Four Steps to Creating an Effective Open Source Policy
Download as PPTX, PDF1 like2,935 views
The document outlines four essential steps for developing an effective open source software (OSS) policy: identifying key stakeholders, preparing for discussions, drafting the policy, and reviewing and updating it. It emphasizes the importance of managing the complexity and risks associated with OSS while leveraging its advantages, such as lower costs and faster time to market. A successful OSS policy encompasses clear guidelines tailored to organizational needs and includes ongoing training and compliance checks.
Four Steps to Creating an Effective Open Source Policy
- 1. Executive Briefing: Four Steps to Creating an Effective Open Source Policy Greg Olson Senior Director, OSS Management Olliance Group
- 2. Speaker Greg Olson Senior Director, Open Source Management Over 30 years of software industry experience Managed delivery of over 150 engagements at Olliance Group Founder and chairman of Sendmail, one of the first commercial open source companies VP of Strategy and Business Development, Sybase CTO, Britton Lee, Inc. Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 2
- 3. Olliance Group, a Black Duck Company Leading global FOSS strategy development, planning, and implementation firm – Business – Technology – Governance – Community Ten years, 500+ engagements Founder and host of the Open Source Think Tank – See thinktank.olliancegroup.com Acquired by Black Duck Software – December 2010 Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 3
- 4. Agenda Why Use Open Source Software? How is the use of Open Source best managed? The Policy Development Process Implementation Summary and Conclusions Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 4
- 5. Why Use Open Source Software? Best-in-class software in some areas is OSS Your product must interoperate with other OSS, e.g. Linux Your customers favor or even require OSS OSS came with a corporate acquisition It is a lower cost alternative to traditional commercial packages You will need to customize externally sourced software Faster time to market by avoiding development and testing of new code Lower development costs by using free, already de-bugged code Lower code maintenance costs by taking advantage of community maintenance Your code-base already contains significant OSS Sixty-two percent of organizations surveyed indicated that their usage of open source software in deployed software portfolios would exceed 25 percent in the next 18 months. And a full 17 percent of organizations expect their portfolios to be 50 to 74 percent made up of open source software. in their deployed software portfolios. Laurie Wurster, Gartner Group, March 2011 Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 5
- 6. The Open Source Revolution OSS OSS OSS OSS OSS OSS Commercial Commercial Software Software Package Package OSS OSS OSS OSS OSS Negotiated OSS OSS OSS OSS OSS OSS Procurement Download Mostly Custom Development Mostly Integration This new approach creates new challenges – Higher volume of code acquisition decisions – Maintaining code and version consistency across an organization – Managing support for many external elements – Managing participation in public communities – Insuring license compliance for many elements at distribution time Copyright © 2011 Black Duck Software, Inc. All Rights Reserved.
- 7. Open Source Management Goal: Manage the complexity and risk inherent in the use of open source software without reducing its productivity advantages What it takes to achieve this goal – Strategy and a clear understanding of objectives at the business level – A Policy – A Governance Process – Ongoing audit and tuning Open Source Management works best when it is a natural part of the software development process "Companies must have a policy for procuring OSS, deciding which applications will be supported by OSS, and identifying the intellectual property risk or supportability risk associated with using OSS. Once a policy is in place, then there must be a governance process to enforce it." Laurie Wurster, research director at Gartner Group Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 7
- 8. What is an OSS Policy? A set of rules and guidelines for using and managing OSS in your organization An effective OSS policy must – Cover all the essential aspects of managing OSS – Be succinct and easily understood – Reflect the way software is developed and delivered in your company Image CC Fotolia_14119067_M Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 8
- 9. Developing and Open Source Policy Step 1: Identify key stakeholders and get their commitment Step 2: Prepare for discussions Step 3: Draft the policy Step 4: Review and update the policy Identify Prepare Draft Review Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 9
- 10. Step 1: Get Commitment of the Stakeholders In most organizations the important stakeholders represent the following functions: – Software Architecture – Software Development – QA and/or Release Management – Legal – Product or Line of Business Management Organizations with sensitive data may also have a Security stakeholder, responsible for the security of software Getting stakeholder commitment to developing an OSS policy is a critical success factor Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 10
- 11. Step 2: Prepare for Discussions Establish a shared base of understanding – Collect and disseminate information about your organization's use and plans for OSS, documents such as: Existing policies or processes related to OSS Inventories of OSS currently used within the organization Existing license compliance requirements and or procedures – Prepare a clearly articulated strategy for using OSS What benefits does the company most want? How will the company insure they are realized? Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 11
- 12. Step 3: Draft the Policy An OSS Policy is typically developed in a series of interactive meetings with the stakeholders Many companies have found that using a facilitator with experience in OSS policy and its operational implications can speed the results An OSS policy should address the following elements: 1. Program administration and management 2. Discovery, acquisition and evaluation 3. Review and approval 4. Software procurement 5. Code and documentation management 6. Support and maintenance 7. License compliance 8. Community participation Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 12
- 13. Step 4: Review and Update the Policy Produce a draft policy document Circulate for review of the stakeholders – Two or three iterations are typical Obtain approval of stakeholders and other required executives Plan to review and update policy at regular intervals, typically – On completion of initial implementation – Annually thereafter Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 13
- 14. Implementation Implement the policy through a set of processes Good processes facilitate both efficient software development and effective OSS management – Making it easy to "do the right thing." These process must also contain adequate checks to make sure that the OSS policy is consistently followed Training is a key success factor for OSS Management implementations – For all participants in the policy and processes – Even the best-intentioned individuals cannot follow rules and processes they don't know and understand Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 14
- 15. Summary and Conclusions There are many compelling reasons to use open source software, but this use entails new risks that must be managed An OSS policy is your primary specification for managing your OSS use There are four proven steps to developing an OSS Policy – Step 1: Identify key stakeholders and get their commitment – Step 2: Prepare for discussions – Step 3: Draft the policy – Step 4: Review, update and approve the policy The dimensions of an effective OSS Policy are well understood and proven best practices exist An experienced facilitator can increase the speed and improve the quality of this development process Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 15
- 16. Next Steps 1. Contact us: Greg Olson Sr. Director, OSS Management Olliance Group – a Black Duck company [email protected] 650.493.3800 x207 2. Free Whitepaper: – Four Steps to Creating an Effective Open Source Policy Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 16
Editor's Notes
- #4: FOSS Strategy ConsultingCorporate StrategyBusiness ModelsMarket StrategyCorporate StrategyBusiness ModelsMarket StrategyMonetization StrategyChannels StrategyPartnering StrategyFOSS GovernancePolicy DevelopmentProcess DevelopmentLicense ComplianceRemediation PlanningCommunity EngagementRelease Policy and ProcessContribution StrategyCommunity Relations PlanCommunity AlliancesBusiness DevelopmentChannel AssessmentTargeting and Value Proposition DevelopmentProgram Planning