This checklist helps from early stage to seasoned OSPOs to navigate each OSPO stage's and tasks, based on the OSPO 5 stage maturity model. The OSPO checklist can be found at "The Evolution of the OSPO Study"
-
Define program branding (e.g., OSPO, open source initiative, head of open source operations).
-
Manage legal risk and licenses, creating new procedures and documentation to ensure employees use OSS according to its license terms and that the organization鈥檚 OSS consumption is not putting it at legal risk.
-
Create education programs to help developers decide when to use OSS in creating new products or services.
-
Set up specific software inventory processes to create an organization-wide software bill of materials (SBOM).
-
Overall, recognize the value of OSS and the need for compliance, education, and SBOMs.
-
Lay out best practices in interacting with OSS projects such as how to request features, file bug reports, and contribute basic code.
-
Communicate to employees and managers the importance of contributing to and not merely consuming OSS (including advocating for and driving event sponsorships, booking project leads and maintainers as speakers or panelists in public coding forums, and securing organizational resources to mission-critical OSS projects).
-
Incentivize developers to work on OSS projects critical to their operations, to the degree that developers become highly active contributors or primary maintainers.
- Initiate and host, or act as primary sponsors of, OSS projects.
- Create and launch open source projects to establish broad credibility in the open source community.
- Dedicate one or more full-time employee(s) to a project, and accept responsibility for nurturing a project community and ensuring its health.
- Develop internal processes, playbooks, checklists, tooling, and other mechanisms to vet, organize, and operate open source projects and to prepare and coach their leaders.
- Become a strategic partner for technology decisions, helping to guide choices and shape long-term commitments to projects.
- Advise the CTO and technology leadership on which open source technologies to adopt or remove from the organization鈥檚 technology stack.
- Take the lead on benchmarking what constitutes an acceptable OSS project.
- Help organizations understand and navigate project politics.