The acceptance and adoption of free and open source software (FOSS) is widespread and expanding rapidly across many industries. The use of FOSS is an attractive asset for many parts of an organization including development, IT operations, and IT strategy. For an organization to successfully deploy or develop FOSS, a system of proper IT governance and management is critical.
The use of FOSS in an organization carries a unique set of complexities. Techniques commonly used for the governance of traditional software do not adequately address open source issues. To develop a proper FOSS governance system, an organization needs an understanding and appreciation of the specific requirements associated with using open source software throughout its entire lifecycle. A comprehensive FOSS governance system must include processes to track its use and ensure compliance with a growing set of issues, such as acquisition, licensing, support, and distribution.
This document is intended as a primer on FOSS governance fundamentals and covers the following topics:
Understanding IT governance
Understanding open source
Identifying the benefits and potential risks of using FOSS
Understanding open source policies and guidelines
Developing FOSS governance strategies
Managing the use and proliferation of FOSS
Using compliance tools
This document is intended for a cross-organizational audience, and includes software development, auditing, legal, procurement, operational risk management, technology strategy, and line of business departments.
The complete FOSS Governance Fundamentals document is also available in the PDF format as a stand alone document for your use.
A translation of this document to French is available.