When And Why Do I Update Open Source Policy Rules?

Jesse Hood | OpenLogic | October 24, 2012

In today’s article I will discuss some internal and external events that may cause you to update your open source policy rules.  For this discussion it is important to differentiate between the open source software (OSS) policy and the rules that flow from the policy.

The OSS policy is an extensive document or framework that covers such topics as: free and open source software product and license definitions, company terminology, usage models, support strategy, information security risk thresholds, contribution guidelines, best practices, and so forth.  The OSS policy rules are the day-to-day guidance established by your open source review board (OSRB) for the entire company. 

Policy rules generally trigger by license type, OSS package, or how the software is being used.  Even considering these categories, it's nearly impossible to write rules that are going to take into account every scenario you will come across.  A flexible and actionable open source management process will allow your OSRB to update and add rules as new scenarios arise or business needs require.  There are a variety of internal and external events that may require such updates.  Lets start with some internal events...