理解开源项目办公室在组织内的价值
- Introduction
- Reasons Behind Starting an OSPO
- Reasons Behind Sustaining an OSPO
- Assessing Value of Open Source Activity -
✅ Assessment
- Antipatterns -
🚫 OSPO Antipatterns
- Resources -
📚 Continue Here
简介
Organizations of various types, including end-user companies, software companies, universities, and public administrations, all have a relationship with open source. To handle software responsibly, organizations need to engage with open source. Establishing an organizational structure is an initial step to consolidate commitment, which is where an OSPO comes into play, as it acts as a means for organizations to support their objectives and address challenges when it comes to open source. For instance:
The tension between the need to ship product features and the need to contribute back to open source: Open source contributions may take a back seat when dealing with multiple day-to-day tasks.
Procurement processes with never-ending steps: Open source is a dynamic ecosystem whose contributions should occur as smoothly and naturally as possible. The long procurement processes faced in highly regulated environments, such as finance companies and governments, create a barrier to open source contribution and engagement.
A lack of consciousness about organizational responsibility: Due to the way open source was taught in the past, engineering-based tools, or even the engineering jargon used, the concept of open source may not be taken seriously in other areas of the organization involved in decision-making processes, management, or policy making.
To fully overcome these and other problems, organizations need to be equipped to manage open source operations on both cultural and practical levels.
To understand the value of an OSPO, it is important for the reader to understand the reasons for (1) Establishing an OSPO and (2) Sustaining it over the long term.
In this book, the section on Starting an OSPO is aimed at organizations that are taking their first steps toward creating a centralized space. This means that even if they already have personnel dedicated to open source initiatives, lack a centralized structure. On the other hand, the section on Sustaining an OSPO is more relevant to individuals within organizations that already have a similar entity in place, encompassing aspects such as strategy, compliance, community, and governance.
In both sections, the emphasis is on the different responsibilities of an OSPO to help manage open source as an ongoing activity and be well integrated into all organization’s units. This responsibility may evolve and become more complex over time, but it is definitely not a temporary task with a predetermined completion point.
Source:OSPOs, key lever for open source sustainability
The reasons behind STARTING an OSPO
The business value of the OSPO report explains some of the reasons shared by Open Source leaders across different industries and organization sizes.
- Building standardized processes around open source
- Learn how to approach the open source community
- Embracing the Sustainability of Open Source Projects
- Managing Compliance
- Expanding access to open knowledge
- Improving development velocity
- Mitigating Security Risks
The reasons behind SUSTAINING an OSPO
Stopping the work of an OSPO could have significant negative impacts on those organizations that use open source at any level, including loss of open source expertise, increased security and legal risks, reduced community engagement, and damage to reputation.
An OSPO needs to be an ongoing initiative within an organization in order to evolve its culture and open source knowledge, helping the organization to contribute to and build more secure open-source software, as well as improving the sustainability of open-source projects.
The different roles and pillars of support of an OSPO shared below can help readers understand why it should be viewed as a critical area to maintain and nurture within an organization, rather than just a pet project with an expiration date.
Acts as a Counselor: Sometimes a strategic approach just means stepping back and taking the time to think through some of the hard questions about what type of engagement model is right for any particular project or how involved the organization should be in each project. There is also the question of when it makes sense to contribute to an existing project versus creating a new project. An OSPO that is having these strategy-level conversations will be able to provide guidelines to workers at the different teams so that workers do not have to consider the business implications of different open source engagement models every time they try to solve a problem
Acts as a Facilitator: The OSPO also plays a sort of translation role between Organization’s teams and decision makers’ interests regarding open source and the needs from the open source community. They also help organizations navigate the cultural, process, and tool changes required to engage with the open source community effectively and in a healthy way.
Acts as an Advocate: OSPOs can promote the use and/or contribution of open source and best practices across different organizational units. This can help organizations realize the benefits of open source as well as engaging people to contribute to open source projects or start new ones
Acts as an Environmentalist: OSPOs can help organizations support and sustain open source projects in the long term by addressing issues such as security, maintenance, and project health. This can help ensure that open source projects remain healthy in the long term and continue to benefit the wider community.
Acts as a Gatekeeper: OSPOs can help to enforce OS policies and strengthen OS governance. This can help organizations to ensure compliance and mitigate OS security risks.
[Apendix A] A detailed perspective of open source in Public Administrations
We can see that more public sector organizations are realising the value of an Open Source Programme Office to not only achieve their digital policy goals to better serve their citizens but also to transform their organizations toward achieving these goals. Public sector organizations face unique challenges when it comes to managing their open source operations, including the need to comply with strict laws and regulations, and the requirement to provide transparent and accountable operations. An OSPO can help governments and public sector organizations to overcome these challenges.
Improved Compliance: An OSPO helps to ensure that their open source operations are compliant with relevant laws and regulations, including data privacy laws, procurement regulations, and transparency requirements. This helps organizations to avoid costly legal and regulatory challenges, and to maintain their reputation as responsible public sector organizations.
Increased Collaboration: An OSPO helps to foster collaboration between different departments and with external stakeholders, including other public sector organizations, open source communities, and civil society organizations. This increased collaboration helps organizations to access a wider pool of talent and resources, and to develop better open source solutions.
Better Resource Allocation: An OSPO helps to allocate resources more effectively, ensuring that open source operations are well-supported and that key initiatives are given the resources they need to succeed. This helps organizations to maximize the benefits of open source technology, and to drive innovation and growth.
Improved Service Delivery: An OSPO helps to improve the delivery of public services, by enabling them to adopt innovative and cost-effective technologies, and to collaborate with external stakeholders to develop better solutions. This helps organizations to provide better services to citizens, and to meet the changing needs of their communities.
The European Commission’s Open Source Program Office (OSPO) has launched a new portal that serves as a wiki or knowledge archive, providing up-to-date information on advancements in OSPO-related topics for public administrators. This portal offers a variety of resources, including useful studies, presentations, use cases, guides, and more, to readers interested in learning more about OSPO-related topics. Check 📚 Continue Here
at the end of this chapter.
[Appendix B] A broader view of open source in Universities and public admins: Open Work
In Chapter 1 we already introduced how open source has become increasingly significant for modern organizations. By extending the concept of “open” to encompass open research, design, and access, we can identify additional benefits that these practices bring to organizations. This broader view of openness is gaining traction in academic and public sectors, where the open work term is starting to be used among participants that engage in OSPO practitioner communities.
评估开源活动的价值
✅ Assessment
Despite an organizations might be aware of the general problems, responsibility and benefits that contributing to open source provides, identifying specific key motivators to move people to take action (create activity) and prioritize open source is a tough task. In this section, we will assess a methodology to communicate the value of contributing to open source and going beyond, which the OSPO can develop and use when working with the different teams that engages with open source. (Source: ospo-book mailing list discussion)
- Step one: Get familiar with the consumer-participation-contribution-leadership open source involvement model. This report by Dr. Ibrahim H explains the different stages (from consumer to leader involvement)
- Step two: Have 1:1 conversation with managers, high-level executives, and workers/contractors from different teams that uses open source in their day-to-day operations
- Step three: With the output from these 1:1 conversations, define concrete motivators and map them into areas within the organization where open source brings value
- Step four: make a second division that categorizes each of these motivators on the different stages within the open source involvement model
This is an example of the value of activity from participation to leadership stage that an OSPO from a corporation can elaborate on by following these steps:
反模式
🚫 OSPO Antipatterns
Common misunderstandings that should be corrected as soon as possible
- Characterize OSPOs as a purely top-down initiative: For instance, one pushed by management on an unwilling team of engineers
- OSPO = Sales Profit or Marketing Tool: Assume that an OSPO will act as a lead generator.
- Believe that an OSPO provides an immediate solution to the open source problems the organization faces
- See OSPOs as an added value and not as direct support for the core organization’s areas and functions: As cited in the 2020 State of the Software Supply Chain Report from Sonatype, 80-90% of modern applications consist of open source software. If your organization uses open source in their internal processes and/or products, is very likely that the OSPO enable and maintain risk mitigation. OSPO that have pure a technical focus and forget about Open Source culture: Working on code together means a lot of things: transparency, diversity and cooperation.
资源
📚 Continue Here