|'||2008 committee challenges||2014 committee proposal|
The platform used to “manage” committee activity was limited to the wiki. This required committee chairs to maintain their wiki page and required potential members to complete cumbersome wiki pages to apply for the committee. Both of these activities, over time, became overlooked. Information was not updated and often potential members were ignored.
OWASP has consolidated its operational platform to work on the Salesforce platform. The overhauled operational platform provide the staff with the tools to better facilitate committees (not run them) with the ability to track members, member activities, topics, and needs in an open to all format. Additionally, this platform provides a place for committee and subcommittee engagement to occur.
Committees became an all or nothing group. This created meetings with months of planning and no real activity. Also, committee members were asked to participate in all of the committee activities and not just the tasks (or sub activity) that interested them or that they had time for.
The 2014 committee platform proposes a tiered structure that would allow the committee to exist at a high level, and have “sub committees” or “task forces” to be created under the umbrella of the global committee.
Initially, the committee members were recruited for a one year term. The committee members were to elect a committee chair who would serve as the point of contact for the committee. Evolution of the committee led to the perception of “lifetime” terms and members who “signed up” but never participated and felt like they could never leave.
The tiered committee structure allows a smaller group to lead or steer initiatives and sub committees. The leadership group will commit to a one year term, and the initiatives within the group will be task oriented and therefore have a deadline and a defined end point for the participants. An open call for participants for each new task or initiative allows for individuals who are no longer interested in participation to step away.
The selected committee chairs became unwilling recruits who stepped in out of necessity or default. As such, much of the “objectives” of the committees fell to the staff to complete.
A key core committed group driving initiatives with variable lengths will allow the global community to participate in the activities that interest them for the length of time that it may require.
For some of the committees and committee chairs, the lack of a defined objective was a huge roadblock. The committees were created and provided a very broad segment. This lack of mission created disjointed efforts.
The committees should be assigned, not to a broad area of operations, but to the strategic goals as set by the Board. By collaborating as a global community with the opportunity to define a roadmap for a goal will allow for the committee members to be successful and to see progress.
The 2008 committees worked, for the most part, independently of each other. This often created duplicate or even conflicting efforts leading to frustration.
The core leadership group will work as one unit. Each leader will chose a particular goal, and the leaders will monitor each other and interact on a regular basis to develop the initiatives and task force groups.
The 2008 committees were assigned a board member to provide leadership and oversight. This created some reluctance from committee members to be daring and definitive.
The committees should not be managed by the board of directors. The board needs to show trust and encouragement for the community to experiment and to be successful. Board members can not participate as core committee members, but can provide input and participate in any of the task force initiatives as a community member.
The final decline of the committees occurred when a committee would bring a proposal to the board and have the board veto the committee chairs and members. This sent the message to the chairs that the efforts they were putting into the committees was done in vain.
Proposals brought forward from the committees should be voted upon by the community (or community leadership). The community decision should be considered valid. Implementing a process for a trial period of 6 months to a year would be sufficient to determine if it was beneficial for the organization. This also reinstates the sense of ownership the community has in the organization.
Tuesday, May 27, 2014
OWASP Leaders and Community Members -
TLDR - Please review, comment and vote on the new committee structure by June 9, 2014. Wiki page outlining new structure for the committees, and google moderator link for input and voting.
OWASP is an organization that has been built on collaboration and community involvement. I also hope that OWASP is an organization that can support and innovation - encouraging the community to try new things and be willing to look frequently and assess what is working and what isn't.
We have grown to the point where an improved process needs to be implemented where our leaders can lead and those who wish to participate can do so easily and productively.
In 2008, the Foundation created committees. These committees were successful in that they pushed forward some much needed guidelines and put some structure around areas that were undefined.
Unfortunately, over time, there were built in flaws with the committee design that created roadblocks and eventually their failure.
We would like to propose a revamped committee structure based on a solid foundation that provides the voice and opportunities to the community. This structure will depend on a high level of community engagement.
The primary vision is high level committees that focus not on operational issues, but on the strategic goals as determined by the board of directors.
Below is a side by side comparison of the flaws with the 2008 committees and a proposal for redesign and implementation of a fresh 2014 model.
Community Comment and voting period - May 27 - June 9, 2014
Hold an open nomination period until June 30 to establish the core committee leadership team. The leadership team will review the 2014 strategic goals and establish an initial set of initiatives to work towards the goals, “cross pollinating” ideas and successes.
The community will have the opportunity to “sign up” for an initiative or sub committee and begin work.
Leverage the improved operational platform of the foundation which allows for open discussions, participation, and visibility while allowing the staff to provide metrics on participation and progress.
The process will be reviewed and modified as needed in 6 months.
Wiki page outlining structure for the committees 2.0 https://owasp.org/index.php/
Most importantly - We want your input! not just leaders, or individuals with an owasp.org email, anyone in the community is encouraged to participate in this poll of both the general idea of the committees 2.0 and particular features of the new model. Participate here - anyone can view, you must be logged into a google account (not just owasp.org) to vote or submit a suggestion.
Thanks and looking forward to here input, improvements, missing information.
Posted by Unknown at 6:33 PM