Abstract: Commercial use of open source software is on the rise as more companies realize the benefits of using FLOSS components in their products. At the same time, the ungoverned use of such components can result in legal, financial, intellectual property, and other risks. To mitigate these risks, companies must govern their use of open source through appropriate processes. This paper presents an initial theory of industry best practices on getting started with open source governance and compliance, focusing on private companies. Through a qualitative survey, we conducted and analyzed 15 expert interviews in companies with advanced capabilities in open source governance. We also studied practitioner reports on existing practices for introducing FLOSS governance processes. We cast our resulting initial theory in the actionable format of best practice patterns that, when combined, form a practical handbook of getting started with FLOSS governance in private companies.
Keywords: Commercial Use of Open Source; FLOSS; FOSS; Industry Best Practice; Introduction of FLOSS in Companies; Open Source Software; Open Source Governance; Qualitative Survey.
Reference: Nikolay Harutyunyan and Dirk Riehle. “Getting Started with FLOSS Governance and Compliance in Companies.” In Proceedings of the 15th International Symposium on Open Collaboration (OpenSym 2019). ACM Press.
The paper is available as a PDF file.