December 2020 Videoconference

MEETING DETAILS

AGENDA

CALL TO ORDER

Board Members

  • Grant Ongers
  • Martin Knobloch
  • Sherif Mansour,
  • Gary Robinson
  • Vandana Verma Sehgal
  • Owen Pendlebury
  • Richard Greenberg - absent

CHANGES TO THE AGENDA

APPROVAL OF MINUTES

REPORTS

Organizational KPIs

KPI	            December        Delta
Members         3,324           0.99%
Visitors        615,938         6.88%
OSD SLA met     100%            5.6%
NSFR SLA met    90%             -3.33%
YTD net income  - (too early for this month's meeting)
Cash assets     - (too early for this month's meeting)

KPI Summary

Financial

[ ajv 2021-01-27: Update to correct financial package ]

Tom Pappas will lead the Board through the draft budget, and take your questions as to allocations and ensuring that we meet an 80% program spend objective.

Action - Foundation to revisit the projected reveue from both live and virtual events given San Franscisco is 35% of our revenue and we need a realistic forecast for this. Also Foundation staff will reach out again to AppSec Australia team for revenue forecast there as well.

Executive Director Report

December is always a month of finalizing projects, big and small before the end of the year. The only motion this month is to ensure that we have no big event expenses or penalties thus freeing up funds for other mission activities in our draft 2021 budget.

Tom Pappas, Vandana and myself have been working away on a proposed, very lean, and program centric budget. This budget will be shown and discussed during Tom’s officer report. I decided to break the budget into program segments to better show where profits and expenses are coming in, with a goal to help the donor community easily understand what percentage of our annual budget is directed to program, and also for the Foundation to work on ensuring all program areas have the opportunity to earn income to match their expenses. We look forward to adding merchandise and trademark licensing to our income sources, as well as involving the community in graphic swag designs for the merchandise.

In preparation to move to a post-balance finance reform, I have made two operational adjustments: all negative project and chapter balances have been reset to $0, as this has the same effect as a $0 balance, and I have instructed our accountants to move all funds from long term inactive projects and chapters that would have otherwise been decommissioned back to the general pool. All these projects and chapters will continue to exist in case they become active again. I will ensure that if any of these projects or chapters become active and then have an policy compliant expense or a pre-approved expense - pretty much the way it is working now and how it will work post finance reform, I will have such expenses approved. There are no financial consequences to affected chapters and projects. We have a record of their balances in case finance reform does not pass in the form I am expecting.

Our staff have been busy working on a policy to procedure initiative, as many policies changed through the policy review process, and it’s not clear if we are adhering to those policy objectives. We will be documenting our processes for the community based upon the new policy settings, and ensuring consistency of actions, such as all leaders getting an email address automatically. Once our procedures are documented, it is my intention to manage to policy. I would like the Board’s support in managing to policy by preferably either working with us on exceptions, or revising the policy if the exception is the rule. We cannot keep on having “choose your own policy or procedure” - it’s confusing and demoralizing to our community and staff alike, as expectations are not being met. We will communicate many of these changes to the community as the procedures are QA’d and approved by myself.

In staffing news, our Events Director, Emily Berman, has decided to leave OWASP and take up a very senior position at a developer-centric events company. We wish Emily all the best, and I think we will all miss her terribly. I thank her for a fantastic virtual events response to COVID throughout 2020. We learnt a lot together, and this will help us throughout 2021 with Alonna and Kelly taking up the reins.

I look forward to meeting with the new Board at a special meeting in mid-January. If you are a continuing or new Board member, please read the non-profit strategic impact book to prepare for this meeting. If you don’t yet have a copy, please work with Dawn Aitken to obtain one or simply expense the book (physical or e-book) via the standard mechanism.

Our offices will be closed from the 24th of December, re-opening January 4, 2021. I wish the Board, our members, our leaders, and our Community all the best during the holiday season, and hope we have a much better 2021.

Action - Andrew will send the Board (after the New Year) an email for a dicussion on updating bylaws, example: the removal of a Board of Director

NEW BUSINESS

e-Vote in Executive Session

An e-Vote held in Executive Session was undertaken and passed. The details of this successsful motion has been stored in a Board-only Google Drive folder.

Move Dublin to June 2022 and San Francisco to late August/early September 2022

After lengthy negotiations, we have been able to get to a $0 change fee to move Dublin back to June 2022, and San Francisco to late August / early September 2022. This would help ensure that we don’t have large cancellation expenses, whilst ensuring that we can advertise and obtain sponsors with some certainty for 2022.

Motion: “Resolved, the Foundation is directed to accept the offers to move Dublin to June 2022, and San Francisco to Q3 2022, under the provision that there is no change fee or any associated costs due in 2021.” Owen Pendlebury motions and Sherif Mansour seconds.

Vote

  • Grant Ongers - Yes
  • Martin Knobloch - Yes
  • Sherif Mansour - Yes
  • Gary Robinson - Yes
  • Vandana Verma - Yes
  • Owen Pendlebury - Yes

Passed: 6-0

Charters to Approve

If there are completed Committee charters and associated Committee members present, let’s discuss and either vote, push to an e-vote to permit time to review the charter. Most charters are the same or very similar to the scope that was presented under the previous Committees policy.

This is short notice, and I apologize for such a late agenda item.

Education Committee Charter

Education Committee Charter Vote

  • Sponsor: Grant Ongers
  • Second: Owen Pendlebury

Vote:

  • Grant Ongers - Yes
  • Martin Knobloch - Yes
  • Sherif Mansour - Yes
  • Gary Robinson - Yes
  • Vandana Verma - Yes
  • Owen Pendlebury - Yes

THERE IS NO OFFICIAL MOTION STATED OR WRITTEN FOR THE ABOVE VOTE - SENT TO ANDREW TO REVIEW FURTHER

COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS

  • Christmas Social Event - as there is only a small amount of business this month, it is proposed that the Board should decide to adjourn official business and hold a virtual end of year social event.
  • Many thanks to the outgoing Board Members, Gary Robinson and Richard Greenberg for your time on the Board.
  • A warm welcome to Bil and Joubin who will be joining us in the new year.

Action - Board Members to prepare for the executive strategy meeting.

ADJOURNMENT

  • Owen Pendlebury motions
  • Martin Knobloch seconds

Staff Reports

Events

Dublin:

In anticipation of the board voting to move the Dublin AppSec to 2022, we have requested a contract for 6-10 June 2022 in order to secure the dates. We are not committed to anything until we sign the contract. Other option is still to wait for force majeure to cancel without signing a new contract

From last month’s update from Emily:

  • Increase in rental fee from €150,000 to €200,000
  • New estimated expenses: €693,000
  • Estimated income: €842,000
  • Estimated Net: €150,000

San Francisco:

  • Hyatt Regency will let us push to 2022 with no penalty for 2021. They have 2 dates available: Aug 28, 2022 Sep 18, 2022

Sponsorship

TBA due to family illness

Projects & Technology

TBA

Action - Foundation to deliver an update on the automation/self service roadmap, which includes what are the risks/required resources (if any) to complete the roadmap (which was not completed in 2020 e.g: CRM and what is planned in 2021).

to send out notification on the go live for the new membership beneffit - Secure Flag training platform.

Operations

Onboarding of newly elected Board Members

  • Received Martin signed agreement (need confirmation he purchased new books).
  • Bil and Joubin and confirmed they purchased the books.
  • Awaiting Bil and Joubin’s signed agreement

Action - Andrew requested the current Board to do the Board Source training or read the books requested.

P&Ls

  • Global AppSec Tel Aviv and Amsterdam are completed and submitted to Virtual to be adjusted and finalized.
  • Tel Aviv will show a loss now.
  • Global AppSec DC will be completed and submitted to Virtual for adjustments and to be finalized next week.

Board Members

  • Waiting for confirmation from current Board Members who will be serving in 2021 that they purchased the new required Books

Accounting

  • American Express - Andrew worked with Mike and had him removed from the account. Capital One - Virtual is in the process of closing account. PayPal - originally 3 accounts. One account closed, one will be closed shortly (waiting to make sure there are no refunds from event before closing). So we should only have one PayPal account going forward.

Action - Andrew will review and release technical blog articles provided by the community (many thanks Vandana) and urge from the Board to reach out to other members to also encourage community to publish blog articles on OWASP website.

Action - Andrew/team to provide social media around these articles (Hootsuite to Linkedin/reddit/Twitter/Facebook/Slack etc.)

  • New Chapter Policy - with Chapter Committee, community, and then review committee before it goes to the board for a vote. Postponed till January
  • Continue to reach out to the chapters leaders who have not migrated pages or have had no activity.

  • (Manual)CRM DATA Initiative:

  • Update the CRM leader’s records with as much information from Salesforce before it goes away. - Secondary email address - most importantly.
  • Relating current leaders’ records to the chapter in CRM to align with Harold’s Leaders list on the website.
  • Adding Meetup URL and JIRA ticket # if available to chapter record.
  • Chapter status in CRM correlates with the owasp.org website.