OpenSource Guardrails - Governance

Governance ensures that the use, contribution, and management of FOSS align with the company's strategic objectives, legal requirements, and operational standards.

Establishing an open source governance committee is crucial fundamental step, It includes stakeholders from legal, security, compliance, engineering development, and management teams.

This team is tasked with

• Establishing the FOSS policies and ensuring the adherence to them
• Review and approve inbound and outbound open-source
• Stay actively engaged on legal and industry changes w.r.t. open-source
• Build a training plans for teams according to their needs.
• Build bridges to connect teams with open-source communities.

It may establish further teams e.g. an open-source Council to review and approve outbound contributions and license compliance guidelines.

A successful Governance model will act as joining fabric between various teams and act as catalyst to improve team efficiency, A failed one will insert itself as an enforcer and reduce product velocity. Teams producing and consuming open-source will notice it both ways.

Measuring success of such a team is not that hard.