(WORK IN PROGRESS/Last review – 14 August 2008 )
Reviewers’ main tasks
To exemplify, please take into consideration the OWASP Live CD 2008 Project.
Simplifying, we would say that the work review will basically consist in certifying that the project’s objectives and deliveries were accomplished and, taking into consideration the OWASP assessment criteria, in certifying that the target Status was reached. Additionally we expect the reviewer always to be available to provide useful advice to the project developer. These tasks must be performed twice: the first one, the 50% Review, by June 29 and the second one, the Final Review, by September 15.
Furthermore, on the top of what was said before, in our perspective, to be a reviewer means, at least, to point out scientific/technical and methodological mistakes, to propose paths to follow, to propose tools and documentation/bibliography to be studied and consulted. In addition, in our opinion, the reviewer role also includes the responsibility of avoiding claims of plagiarism and the responsibility for the language review accordingly to these rules. However, as far as we can see it, the reviewer has the responsibility/right of proposing paths and changes to be followed and the project leader has the responsibility/right of accepting it or not.
REVIEWERS/CONTRIBUTORS VERSUS REVIEWERS
On the one hand, we see project leaders, contributors and reviewers as individuals of the same team with the shared propose of delivering the best results.
On the other hand, we recommend keeping a clear distinction between author(s)/contributors and reviewers as the scientific/technical condition to reach the shared goal of final improved deliveries. The total independence of each part is scientific process’s condition sine qua non.
To deal with this tension, and taking into consideration the OWASP culture, in the future we would like to implement a solution based on a democratic decision-making process so that the technical decisions are made by the technical people who are best informed about the subject. When properly led, a small group of the most knowledgeable people working together will invariably arrive at a better conclusion than any senior manager could possibly produce. Of course, these democratic principles must be coupled with some communications and a coordination process to get the right people to work together to make the decisions.
However, even if everybody behaves democratically, mistakes can always be done. This link, for example, points out a couple of them – be aware and do try to avoid them.
To conclude, we don’t want to over define everything – keeping in mind that our proposed main goal is to deliver the best results possible within the given timetable, we encourage teamwork.
Still, we will always be here if you find advantage in consulting us for anything you think we can help with.
Paulo Coimbra and Dinis Cruz