Abstract: Using open source code in commercial software development is gaining more and more momentum during the recent years. While providing benefits along all three dimensions of the software development’s magic triangle of cost, time and scope, use of open source in commercial setting holds certain risks and challenges that can be addressed with FLOSS governance and compliance in the organization. However, the surveys show that about a half of the companies dealing with open source in their software development do not have any specific FLOSS governance procedures. The objective of this thesis is to develop a theory of FLOSS governance and compliance best practices in software development companies. The study uses case study research methodology applied to five German companies. The best practices are derived from the data collected during semi-structured interviews with the help of Qualitative Data Analysis. Key research findings are summarized and the full list of derived best practices in the form of best practice patterns is presented. The formulated best practices in the categories “Policies”, “Processes” and “People and Tools” can be used by software companies to leverage the advantages of using open source while mitigating the associated risks.
Keywords: Open source software, FLOSS, FOSS, proprietary software, FLOSS government, open source license compliance, software development management, case study, best practice
Reference: Viktoriya Promyshlyanska. Theory of Industry Best Practices of FLOSS Governance and Compliance. Master Thesis, Friedrich-Alexander-Universität Erlangen-Nürnberg: 2017.