Self assessment Checklist
This is made for use by teams responsible for defining, implementing, and improving open source compliance programs within their organizations which will help them to evaluate open source applications and help them to make decisions while adopting and developing applications using open source software.This helpls them to make or use robust open source tool at less cost (development , maintenance etc..) and a reliable bug free software.
The self-assessment checklist presents a set of recommended practices distilled from the experiences of corporations committed to encouraging open source use while fully complying with OSS license obligations. Not every organization will see a need to implement every practice and some will find alternative practices or implementation approaches that achieve the goals of a compliance program.
Guidelines to Use the Checklist
The Self-Assessment Checklist can be used to stimulate discussion about the rigor and effectiveness of a compliance program and to focus attention on areas of greatest need for improvement. A facilitated discussion of checklist questions may be fruitful in achieving a consensus view of capability and gaining perspective on improvement possibilities.
The checklist may also be used by organizations, especially during the supplier selection process, to assess a supplier’s compliance process and gauge the likely reliability of its open source disclosures.
No scoring scheme has been provided in this initial version of the checklist. Organizations may wish to consider the following approaches to appraising individual compliance practices:
• Yes / No / Not Applicable
• Frequently Performed / Occasionally Performed / Rarely Performed
• Strong / Satisfactory / Weak / Not Done
• Fully Satisfied / Partly Satisfied / Not Satisfied
• Green (Good) / Yellow (Marginal) / Red (Unacceptable)
Feedback and Future Revisions
Sugesstions and feedback are welcomed.Please send the feedback to ______________
Additional Readings and Resources
The Linux Foundation has also published a number of white papers on compliance, available at
• “Free and Open Source Software Compliance: The Basics You Must Know”
• “Establishing Free and Open Source Software Compliance Programs: Challenges and
• “Free and Open Source Software Compliance: Who Does What”
• “Managing FOSS Compliance in the Enterprise”
• “FOSS Compliance: A Glimpse into Operational Best Known Practices”
FMEA Failure Mode Effects Analysis
IT Information Technology
OSRB Open Source Review Board
OSS Open Source Software
Illustration of Practices in Open Source Compliance Program:
Read More about these in detail in the following:
Core Compliance Building Blocks Supporting elements