Last week we published the first in our multi-part series on managing open source to maximize benefits and minimize risks. In case you missed it, you can find it here. In today’s post, we continue the series with a practical tip on getting started with an open source governance program. You’ll find a summary of the entire set of tips here.
In Critical Strategies to Manage Risk and Maximize Business Value of Open Source in the Enterprise, Gartner Research Vice President Mark Driver notes “Above all other considerations, the primary factor in balancing risk versus reward from open- source-software (OSS) assets hinges on the successful execution of an enterprise open- source governance program.” Yet, Sonatype's 2011 developer survey (see figure below) revealed that 87% of organizations did not have an effective policy in place for choosing open source components.
Some things to consider when developing your policy:
That wraps up today’s tip on getting started with open source governance. In our next post, we’ll talk about how to get started with your program.
In the meantime, check out Sonatype Insight. Insight helps you build better software faster without unnecessary quality, security, or licensing risks and without disrupting your development process. Learn more at www.sonatype.com/insight.