We've been publishing a series of tips on managing open source development to maximize your benefits and minimize the risks. In case you missed them, you can find the other posts in the series here. In today’s post, we continue the series with a tip on getting started with a pilot program. You’ll find a summary of the entire set of tips here.
4. Start with a pilot program
A small pilot project lets you validate all the elements of your program before rolling it out to the whole organization. The success of the governance program requires new processes, new technology, and the buy-in of key stakeholders. It’s much easier to work out the problems in a small, focused pilot than in the midst of an organization-wide deployment.
- Start with a few groups of developers and a few key applications. There is no need to attempt an enterprise-wide roll out immediately as this just adds risk and expense. Keep the ultimate goal in mind, but get there in a series of small steps.
- Develop a plan to move from pilot program to department to enterprise-wide based on specific success criteria. Identify both the key objectives and stakeholders for each stage. Don’t move on to the next stage until you’ve met your success criteria. It's better to repeat the process a few times in the beginning in order to prevent problems later.
- Ensure policies are both enforceable and non-punitive to ensure acceptance and adoption. For policies to be truly effective, you must have an automated way to monitor and enforce them. Yes, everyone wants to “do the right thing”, but when under pressure to “just ship it,” teams may take shortcuts. We recommend instrumenting key development stages to automatically catch policy violations. For example, the build system could report and automatically fail builds that contain problematic components. You might also require that projects be validated prior to promoting them to the quality assurance team or ultimately to production.
That wraps up today’s tip. In our next post, we’ll talk about a technique you can use to choose components wisely.
In the meantime, check out Sonatype Insight. Insight helps you build better software faster without unnecessary quality, security, or licensing risks and without disrupting your development process. Learn more at www.sonatype.com/insight.