For your policy to be implemented successfully, train people in OSS. Address what it is, what it isn't, and how it will work in your company. Create clear documentation and communicate with engineering and other key groups to make sure they understand how the policy works.

Open source can be used to build your product, but it might not be distributed with it. Internal or external use can have different license implications. Whenever you use, consume or contribute to open source, stay compliant and protect your intellectual property from exposure.

More and more companies rely on open-source software (OSS), and in this software-driven economy, an open-source policy is critical. It sets guidelines regarding use, license compliance and how to mitigate against operational risks. OSS's ever-increasing complexity also makes it necessary to have clearly defined policies. The appetite for OSS is growing in enterprises. Gartner predicts that by 2016, the majority of mainstream IT organizations will leverage OSS in mission-critical IT solutions. "Open source is a key part of technology leadership today," says Alyssa Harvey Dawson, vice president, Global Intellectual Property and Licensing at Harman International Industries, an audio entertainment company. "[It] is now a key part of most engineering development processes. You want to encourage your engineers to use it, but you must set guidelines to help them be fully aware of the impact and potential consequences of its use." She teamed up with Black Duck Software to offer these tips on developing an open-source policy. Black Duck's knowledge base tracks 1 million projects from 7,500 sites and contains 2,300 software licenses.