Open Source Compliance Automation

It’s becoming increasingly common to find Open Source Program Offices (OSPOs) springing up on the organizational landscape as the adoption of open source software proliferates. In this advent of ‘open source is transforming the software world,’ companies organize centralized teams to holistically and strategically align open source tools and processes with their diverse needs —across sales, engineering and marketing—to ensure outputs are successful.

VMware has a well-established OSPO, which has an unwavering focus on the company’s mission and goals, while cultivating the open source ecosystem. For VMware and in general, the responsibilities of an OSPO look like this:

  1. Owning and overseeing the execution of the open source strategy
  2. Communicating the open source strategy within and outside the company
  3. Facilitating the effective use of open source in commercial products and services
  4. Managing open source license compliance
  5. Providing compliance tools and simplifying the open source compliance process
  6. Fostering an open source culture within the organization

Improving User Experience in Compliance Tool Development

My core responsibilities working in VMware’s OSPO involves putting all six of the above objectives into play, while managing the company’s open source compliance tool developers, product teams and key internal partners across the company, all aimed at improving our customers’ user experience. I assumed my role in 2017 and initially familiarized myself with VMware’s license compliance tools to understand the user experience, and identify opportunities to improve the tool UI and its associated documentation. I collaborated closely with the compliance tool development team and together we brainstormed ways to improve the user experience—defining different personas to improve the tool end-to-end workflow, UI interface and documentation—while reducing unnecessary cycles spent on the license compliance process.

Encouraging Lateral Thinking to Improve User Experience

Open source is an essential catalyst of today’s technology solutions—it’s software in the modern world. And I got to thinking about that and how we could leverage open source to benefit our customers and go beyond meeting their present needs. So I asked my tool developers to consider potential changes from the perspective of each defined persona such as code, documentation, tool upgrade, tool scalability and enhancements—all ‘future-ready’ aspects to improve the user experience.

We furthered our journey by identifying opportunities to co-innovate with some product teams to learn the various user build environments and special use cases. Our users felt that short end-to-end tool demos would provide them with a quick understanding of the end-to-end workflow of our compliance tools and how to integrate them into their development process. We also learned we needed to restructure our user documentation flow and content, and include actual samples of working scripts to enable users to quickly access the information needed and leverage the creation of scripts to reduce product team’s integration efforts.

The Benefit of Collaborating with Other Product Teams

As a result of our close collaboration and building trusting relationships, some of the product teams discerned value in committing engineering resources to participate in a few pilots to help us stabilize the key tool. It was an excellent outcome and I made sure to recognize both individual and team efforts, and even in some cases, alerted particular individuals’ direct reports on a job well done.

At this juncture I also hosted strategic sessions with our compliance inbound team to generate ideas that would help us further move the needle with compliance automation. Through these discussions, our compliance inbound team generated short training videos to help our product teams quickly gain understanding of our compliance process, tools, and become familiar with helpful resources to simplify the onboarding process.


Creating a collaborative environment and building trusting relationships within my team of compliance tool developers has enabled them to ‘think outside of the box,’ innovate and become more productive. We can’t just focus on the compliance process and tools—people are the key to success, with the added benefits of peer learning and self-improvement.

If you’re interested in learning more about starting an OSPO in your company, FOSSA, an organization whose mission is “to make open source ubiquitous, risk-free and exponentially more valuable,” offers two exceptional resources. The first is a white paper that addresses the role of an OSPO and the second, provides an overview (guide and webinar included) on building the OSPO.

What’s your experience and learnings as a change agent managing open source inbound?


Leave a Reply

Your email address will not be published. Required fields are marked *