The Open Source Program Office (OSPO) is responsible for the overall management and direction of an organization's open source program.
This includes managing the open source software inventory, identifying and managing legal and compliance risks, and ensuring that open source software is used in compliance with company policies and procedures.
Designed to be the center of competency for an organization's open source operations and structure, this can include setting code use, distribution, selection, auditing and other policies, as well as training developers, ensuring legal compliance and promoting and building community engagement that benefits the organization strategically.
Advises the CTO and technology leadership on open source technologies to adopt/remove from the organization’s technology stack.
- Increasing regulatory & compliance requirements
- Education of open source and the benefits
- Getting consensus across lines of business
Open Source Engagement
The OSPO interacts with open source software by evaluating open source projects and components to determine whether they meet company standards and requirements, and by working with internal teams to ensure that they are aware of and are compliant with open source policies and procedures. They also work with external open source communities to ensure that the company is in compliance with open source licenses and contributing back to open source projects.
(See activities below)
Calls To Action
Read the Survey Report "The State of Open Source in Financial Institutions"
Watch recorded presentations from the 2022 FINOS Open Source Strategy Forum
Attend the FINOS Member Meetings and OSFF events
Why Open-Source a Firm Project?
Just as there are many reasons to contribute to open source projects, it is the same when it comes to a financial institution deciding to open-source. However, the reasoning behind might be different.
Making The Case For Contribution
Organisational change can be very hard to achieve since organisations are naturally protective of themselves and the status quo. Setting up an OSPO and beginning an open source journey will seem like a risky and dangerous proposition for many parts of an organisation.
Contributing Your Own Open Source Project
THIS IS A PLACEHOLDER
Ensuring Open Source Compliance For Contribution
Contributing to an open source project from within a regulated firm is likely to contravene one or more policies. Staff who contribute to open source as part of their jobs are likely to be in breach of their terms of employment or likely to get disciplined. For this reason, in order to enable open source contribution, new policy needs to be written which creates space within the compliance landscape.
Open Source Contribution Training
It is generally preferable if an Open Source Contribution Policy can be enforced via tooling (so called policy as code). However, often policy will refer to behaviours and expectations of staff which cannot be controlled through systems. In these cases, training courses will be needed to help promote desired behaviours.
This article looks at the best practices around surveillance (of communications) to enable open source contribution.
Interacting with Foundations
THIS IS A PLACEHOLDER
This article looks at the best practices around publication (of code) to enable open source contribution.
Creating an Open Source Program Office (OSPO)
THIS IS A PLACEHOLDER
Fostering Community Engagement
Within the Open Source Ecosystem, millions of projects exist and some of the projects are duplicate efforts. The open source community is vast and sometimes very hard to reach.
Open Source Consumption Training
This guide is intended to help OSPOs of all maturity levels build an open source training course that is created with purpose to deliver impact. Whether your OSPO recently launched or is looking into re-doing the firms open source training, this guide will provide ideas and content that can be implemented to a comprehensive open source training course.
Managing Open Source Talent
Managing talent in financial institutions is crucial because the quality, motivation, and expertise of their workforce directly influence the institutions' ability to innovate, maintain a competitive edge, comply with regulatory requirements, and ultimately drive financial performance and growth.