Rules of Procedure

Project Spending

This policy has been deprecated and replaced with updates in the Rules of Procedure.

Below you will find a series of guidelines aimed at assisting OWASP Project Leaders with OWASP Project spending related questions. In order to avoid any problems or misunderstandings in the future, we have developed these guidelines to provide clear expectations of how OWASP Projects should spend project funds, and what are appropriate project expenses.


  1. OWASP Project funds are to be spent on project related expenses ONLY. If your project has more than one Project Leader, then all Project Leaders must agree to the expense before the purchase.
  2. Before a purchase is made, the Project Leader must make sure that their project actually has the funds to cover the purchase. The easiest way to do this is to communicate your purchase needs to the OWASP Projects Manager, or you can look at the running funds list provided by the foundation.
  3. Project expenses exceeding $500 USD must be communicated to the OWASP Projects Manager before the purchase.
  4. All project expenses will be managed via a reimbursement process. Once a purchase is made, the purchaser must submit a reimbursement request using our reimbursement form. Note: A receipt is required for the reimbursement process to be successful.
  5. Appropriate Project Expenses encompass the following: Graphic Design; Technical Contractor; Web Design; Printing; Software Purchase; Hardware Purchase; Intern Stipends; Team Travel Expenses (for project related work ONLY); Venue Hire (project related work only); Food and Drink (if used to meet with other project leaders, contributors, OWASP staff, or an OWASP related function); Project Contractor. Please check with the OWASP Projects Manager before you move forward with a purchase if your expense falls outside of the items listed above.
  6. All OWASP Projects are started with the understanding that they will be volunteer run, and they must remain volunteer run.
  7. In the event that a project’s Leaders decide they would like to hire a contractor to work on a particular aspect of the project, then the Project Leaders must manage the recruitment and payment on a task/work assignment basis. Contractors must be paid upon satisfactory completion of the task/work assignment. Additionally, the OWASP Projects Manager must be be informed that project funds will be used to hire a contractor for project development.
  8. Hiring Project Leaders as Contractors: If a project’s Leaders decide to hire another Leader as a contractor for a project task/work assignment, then the OWASP Projects Manager must be informed before work begins. Leaders must demonstrate to the OWASP PM that they have searched for 3rd party contractors, before the decision was reached to hire the Project Leader(s) as contractors.The contracted Leader(s) will be paid upon satisfactory completion of the work.
  9. As of Jan 01, 2014, OWASP will add a disclaimer to the donation page which states that the foundation reserves the right to reallocate funds to the general Foundation income account. For all money received for projects prior to Jan 1st - OWASP will make best efforts to contact donors in respect to their donor intent before reallocating funds in the instance of inactive projects.