Rules of Procedure

Expense Policy

Adopted by the Board on 20-Oct-2020

Overview

In the course of fulfilling the mission and business interests of the OWASP Foundation, members, staff, and partners will incur expenses that may be reimbursable. Generally, the policy of the Foundation is that all expenses should be “fair and reasonable” as measured by leadership, the community, and the standards for non-profit foundations. Expense categories are defined by the annual budget process and funds are approved and disbursed within those budgetary limits.

Fair and Reasonable Expenses

Generally, the policy of the Foundation is that all expenses should be “fair and reasonable” as measured by leadership, the community, and the standards for non-profit foundations. Historical approval of expenses does not obligate the Foundation to approval like expenses in the future. Those items which are considered fair and reasonable include:

  • Chapter Specific
    • Event Services, Catering, and Space for Chapter Meetings
  • Project Specific
    • Graphic Design
    • Technical Contractor (i.e. Developer or Technical Editor)
    • Software Licenses
  • Applicable to Chapters, Projects, and Committees
    • Celebratory Gatherings
    • Printing
    • Domain Names

For the items listed above, and expenses under $250, there are no pre-set limits beyond the “fair and reasonable” test. Expenses not listed and exceeding $250 require pre-approval by the Executive Director or their designatee. When in doubt, individuals requesting expense reimbursement should apply for pre-approval.

The OWASP Foundation does not promote the consumption of alcohol and expects its staff, members, and partners to use good judgment when entertaining. Alcohol expenses are reimbursable when part of a food bill provided the alcohol costs are no more than 50% of the total expenses for that event.

Travel

Good business judgment is always expected when determining the need to travel on behalf of the Foundation where reimbursement is expected. The OWASP Foundation will reimburse travel expenses incurred on behalf of the Foundation for:

  • Board members when traveling to Board Meetings and OWASP Global AppSec conferences
  • Keynote speakers for approved OWASP conference at their respective speaking opportunity
  • Guest speakers, when pre-approved by the Executive Director
  • Staff on general business for the Foundation

Travel which is explicitly not reimbursable includes leaders or members attending OWASP Conferences unless as a keynote speaker or in an official capacity as a Director of the Foundation.

Travel expenses include but are not limited to economy airfare, or premium economy if the flight is greater than seven hours, ground transportation, parking, food & beverage, lodging, and other daily business-related expenses. Travel bookings, whenever possible, should be made no later than 21 days prior to departure to reduce costs.

In cases where lodging is pre-arranged and directly billed by the Foundation as part of a room block, reimbursement requests for alternative lodging will be denied. Travel benefits are not transferable.

Any other Travel expenses require pre-approval by the Executive Director or their designatee.

Reimbursement Process

Expense reimbursement requests, along with receipts for each expense, shall be submitted through the OWASP Foundation ticketing system for processing and payment. Please note ALL reimbursement request information, except payment instructions, will be shared publicly in various accounting reports and by submitting an expense reimbursement, you agree to that disclosure.

  • Reimbursement requests must be submitted within 60 days of the expense.
  • Requests must include itemized receipts, payment instructions, and supporting documentation.
  • Wire transfer reimbursements are net banking fees.
  • Reimbursements will be made within 30 days provided the information submitted is approved, complete, and accurate.
  • Bundling complete trip expenses into one submission is preferred.
  • When submitting expenses for travel, please subtotal amounts for Transit (Air/train/taxi), Lodging, and Meals.

Approvals for reimbursements shall follow the Signatory Guidelines of the OWASP Foundation. Exception process for denied reimbursements shall be:

  • Email with narrative and expense information sent to the Treasurer
  • Proper compliance to policy and extenuating circumstances will be considered.
  • In consultation with the Executive Director, Treasurer will make final determination

When an expense is expected to be more than $5,000, an invoice is required from the vendor for direct remittance. It is a very serious matter if you record false or misleading information on expense reimbursements. You may not request reimbursement for expenses that you did not have or that were not business-related.

Travel Assistance Programs

From time to time, the OWASP Foundation will budget funds for Leaders and Members to travel while furthering the mission of the Foundation. All travel reimbursed through the Travel Assistance Program must be pre-approved. The Executive Director along with staff will define the requirements and limits, along with the process for participating in these programs.

Hardware

Capital asset purchases for chapters and projects are strongly discouraged and if over $250 requires pre-approval by the Executive Director. Capital assets under $2,000 purchased by the Foundation will be expensed, not amortized, and shall be removed from Foundation inventory after 12 months of use.

OWASP Project Contracting

All OWASP Projects are started with the understanding that they will be volunteer run, and they must remain volunteer run.

In the event that a Project’s Leaders decide they would like to hire a contractor to work on a particular aspect of the project, for instance user interface design, then the Project Leaders must manage the recruitment, contracting, and payment on a task/work assignment basis. Contractors must be paid upon satisfactory completion of the task/work assignment and execute a completed OWASP Foundation Consulting Agreement.

Failure to comply with any of the above policies may result in expenses, and in particular you reimbursement request, being denied. When in doubt, please request pre-approval.