Best Practices for Creating an Open Source Policy

FOSSBazaar is no longer being updated. The information on this site is preserved for your convenience but may be out of date. Please visit Linux Foundation's Open Compliance Program for current information and activities.

Wazi's picture
The excerpt below is from an article by Stormy Peters that originally appeared on Wazi, a clearinghouse for the timeliest thinking on open source software.


Most companies using open source software know they need an open source policy policy. However, when it comes to creating a policy companies often don’t know where to start and spend months debating policy details and researching options. This guide is intended to help you write an open source software policy. But perhaps more important, it will also help you figure out who to include in the policy creation process so that your company is likely to agree upon and use the open source software policy once it’s been written.

Why do you need an open source software policy?

At first many companies question the need for an open source software policy—primarily because they think it will be too difficult to create. Policy creation does require a lot of work and cooperation, but by following this guide you should be able to create and roll out an open source software policy in less than a month.
Some of the main benefits to having an open source software policy include:
  • Ensuring the company is in agreement about how to use open source software. Companies often start drafting an open source policy when somebody in management realizes they don’t know how much their IT department or software products depend on open source software. A clearly-stated policy can help ensure that everyone in the company is on board with your open source strategy and that employees feel like they’re empowered to use open source software where appropriate.
  • Maximizing the benefit of open source software. By creating a policy, you will put processes in place that will enable employees to use open source software effectively as well as share knowledge and workload between teams. For example, three different teams won’t independently figure out how to get support for the same project, and different employees won’t independently evaluate the same upgrade. Having an open source software policy and sharing information across the enterprise will enable your company to maximize the benefits of the open source software it uses.
  • Minimizing the legal, technical, and business risks of using open source software. Executive management and attorneys are often very concerned about being sued for using open source software, getting caught without sufficient technical support, or receiving bad publicity related to how open source software is used. An open source software policy can not only minimize those risks but also show concerned employees how the company is addressing those needs.

The process of writing an open source policy

The key to writing an open source software policy is just to get started! Companies typically either write, approve, and adopt an open source software policy within a month, or else they spend months working on a policy and yet fail to gain company-wide approval on the finished product. By following these steps you can ensure your company has an approved and adopted policy within a few weeks:
  • Identify key stakeholders
  • Get stakeholders to buy into the concept of a policy
  • Figure out your company’s strategy
  • Create the first draft of the policy
  • Get widespread review and acceptance, starting with your stakeholders
  • Repeat last two steps as necessary

Continue reading Best Practices for Creating an Open Source Policy »