Rules of Procedure

Signatory Version 2 (WIP)

This is a DRAFT or SUBSTANTIALLY MODIFIED existing policy currently in an open review period. Please respond with your comments and inputs regarding this page or directly submit a pull request.

Financial and Spending Authority

Executive Director

The Executive Director, subject to the quarterly total spending as set forth in the Quarterly Breakdown of the Annual Budget (Quarterly Plan) approved by the Board of Directors (Board) and exercising all necessary due diligence and care, is individually authorized by this delegation to obligate the funds of the OWASP Foundation (OWASP), to execute agreements reflecting those obligations, and to further delegate this authority as deemed appropriate, up to and including the limits set forth below per transaction, such limit shall include integrated or related transactions.

The Executive Director, in conjunction with either the Board Chair or the Treasurer may jointly authorize spending on a particular transaction (including integrated or related transactions) exceeding the limits set forth below, up to the approved Quarterly Plan.

  • Legally binding contractual arrangements, $ 500,000
  • General Operational Spending (including but not limited to, payroll, expenses, and accounts payable), $ 500,000
  • Transferring funds between and managing OWASP bank accounts and other financial accounts $ 100,000
  • Grant making authority $ 100,000
  • Purchasing equipment and assets $ 10,000

Any spending which exceeds the Quarterly Plan by more than 10%, must be approved by the Board of Directors.

Chief Financial Officer

The Chief Financial Officer is authorized to oversee and manage the OWASP’s bank accounts and other financial services related accounts, such as payments processing (or similar financial institution), and to authorize the transfer of funds from one OWASP account to any other OWASP account, and to further delegate this authority, up to and including the limits set forth below per transaction, which includes integrated or related transactions. Any transfer of funds from one OWASP account to any other OWASP account exceeding the amounts set forth in the immediately preceding resolution must be approved in writing by or signed by the Treasurer of the Board or Chairperson of the Board.

  • Bank accounts $ 100,000
  • Investment accounts $ 200,000
  • Payment processing, or other financial institutions $ 500,000


Payments conforming to the limits and specifications above will be presented to the Chair and Treasurer of OWASP for review prior to final processing. Either the Chair or Treasure may refuse payment with an email recieved within 72 hours of presentation indicating its denial, otherwise those payments are considered approved for processing.

These polices are subject to annual review by the Board and shall be considered in effect, unless revoked by resolution of the Board. All delegations of authority granted in these policies are limited by the quarterly budget totals as set forth in Quarterly Plan as approved by the Board, which retains the right to alter spending authority limits required.