Several departments are involved in ensuring open-source compliance. Here’s a generic breakdown of the different departments and their roles in achieving open-source compliance:
• Legal: advises on licensing conflicts, participates in OSRB reviews, and reviews and approves content of the opensource external portal.
• Engineering and product team: submits OSRB requests to use open-source software, participates in the OSRB reviews, responds promptly to questions asked by the compliance team, maintains a change log for all open-source software that will be made publicly available, prepares source code packages for distribution on the company’s open-source public portal, integrates auditing and compliance as part of the software development process checkpoints, and takes available open-source training.
• OSRB team: drives and coordinates all open-source activities, including driving the open-source compliance process; performs due diligence on suppliers’ use of open source; performs code inspections to ensure inclusion of open-source copyright notices, change logs and the like in source code comments; performs design reviews with the engineering team; compiles a list of obligations for all open-source software used in the product and passes it to appropriate departments for fulfillment; verifies fulfillment of obligations; offers open-source training to engineers; creates content for the internal and external open-source portals; and handles compliance inquiries.
• Documentation team: produces open-source license file and notices that will be placed in the product.
• Supply chain: mandates third-party software providers to disclose open-source software used in what is being delivered.
• IT: supports and maintains compliance infrastructure, including servers, tools, mailing lists and portals; and develops tools that help with compliance activities, such as linkage analysis.
Source of Information : Linux Journal 185 September 2009
One of the misconceptions about cloud storage is that it is only useful for storing files. This assumption comes from the popularity of file...
On today’s Internet, IPv4 has the following disadvantages: • Limited address space. The most visible and urgent problem with using IPv4 on ...
The following are the advantages of WAP: ● Implementation near to the Internet model; ● Most modern mobile telephone devices support WAP; ...
Many of the virus, adware, security, and crash problems with Windows occu when someone installs a driver of dubious origin. The driver suppo...