background The Board wishes to discuss corporate supporter packages, and the benefits approval process.

Motion: “Resolved, the Board directs the OWASP Foundation to provide any Corporate Supporters the ability to provide individual membership benefits subject to OWASP approval.”

Sponsor: Sam Stepanyan
Second: Avi Douglen

Motion Tabled: This agenda item has been tabled until the September 2024 in-person board meeting.

NEW BUSINESS

Please note the three additional topics below that need to be voted to change the agenda prior to discussion and voting, or moved to an e-vote after the Board meeting. A super majority is required for each.

Update on CREST OVS

Background Anne Purtell from CREST USA will provide an update on the sales of the CREST OVS, and the donation to OWASP as a result.

Motion Tabled: This agenda item has been tabled until the next board meeting.

Motion to move the September Board Meeting to September 25th, 2024.

Background The public Board meeting is scheduled in the same way as in Lisbon, Portugal, and the Board wishes to move the Global AppSec San Francisco meeting to the 25th of September as a result.

Motion: “Resolved, that the September 2024 Board meeting is moved to 5.30 pm US PDT September 25th, 2024.”

Sponsor: Ricardo Griffith Second: Sam Stepanyan

Vote

• Sam Stepanyan: YES
• Steve Springett: YES
• Avi Douglen: YES
• Bil Corry: YES
• Ricardo Griffith: YES

Vote PASSES 5-0.

Motion to pre-release Global AppSec Video Recordings to OWASP Members

Background Video recordings are currently released as soon as they are available. The Board wishes to provide attendees and OWASP members with early access to the video content.

Motion: “RESOLVED: The events policy and member benefits page to be updated to include that video recordings from OWASP Global AppSec conferences to be initially released and shared with OWASP members, providing them with early access to the video content for a period of two months prior to public release. This benefit will be available to all OWASP members in good standing”.

Sponsor: Sam Stepanyan Second: Ricardo Griffith

Vote

• Sam Stepanyan: YES
• Steve Springett: YES
• Avi Douglen: YES
• Bil Corry: YES
• Ricardo Griffith: YES

Vote PASSES 5-0.

Discussion on committees

Background The Board wishes to discuss the current status of all existing and forming committees.

“Avi Douglen requested an update on new committees. Andrew van der Stock provided an update on the Marketing and Outreach Committees.”

Approval to invest excess funds in Certificate of Deposits and to open a money market account

(This agenda item is new and needs to be approved by a super majority of the Board prior to discussion and voting, or moved to an e-vote after the Board meeting.)

Background The OWASP Foundation should earn interest on excess funds to further our mission and to help offsite banking fees. The Executive Director wishes to invest excess funds prudently in a total of three 90 day CDs totaling $500k renewing one per month, and move the rest of our savings to a money market account to increase earned interest every year. Access to six months of operational reserve is all that is required, and the rest should be invested prudently.

Currently, the OWASP Foundation has $1.7m in its savings account, and $100k in a $100k 60 day CD. After fees, we earn approximately $0 in interest every year on the $1.7m. We earn about $5k per year in interest on the $100k CD. At current market rates for CDs and money market accounts, the OWASP Foundation could earn an additional $45-50k per year on its $1.8m in excess funds, whilst still maintaining 24 hour access to $1.3m of it, and no more than 90 days to access the rest.

Motion: ““Resolved, the Executive Director is authorized to invest a total of $500k in three rolling 90-day Certificates of Deposit (CDs) with our current banking institution. The Executive Director is authorized, by the end of August 2024, to research a suitable financial institution that provides money market accounts, obtain final approval from the OWASP Treasurer, and open a money market account with the OWASP Treasurer as co-signer. He is authorized to transfer the OWASP Foundation’s savings to the money market once opened. The OWASP Foundation Treasurer and OWASP’s accountants will be granted read-only access to the money market account for visibility and accountability. The Board will be informed as funds are transferred, and continuous financial reporting will come from OWASP’s accountants every month.”

Sponsor: Bil Corry Second: Avi Douglen

Vote

• Sam Stepanyan: YES
• Steve Springett: YES
• Avi Douglen: YES
• Bil Corry: YES
• Ricardo Griffith: YES

Vote PASSES 5-0.

Approval to open a line of credit with our current financial institution

(This agenda item is new and needs to be approved by a super majority of the Board prior to discussion and voting, or moved to an e-vote after the Board meeting.)

Background The Treasurer wishes to discuss opening a line of credit with our bank.

Motion: “Resolved, the Executive Director is authorized to research and obtain final approval from the OWASP Treasurer to open a line of credit with our current financial institution, with a maximum limit of $500k. The Executive Director will provide the Board with the terms and conditions of the line of credit once it is established.”

Sponsor: Bil Corry Second: Avi Douglen

Vote

• Sam Stepanyan: YES
• Steve Springett: YES
• Avi Douglen: YES
• Bil Corry: YES
• Ricardo Griffith: YES

Vote PASSES 5-0.

Approval to move credit cards to our current financial institution

(This agenda item is new and needs to be approved by a super majority of the Board prior to discussion and voting, or moved to an e-vote after the Board meeting.)

Background The Executive Director wishes to consolidate staff credit cards to a single financial institution to simplify accounting procedures for our rolling credit, and improve visibility into our monthly credit card spend. Our current credit card provider’s website is less than transparent, somewhat difficult to work with as staff, and we can only provide statements to our accountants once per month. Our current financial institution provides better management of the cards, real-time visibility into spend, and the ability to provide statements to our accountants at any time using their existing access.

Motion “Resolved, the Executive Director is authorized to move all staff credit cards to our current financial institution, and to close all other credit card accounts by the end of 2024. The Executive Director will provide the Board with a list of all credit card holders and the current credit limits once the transition is complete.”

Sponsor: Bil Corry Second: Ricardo Griffith

Vote

• Sam Stepanyan: YES
• Steve Springett: YES
• Avi Douglen: YES
• Bil Corry: YES
• Ricardo Griffith: YES

Vote PASSES 5-0.

Executive Session on Distinguished Lifetime Member Nominations

Executive Session on HR issues

COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS

ADJOURNMENT

Adjournment motion

The next general Board meeting is on 27th August, at 12 pm US Eastern Time.

• August 2024

“It is moved, and seconded to adjourn. Those in favor, say “aye””

Sponsor: Avi Douglen Second: Steve Springett