Board of Directors Commitment Agreement

This Commitment Agreement (the “Agreement”) is by and between The OWASP Foundation (“OWASP”) and the undersigned member of the OWASP Board of Directors (the “Board”), in connection with the service of the undersigned as a member of the Board (each Board member, a “Director”) for the Board term beginning January 1, 2025 and ending December 31, 2025.

The undersigned Director must execute and submit the Agreement to OWASP by January 1 after their election, and is subject to disciplinary action, exclusion from Board votes, and removal from the Board if the Agreement is not submitted by the first public Board meeting of each year.

By signing below, the undersigned Director agrees to the foregoing and as follows:

Responsibilities

As a Director, I acknowledge and agree that I have fiduciary, legal and ethical responsibilities and duties to OWASP Foundation, Inc., including but not limited to obligations to ensure that OWASP does the best work possible in pursuit of its mission and strategic goals. I will comply with all such responsibilities and duties, I believe in the purpose and mission of OWASP, and I will act responsibly and prudently as a steward of OWASP.

I have read, understand, and agree to comply with the following when serving as a Director:

• OWASP Foundation By-Laws
• All OWASP Policies
• OWASP Code of Conduct
• OWASP Board of Directors’ Code of Conduct

Additionally:

• I will promote OWASP’s work and values to the community, represent OWASP, and act as a spokesperson for OWASP.
• I will attend at least 75% of public Board meetings annually.
• I understand that I have fiduciary duties to act in an objective, responsible, honest, trustworthy, and efficient manner without placing OWASP under unnecessary risk. As part of these duties, I will place the interests of OWASP above those of myself or my employer.
• I will stay informed, ask questions, and request information about OWASP and its activities.
• I will participate in and take responsibility for making decisions on issues, policies and other matters before the Board.
• I will work in good faith with staff and other Directors towards achieving OWASP goals.

If I don’t fulfill the foregoing commitments, I understand that the Chair of the Board (“Chair”) may call me and discuss my responsibilities with me.

Required Reading

I have obtained and understand the following:

• Obtained and read the Board Member Orientation: The Concise & Complete Guide to nonprofit Board Success - Michael E Batts
• Obtained the latest edition of Nonprofit Kit for Dummies - Beverly A. Browning, Stan Hutton and Frances N. Phillips
• Obtained the latest edition of either Robert’s Rules of Order, Newly Revised or Robert’s Rules of Order, In Brief

I have received the following:

• Foundation Board Liability Insurance Policy
• List of incoming Board members and employees with contact information
• OWASP Board Meeting Schedule, Agendas, Minutes, and Voting History
• Board Member Induction Information
• Board Meeting Landing Page
• Board Mailing List and Internal Global Board Mailing List
• OWASP Governance Landing Page
• Previous financial reports and 990 (Tax filing)

Expectations

I also expect the following:

• Monthly OWASP financial reports and an update of OWASP activities that allows me to meet the “prudent person” standards of the law.
• Opportunities to discuss OWASP programs, goals, activities, and status with the OWASP Executive Director and Chair.
• Other Directors and staff will work with me in good faith as necessary to carry out my responsibilities as a Director and achieve OWASP goals.
• I can discuss concerns regarding the foregoing with the Chair and Executive Director.

Signature:

Name:

Director

Acknowledged and accepted:

Signature:

Name:

Chair, Board of Directors