I think we’ve all been on teams where everyone is working, but no one is thinking about whether it’s the “right” work. It can be too easy to go on autopilot and keep doing the same things without thinking about whether / how those activities fit within the goals of the overall organization. I’ve built my career around taking a strategic approach to the work that my team is doing by making sure that our efforts support the overall strategies of the organization. Most recently, I did this as Director of Open Source Community Strategy at VMware and before that as Pivotal’s Open Source Strategy Lead. I’ve given loads of conference talks and written many blog posts with this strategic approach as the underlying theme. Last week, I read a LinkedIn post and blog post from David Hirsch that got me thinking more about this, and those ideas just kept rolling around in my head until I decided that I should blog about how OSPOs (Open Source Program Offices) can take a more strategic approach.
One piece of David’s post talked about how OSPOs can play a critical role in digital sovereignty for European companies by helping them make better technology choices at a strategic level. I believe that this is absolutely critical for European companies, but thinking strategically is also important for all OSPOs, which is the focus of this post.
Being proactive and thinking strategically about how you are helping your organization meet their goals and objectives is something that can help your OSPO stand out as an important part of the business. This is especially true for new OSPOs, since it can help you justify continuing and growing your open source efforts, but it’s also something that established OSPOs should revisit regularly to make sure that you are still doing work that is valued within your organization. OSPOs often struggle to demonstrate the value of their work in a way that resonates with the people in leadership positions within their organization. Creating and regularly updating an open source strategy can help OSPOs frame their discussions with leadership to demonstrate the value of their open source efforts in ways that resonate with leadership and show how the open source works fits into the strategy of the organization as a whole. Once you have an OSPO strategy that aligns with the strategy of your organization, then you can figure out what you need to measure to show whether you are achieving your goals.
Another area that can benefit from an OSPO’s more strategic approach is in assessing risks and viability of the open source projects that your organization is consuming. Many organizations don’t have a rigorous or strategic process for selecting the most viable dependencies. Often product teams, or even individual software developers, select open source projects because they fill a particular technical need without any assessment of the viability of the project or the risks they might be taking by using it. Is the project controlled by a single company or a foundation? Who contributes to the project? Is the project at the risk of a rug pull or similar disruptions? Assessing the viability of open source projects, especially ones that have the potential to impact your business, is a good first step toward managing risk and reducing the chances of potential business disruptions. But it’s also important to look beyond just assessing the viability of individual projects and to look at viability and risk with a more holistic approach that includes assessing the risks associated with cloud infrastructure, data storage and access, use of AI models, vendor lock-in, and more.
Another critical piece of an OSPO’s strategy is around contribution to open source projects. By having employees actively participating and contributing to the projects that are most strategic for your organization, they can influence project direction, fix bugs, add features, otherwise improve the health and sustainability of the critical projects for your organization. I also like to think of contribution as a way to anticipate and mitigate risks as part of thinking about viability. When assessing viability, you can include whether contributing to a project might help improve viability. Organizations have the power and resources to make real improvements within open source projects, and corporate involvement and contribution can positively impact the sustainability of our projects.
I only scratched the surface of a few topics here. It isn’t possible to cover every part of an OSPO’s strategy in one blog post, so there are certainly other areas, like business impacts, licensing and compliance, governance, policies, and more. What’s important is to think about what your organization is trying to achieve and how your OSPO can play a strategic role in helping your organization be successful. If you want feedback or help with your open source strategy, I’m available for consulting engagements.
Additional Resources:
- Demonstrating Organizational Value and More about Demonstrating Organizational Value
- Strategy Before Metrics
- Assessing the Viability of Open Source Projects
- What can your OSPO do about power dynamics, rug pulls, and other corporate impacts on OSS sustainability?
- TODO Group Guide: Setting an Open Source Strategy
- A Strategic Approach to Assessing Viability of OSS Projects at the Open Source Finance Forum in London in June 2024 (video).
- Leading in Open Source, A Strategic Approach at State of Open Con in London in February 2023 (video).
Photo by Karolina Kołodziejczak on Unsplash