Skip to main content

The Linux Foundation Releases Free Open Compliance Handbook to Improve Knowledge of Compliance Best Practices

By 11/15/20168月 22nd, 2017Press Release

Helps organizations achieve open source compliance while minimizing impact on engineering resources and product delivery timelines

TOKYO (OPEN COMPLIANCE SUMMIT) AND SAN FRANCISCO – November 16, 2016 – The Linux Foundation, the nonprofit advancing professional open source management for mass collaboration, today released a free ebook, Open Source Compliance in the Enterprise, with the goal of improving understanding of issues related to the licensing, development and reuse of open source software.

The intent of Open Source Compliance in the Enterprise is to provide organizations with guidance on how best to participate appropriately in open source communities and to do so in a legal and responsible way. This publication is a resource on how  to create a common understanding of the best ways to create shared value and innovation while adhering to the spirit and legal particulars of open source licensing.

The book is written by Ibrahim Haddad, Ph.D., vice president of R&D and the head of the open source group at Samsung Research America. Haddad is responsible for overseeing Samsung’s open source strategy and execution, internal and external collaborative R&D projects.  ​

Chapters take readers through the entire process of open source compliance, including an introduction to the topic, a description of how to establish an open source management program at their organization, and an overview of relevant roles. Examples of best practices and compliance checklists are provided to help those responsible for compliance activities create their own processes and policies.

“We frequently hear from organizations contributing to or simply using open source software about the desire to comply, but uncertainty about how best to do so,” said Mike Dolan, VP of strategic programs at The Linux Foundation. “Although it is sometimes viewed as a challenge, with better education on the topic, compliance can be easier for all involved in open source. This ebook, along with other efforts such as our free Compliance Basics for Developers training course, is one way we are working to help close the knowledge gap and make compliance easier for everyone.”

The Linux Foundation’s Open Compliance Program achieved several milestones in 2016 with the launch of the OpenChain 1.0 specification, which helps supply chain members build trust with one another when using open source; a mechanism for tagging source files as well as now being able to link to security databases in the SPDX 2.1 specification release; the free Compliance Basics for Developers course launched earlier this year; and open source consulting services which can help tailor open source management programs.    

Open Source Compliance in the Enterprise is available for download now at

About The Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and commercial adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at

# # #

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: Linux is a registered trademark of Linus Torvalds.

The Linux Foundation
Follow Us