More and more companies turn to Linux and other open source software for great functionality and competitive advantage in product development. When they do so, most organizations recognize their responsibility to comply with open source license obligations. They embrace the responsibility as part of using open source. Unfortunately, some companies remain unaware of their obligations or choose to ignore them. Others are simply daunted by the task of putting a compliance program in place. They needn’t be: There are lots of resources to turn to for guidance. The Linux Foundation has created comprehensive training courses on compliance that are delivered confidentially onsite to help companies meet their responsibilities. We also have instructive white papers and a great checklist of compliance actions compiled from experiences of industry-best compliance programs, and the FOSSBazaar governance community to share thoughts about compliance challenges and solutions.
But those resources may be most useful to companies that have committed themselves to compliance and understand the scope of the task before them. What about companies that know they have to do something but haven’t even thought about where to start? To help those companies, we’ve recorded a webinar titled “Six Tips for Getting Started with Open Source Compliance.” It’s readily understandable, even by someone whose expertise lies outside software development. The webinar is a great place to start with compliance and lays the groundwork for the more comprehensive Linux Foundation compliance training later.
Who should listen to the webinar? Whoever will be responsible for establishing their company’s open source compliance program. This could be someone in product development, or the software engineering department, or the Law Department, or Corporate Compliance, or Supplier Management, or QA. Whoever it turns out to be, they need to get things rolling and learn enough to designate or recruit the right people to implement a compliance program.
So, check out the Six Tips webinar. It’s well worth the 15 minutes you’ll spend. While you’re at it, take a listen to the Introduction to SPDXTM webinar. Phil Odence provides a great three-minute introduction to the Software Package Data Exchange project, which will transform the way companies inform their trading partners of the open source content in the software they deliver. After listening, you’ll want to visit the SPDX webpages to learn more about the project.
It’s time to get started!