From bc5b2f3e82c247fa21c700864c4ae1b5a17fcf7e Mon Sep 17 00:00:00 2001 From: Andrew van der Stock Date: Wed, 15 Feb 2023 05:33:24 -0700 Subject: [PATCH 1/2] Create travel.md --- operational/travel.md | 65 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 operational/travel.md diff --git a/operational/travel.md b/operational/travel.md new file mode 100644 index 0000000..b9f9e42 --- /dev/null +++ b/operational/travel.md @@ -0,0 +1,65 @@ +--- + +title: Travel Policy +layout: col-document +document: Rules of Procedure +tags: Rules of Procedure +notice: 2023-02-15 + +--- + +{% include draft-notice.html %} + +## TRAVEL POLICY + +### Applicability + +All travel on behalf of OWASP, including travel for conferences, meetings, and other business-related activities, is subject to this policy and pre-approval prior to booking or undertaking travel. This policy applies to all OWASP team members, including employees, Board members, invited speakers, contractors, and volunteers. + +### Travel expenses + +OWASP will reimburse all actual and reasonable business-related expenses incurred by team members in performing their job duties according to the following guidelines: + +### Documentation Requirements + +You are required to provide a daily record of expenses, which shows the date, business location (city and state), and business purpose. Receipts must be attached for all reimbursable business expenses, including but not limited to individual meals, entertainment, lodging, auto rental, cab fare, and commercial travel. + +All receipts must be submitted within 30 days of the date of the expense. Failure to submit receipts within 30 days may result in the denial of reimbursement. Receipts must be submitted via Jira ticket for processing. + +### Lodging + +In certain cities and locales, OWASP may have negotiated discounted room rates with specific hotels. You should make every effort to utilize lodging in locations where these arrangements exist. When a guaranteed reservation must be changed, every reasonable effort should be made to cancel the reservation on a timely basis to avoid additional fees. + +The cost of overnight lodging (room rate and tax only) will be reimbursed to the traveler if the authorized travel is 45 miles or more from the traveler's home or primary worksite. Exceptions to this restriction may be approved in writing by the Executive Director or by the OWASP Treasurer. + +OWASP will reimburse lodging expenses at reasonable, single occupancy or standard business room rates. When the hotel or motel is the conference or convention site, reimbursement will be limited to the conference rate. + +Only single room rates are authorized for payment or reimbursement unless the second party is representing the Foundation in an authorized capacity. If the lodging receipt shows more than a single occupancy, the single room rate must be noted. If reimbursement for more than the single room rate is requested, the name of the second person must be included. + +### Transportation + +Every effort should be made to use the lowest-priced transportation available. Reimbursement will be made for the following modes of transportation: + +- Commercial airline, coach, or train travel will only be reimbursed for economy class unless approved by management for a medical exemption (proof is required) +- Negotiated discount rates for auto rental may be available. You should utilize these arrangements where possible. +- Personal auto used for business will be reimbursed at the current IRS mileage rate; however, the total amount for mileage must not exceed the economy class airfare for the same trip. The mileage reimbursement rate covers all vehicle expenses, including gas, insurance, and depreciation. + +Local commuting costs between a team member’s residence and work location are not allowable business expenses. If the distance between your residence and place of departure is further than the distance between your residence and work location, the excess mileage is an allowed expense. + +### Meals & Incidentals + +Per diem allowances are reimbursable for in-state overnight travel that is 70 km (45 miles) or more from the traveler's home or primary worksite. + +Per diem allowances are applicable for all out-of-state travel that is 70 km (45 miles) or more from the traveler's home or primary worksite. + +OWASP per diem rates are based on the U.S. General Services Administration Guidelines, which vary by city location. In addition to meals, these rates include incidental expenses such as laundry, dry cleaning, and service tips (e.g., housekeeping or porter tips). Incidental expenses, unless specifically cited in this policy, will not be reimbursed. + +Per diem reimbursements are based on departure and return times over the entire 24-hour day and are prorated accordingly. + +If a free meal is served on the plane, included in a conference registration fee, built into the standard, single hotel room rate, or replaced by a legitimate business meal, the per diem allowance for that meal may not be claimed. + +Receipts are not required for per diem allowances. Per diem allowances are reimbursed after the trip is completed. + +### Parking and Highway Tolls + +All parking expenses and highway tolls related to business travel will be reimbursed. From 8b63b5d1b1fe676ec1b451348ec434e8329f6fe7 Mon Sep 17 00:00:00 2001 From: Andrew van der Stock Date: Wed, 15 Feb 2023 05:46:21 -0700 Subject: [PATCH 2/2] Link to travel policy and remove unique provisions --- index.md | 5 ++--- legal/contractor-template.md | 2 +- legal/speaker-agreement.md | 2 +- operational/awards-and-scholarships.md | 4 ++-- operational/committees.md | 2 +- operational/covid-restrictions.md | 2 +- operational/events.md | 17 +++++++++-------- operational/expense-reimbursement.md | 4 ++-- 8 files changed, 19 insertions(+), 19 deletions(-) diff --git a/index.md b/index.md index 9488c83..1de39c4 100644 --- a/index.md +++ b/index.md @@ -40,16 +40,15 @@ Handbooks to help Chapter, Project, and Event Leaders in their volunteer work. ## Others + - [Employee Handbook](/www-policy/employee) ## TODO + - Contact Us (responsivness to tickets, SLA, submitting complete information, submitting accurate information) - Membership - terms, discounts, submitting accurate info, pricing, honorary process, peference for Foundation events (like PRoject Summits etc - Advertising -- Travel Assistance Program - member, workflow, limits, - Local Partnerships - Mailing Lists - Elections - Licenses - - diff --git a/legal/contractor-template.md b/legal/contractor-template.md index ca53aa2..fa69387 100644 --- a/legal/contractor-template.md +++ b/legal/contractor-template.md @@ -36,7 +36,7 @@ This CONSULTING AGREEMENT is made and entered into the “Effective Date” betw 3.2. Method of Performing Services; Supervision. Consultant will generally determine the method, details and means of performing the Services provided, however, that Consultant is required to comply with OWASP’s reasonable instructions and co-operate with OWASP in all matters relating to the Services. Consultant shall observe OWASP’s security, safety and any other work-related policies at all times. In addition, OWASP shall be entitled to exercise a broad, general right of supervision and control over the results of the Services performed by Consultant to ensure satisfactory performance thereof. This power of supervision shall include the right to inspect, stop work, make suggestions or recommendations as to the details of the work, and request modifications to the scope of the Services. 3.3. Scheduling and Reporting. Consultant will use its best efforts to accommodate OWASP’s work schedule requests. If Consultant is unable to perform the scheduled Services because of illness or other causes beyond Consultant's reasonable control, Consultant will attempt to perform such Services as soon as is reasonably practicable. For clarity, no fee shall be payable in accordance with Exhibit A in respect of any period during which Services are not provided. During the term of the provision of the Services, the Consultant shall, on a monthly basis, submit written reports to OWASP’s executive management in connection with matters relating to the provision of the Services. Such report shall detail the activities performed by Consultant in the prior month in relation to the Services including, without limitation, progress reports on each aspect of the Services detailed in Exhibit A and all such information reasonably requested by OWASP. -3.4. Place of Work. Consultant will use reasonable efforts to be available on reasonable notice to attend meetings and provide assistance or information as OWASP may require. Consultant will perform the Services off-site in a distraction-free place and also at OWASP’s premises if requested by OWASP. OWASP agrees to provide such working space and facilities as may be reasonably necessary for Consultant to perform the Services at OWASP’s premises. OWASP may also require Consultant to travel occasionally to perform the Services. +3.4. Place of Work. Consultant will use reasonable efforts to be available on reasonable notice to attend meetings and provide assistance or information as OWASP may require. Consultant will perform the Services off-site in a distraction-free place and also at OWASP’s premises if requested by OWASP. OWASP agrees to provide such working space and facilities as may be reasonably necessary for Consultant to perform the Services at OWASP’s premises. OWASP may also require Consultant to travel occasionally to perform the Services, per the [OWASP Travel policy](/www-policy/operational/travel.md). 3.5 Individuals Providing Services. Each and every individual performing the Services on behalf of Consultant hereunder shall be listed on Exhibit C attached hereto. Exhibit C may be amended from time to time by a written update of the Exhibit signed by the parties. diff --git a/legal/speaker-agreement.md b/legal/speaker-agreement.md index 19996ed..e94c276 100644 --- a/legal/speaker-agreement.md +++ b/legal/speaker-agreement.md @@ -25,7 +25,7 @@ As a Presenter, I will receive a single non-transferable admission pass to the E **FOR SPEAKERS** I will not receive any compensation for presenting at this Event. Additionally, I will not be reimbursed for any travel expenses such as airfare, housing, or any other daily expenses incurred while attending the Company’s Event for which I am a Presenter. -**FOR EVENT KEYNOTES** I will not receive any compensation for presenting at this Event. However, the Company will reimburse fair and reasonable travel expenses in connection with the event for which I am a Presenter. Travel reimbursement may include Economy Airfare, or Premium Economy for flights greater than seven hours, lodging, and daily expenses for up to three days incurred while attending the Company’s Event for which I am a Presenter. If housing arrangements are provided by the Company to the Presenter, separate lodging expenses will not be reimbursed. Travel expenses are subject to and processed per the latest approved travel policy. +**FOR EVENT KEYNOTES** I will not receive any compensation for presenting at this Event. However, the Company will reimburse fair and reasonable travel expenses in connection with the event for which I am a Presenter. Travel and expenses are subject to and processed per the latest approved [OWASP Travel policy](/www-policy/operational/travel.md). **FOR IN-PERSON TRAINERS** For Global AppSec events I am eligible to share 40% of net revenue up to $10,000 USD, and 50% of net revenues above $10,000 USD. I may ask to be included in the OWASP Foundation’s discounted hotel block booking subject to availability and at my own cost. I will be granted a complimentary pass to the Global AppSec. I must provide appropriate taxing authority documentation as needed for final payment such as a W-9 in the United States. I understand that I will not be reimbursed for any travel expenses such as airfare, accommodation, any other daily expenses incurred while attending the Company’s Event for which I am a Presenter. For other events, I am eligible according to terms in the Call for Trainers. diff --git a/operational/awards-and-scholarships.md b/operational/awards-and-scholarships.md index 1a5c8db..d027293 100644 --- a/operational/awards-and-scholarships.md +++ b/operational/awards-and-scholarships.md @@ -14,7 +14,7 @@ Adopted by the Board on 23-March-2021 ## Background -This policy encourages our community to establish awards or prizes for OWASP competitions and set up scholarships and travel assistance for OWASP events. Awards recognize high impact members, chapters, initiatives, or projects. One purpose of scholarships is to fulfill our mission to underserved and disadvantaged communities and individuals, improving equity and access for those who may need assistance. This policy creates financially responsible funding mechanisms, published eligibility and selection criteria, and a consistent and transparent process to award prizes or recipients. +This policy encourages our community to establish awards or prizes for OWASP competitions and set up scholarships and travel assistance for OWASP events, per the [OWASP Travel policy](/www-policy/operational/travel.md). Awards recognize high impact members, chapters, initiatives, or projects. One purpose of scholarships is to fulfill our mission to underserved and disadvantaged communities and individuals, improving equity and access for those who may need assistance. This policy creates financially responsible funding mechanisms, published eligibility and selection criteria, and a consistent and transparent process to award prizes or recipients. ## Overview of Awards, Scholarships, and Travel Assistance Process @@ -52,7 +52,7 @@ Trainers are encouraged, but not required, to waive their training fee for schol Scholarships assisting underserved or underrepresented communities may offer travel assistance to OWASP events, with a preference to serve local and regional events over costly international travel. Travel assistance can only be provided as part of a scholarship and should be on an as needs basis. -Travel assistance must comply with the [travel policy (TBA)](#) and the [expense policy](/www-policy/operational/expense-reimbursement). +Travel assistance must comply with the [OWASP Travel policy](/www-policy/operational/travel.md) and the [expense policy](/www-policy/operational/expense-reimbursement). ### Naming diff --git a/operational/committees.md b/operational/committees.md index 9006817..0e34bfe 100644 --- a/operational/committees.md +++ b/operational/committees.md @@ -234,7 +234,7 @@ For the purposes of accountability and transparency, Committees should expect th ### Travel -Committees may access the standard travel policy for essential unplanned travel. All travel will be via the standard travel processes, including the use of any Foundation mandated travel agencies or system to ensure adherence to OWASP travel policy. +Committees may access the [OWASP Travel policy](/www-policy/operational/travel.md) for essential travel. All travel will be via the standard travel processes. The Chair must submit the travel request, and one other officer must co-approve. Travel must be documented as committee related, and justifiable, such as no Committee member at the destination and essential to deliver an agreed outcome. diff --git a/operational/covid-restrictions.md b/operational/covid-restrictions.md index 4f98b50..c6c17c5 100644 --- a/operational/covid-restrictions.md +++ b/operational/covid-restrictions.md @@ -81,7 +81,7 @@ Pre-approval for periodic payments will not be approved for any monthly subscrip Do not make plans to travel. -Travel pre-approval is required, and will require that you demonstrate the following: +Travel pre-approval is required, per the [OWASP Travel policy](/www-policy/operational/travel.md), and will require that you demonstrate the following: - You have obtained sponsorship for all travel and incidental costs (if any) - You have demonstrated that your travel plans and destination have no travel restrictions, or that you have complied with them (such as being fully vaccinated) diff --git a/operational/events.md b/operational/events.md index 7d451ab..c9cdb26 100644 --- a/operational/events.md +++ b/operational/events.md @@ -280,13 +280,13 @@ Invoices and expense reimbursements will be denied if submitted more than 60 day ### Travel -All travel for events is governed by the Speaker's Agreement and the OWASP Travel Policy. In all cases, due to the fact that travel discourages investments in local capabilities and talent, and its very poor return on investment for mission funds, travel and accomodation must be pre-approved and is very unlikely to be approved. +All travel for events is governed by the Speaker's Agreement and the [OWASP Travel policy](/www-policy/operational/travel.md). In all cases, due to the fact that travel discourages investments in local capabilities and talent, and its very poor return on investment for mission funds, travel and accommodation must be pre-approved and is very unlikely to be approved. Rationale: OWASP Local, Regional, and Global Events have helped develop the skills of many famous speakers and trainers, who then go on to have an amazing career as a result. We want all speakers and all trainers from all over the world to be able to experience this by discouraging travel and encouraging local skill development. ### Speaker and Trainer Fees -All speaker and trainer fees and splits are governed by the Speaker and Trainer's Agreement, and in the unlikely case of travel or accomodation being approved, the OWASP Travel policy. For the purposes of this policy, the event/OWASP split is net the the trainer fee and travel (if any), and kept with the event's P&L until the net profit is determined after all income and expenses have been finalized. +All speaker and trainer fees and splits are governed by the Speaker and Trainer's Agreement, and in the unlikely case of travel or accommodation being approved, per the [OWASP Travel policy](/www-policy/operational/travel.md). For the purposes of this policy, the event/OWASP split is net the the trainer fee and travel (if any), and kept with the event's P&L until the net profit is determined after all income and expenses have been finalized. ### Speaker’s Gifts @@ -298,7 +298,8 @@ Keep in mind that not all speakers can accept gifts for various reasons, includi ### Insurance -All OWASP events must possess the correct insurance. The OWASP Foundation will provide the Event team with a quote for insurance. +All OWASP events must possess the correct insurance. The OWASP Foundation will provide the Event team with a quote for insurance. + ### Sponsorships The OWASP Foundation is the exclusive sponsorship agent of all OWASP Events. At the Director of Events and Corporate Support’s discretion, the OWASP Foundation may provide services to Event Teams to identify, solicit, contract, invoice, and collect sponsorship revenue. @@ -313,15 +314,15 @@ All ticketing or registration shall be done through OWASP managed services, rega For tax and non-profit compliance reasons, ticketing systems may not collect charitable gifts. If organizers wish to ask attendees to donate, they should encourage that through the standard donation process at https://owasp.org/donate. This process allows donors to receive a receipt they can use during tax preparation to claim a tax deduction. -### OWASP Member Discounts +### OWASP Member Discounts -For paid events, event teams are encouraged to provide and promote OWASP Member discounts. A typical amount is usually 20% off, or sufficient that the cost of OWASP membership is covered by the discount. Member discount code budgeting should ensure that discounted ticket prices still cover the costs associated with the event. +For paid events, event teams are encouraged to provide and promote OWASP Member discounts. A typical amount is usually 20% off, or sufficient that the cost of OWASP membership is covered by the discount. Member discount code budgeting should ensure that discounted ticket prices still cover the costs associated with the event. ### Discount codes For paid events, event teams can provide a discount code to encourage early bird registration or partner discounts. -Discount code requests shall be provided no later than 15 days before the opening of event ticketing. Each event has a revenue forecast built on a particular number of tickets sold at various discounts. Discount code budgeting should ensure that discounted ticket prices still cover the costs associated with the event. +Discount code requests shall be provided no later than 15 days before the opening of event ticketing. Each event has a revenue forecast built on a particular number of tickets sold at various discounts. Discount code budgeting should ensure that discounted ticket prices still cover the costs associated with the event. ### Bundling OWASP Memberships @@ -337,9 +338,9 @@ Event teams are responsible for forwarding a final membership report to the OWAS ### Scholarship registrations -OWASP’s mission is to provide application security training, career development, and skills development to everyone who wants to do so, including under-served, under-represented, or disadvantaged individuals. Event teams are encouraged to set aside a budget to cover small and financially responsible complimentary or reduced-cost tickets for scholarships under the Awards, Travel Assistance, and Scholarships policy. +OWASP’s mission is to provide application security training, career development, and skills development to everyone who wants to do so, including under-served, under-represented, or disadvantaged individuals. Event teams are encouraged to set aside a budget to cover small and financially responsible complimentary or reduced-cost tickets for scholarships under the [Awards, Travel Assistance, and Scholarships policy](/www-policy/operational/awards-and-scholarships.md). -Awards and Scholarships established by the Event are for that event only and are not transferrable. If unused and if time permits, Event Leaders should either designate a new winner or scholarship recipient using the same selection criteria as the original winner or recipient. Where an award or scholarship is unusued at the conclusion of the event, it shall be considered void. +Awards and Scholarships established by the Event are for that event only and are not transferrable. If unused and if time permits, Event Leaders should either designate a new winner or scholarship recipient using the same selection criteria as the original winner or recipient. Where an award or scholarship is unused at the conclusion of the event, it shall be considered void. Events should negotiate with and encourage paid trainers to donate a portion of their attendance or fee to permit scholarships, and include the trainers on the selection panel with a published and transparent rubric so that they have a say in who is selected. diff --git a/operational/expense-reimbursement.md b/operational/expense-reimbursement.md index 811cdf2..c2abc93 100644 --- a/operational/expense-reimbursement.md +++ b/operational/expense-reimbursement.md @@ -154,12 +154,12 @@ Joining, donating, funding, or sponsoring other organizations requires a partner ## Travel and Travel Assistance -The [Travel policy](TBA) governs Travel and travel assistance. The Foundation will not process unapproved travel expenses claims under the expenses policy. +The [OWASP Travel policy](/www-policy/operational/travel.md) governs Travel and travel assistance. The Foundation will not process unapproved travel expenses claims under the expenses policy. If Travel is pre-approved, travel expenses are subject to the reimbursement process laid out above, but in addition: - Bundling complete trip expenses into one submission is preferred. -- When submitting expenses for Travel, please subtotal amounts for Transit (Air/train/taxi), Lodging, and Meals. +- When submitting expenses for Travel, please subtotal amounts for Transit (air/train/bus/taxi), Lodging, and Meals. ## Hardware