JavaScript isn't enabled in your browser, so this file can't be opened. Enable and reload.
The OpenChain Industry Survey 2022
Welcome! This survey covers a big topic: the global status of corporate engagement and management of open source. We are considering this from a “strategy” perspective rather than a “development” perspective. Our goal is to help inform project, product and supply chain decisions in the year ahead.
This survey is licensed under CC-0 so feel free to take it as the basis for your own surveys in the future.
This survey is also available in...
简体中文:
https://wj.qq.com/s2/9935077/5841/
繁體中文:
https://forms.gle/VK2unUYAYXEUuKeJ7
Deutsch:
https://forms.gle/j8VTN98TQy7wzPHg6
English:
https://forms.gle/LvU9RFZZRFb85f477
日本:
https://forms.gle/A2qdawgY9h7CWr3q8
Sign in to Google
to save your progress.
Learn more
* Indicates required question
Where are you based?
*
Canada
China
Japan
Korea
France
Germany
India
Italy
Spain
Taiwan (China)
United Kingdom
United States
Elsewhere in Africa
Elsewhere in the Americas
Elsewhere in Asia
Elsewhere in Europe
Elsewhere on Earth
How big is your organization?
*
1 to 50 people
51 to 500 people
501 to 5,000 people
Over 5,000 people
Not applicable / Not sure
How many software staff are in your organization?
*
1 to 50 people
51 to 500 people
501 to 5,000 people
Over 5,000 people
Not applicable / Not sure
Is your organization publicly traded (NYSE, LSE, SHCOMP etc.)?
*
Yes
No
Not applicable / Not sure
Is your organization focused on the national or international market?
*
National market
International market
Both
Not applicable / Not sure
Does your organization have a documented strategy regarding open source?
*
Yes, it regards open source as vital
Yes, it regards open source as useful
Yes, it regards open source as problematic
No, there is not open source strategy
My organization has a mixed attitude towards open source
Not applicable / Not sure
Has your organization changed its strategy on open source over time?
*
Yes, our stance has changed over time
No, we have always held the same position
Not applicable / Not sure
Why does your organization think open source is vital or useful?
*
Access to technology that is hard to make in-house
Access to technology that is expensive to make in-house
Low cost due to shared development burden
Increased speed getting products or services to market
Easier to fix security issues
It helps with customer relationships or sales
It helps with supplier relationships or procurement
It helps with staff recruitment
Not applicable / Not sure
Required
Why does your organization think open source is problematic?
*
Licensing concerns
Security concerns
Architecture (overall design) concerns
Difficult to choose appropriate software components
Difficult to maintain community relationships
Difficult to get commercial support
Hard to find suitable staff
Actual cost is higher than in-house development
Not applicable / Not sure
Required
How do you use open source?
*
We use open source for internal codebases
We use open source for external codebases
We use open source for both internal and external codebases
Not applicable / Not sure
If you use open source internally, how do you use it?
*
We use open source unmodified
We customize open source
We use open source both unmodified and customized
Not applicable / Not sure
If you use open source externally, how do you use it?
*
We use open source unmodified
We customize open source
We use open source both unmodified and customized
Not applicable / Not sure
Do you have dedicated personnel for open source strategy and management?
*
Yes, we have a dedicated Open Source Program Office (OSPO)
Yes, we have a virtual OSPO (part-time)
No, but we have personnel doing open source strategy and management
No, we do not have personnel doing open source strategy and management
Not applicable / Not sure
If you have an OSPO, does it have a budget?
*
Yes, it has yearly budget
Yes, it has an ad hoc budget
Yes, it is a hybrid model with a mixture of budgeted and volunteer staff
No, it has no budget
Not applicable / Not sure
If you have a virtual OSPO (part-time), does it have a budget?
*
Yes, it has yearly budget
Yes, it has an ad hoc budget
Yes, it is a hybrid model with a mixture of budgeted and volunteer staff
No, it has no budget
Not applicable / Not sure
If you have no OSPO but personnel are doing open source strategy and management, is this essentially a volunteer activity?
*
Yes, it is in addition to their regular work
No, it is considered part of their regular work
Not applicable / Not sure
How many Full Time Equivalent (FTE) resources are assigned to open source strategy?
*
1 to 5
6 to 10
10 or more
Not applicable / Not sure
Other:
How do you choose open source for use in your organization?
*
The engineering teams check the packages they want to use are on the approved list of software packages maintained in the organization
The engineering teams get approval for the packages they want to use one-by-one
The engineering teams check the license of the packages they want to use are approved license type
The engineering teams check the packages they want to use are developed and released by approved open source projects
Each engineering team uses a different process
The process for using open source is not formalized
Not applicable / Not sure
Required
Has your organization changed its criteria for using open source over time?
*
Yes, our stance has changed over time
No, we have always held the same position
Not applicable / Not sure
Do you have a documented open source policy for everyone in the organization to follow?
*
Yes, we have a documented organization policy
Yes, we have documented policies in sections of our organization
No, we do not have a documented policy
Not applicable / Not sure
What are your main criteria for allowing open source code to be used?
*
Project governance
Licensing choice
Security processes
Market adoption
Commercial support
Community size
Price
Not applicable / Not sure
Required
Does your organization contribute back to open source projects?
*
Yes, we have a general strategy to contribute upstream
Yes, we contribute back on a case-by-case basis
No, we have a general strategy not to contribute upstream
Not applicable / Not sure
Does your organization create new open source projects?
*
Yes, we release open source projects
No, we do not release open source projects
Not applicable / Not sure
Has your organization changed its position on creating new open source projects over time?
*
Yes, our stance has changed over time
No, we have always held the same position
Not applicable / Not sure
How do you address open source license compliance?
*
We have organizational processes to check for license compliance
We have organizational processes and automation to check for license compliance
We have department-level processes to check for license compliance
We have department-level processes and automation to check for license compliance
We do it on a case-by-case basis
We do not have processes or approaches to address open source license compliance
Not applicable / Not sure
How do you address open source export-control?
*
We have organizational processes to check for export-control
We have organizational processes and automation to check for export-control
We have department-level processes to check for export-control
We have department-level processes and automation to check for export-control
We do it on a case-by-case basis
We do not have processes or approaches to address open source export-control
Not applicable / Not sure
How do you address open source security?
*
We have organizational processes to check for security
We have organizational processes and automation to check for security compliance
We have department-level processes to check for security
We have department-level processes and automation to check for security
We do it on a case-by-case basis
We do not have processes or approaches to address open source security
Not applicable / Not sure
Do you use open source tooling (automation) for license compliance, export-control or security?
*
Yes, we use open source tooling for our compliance processes
Yes, we use a mixture of open source and proprietary tooling for our compliance processes
No, we only use proprietary tooling for our compliance processes
Not applicable / Not sure
How often do you check for license compliance issues?
*
We check inbound, during the development process and outbound
We check inbound
We check during the development process
We check outbound
We check inbound and during development
We check during development and outbound
We check inbound and outbound
Not applicable / Not sure
How often do you check for export-control issues?
*
We check inbound, during the development process and outbound
We check inbound
We check during the development process
We check outbound
We check inbound and during development
We check during development and outbound
We check inbound and outbound
Not applicable / Not sure
How often do you check for security issues?
*
We check inbound, during the development process and outbound
We check inbound
We check during the development process
We check outbound
We check inbound and during development
We check during development and outbound
We check inbound and outbound
Not applicable / Not sure
Do you use open source engagement / maturity as a criteria in Mergers and Acquisitions (M&A)?
*
Yes
No
Not applicable / Not sure
Could a lack of open source engagement / maturity be a blocker in Mergers and Acquisitions (M&A)?
*
Yes
No
Not applicable / Not sure
Are you aware of the OpenChain ISO/IEC 5230:2020 standard for open source license compliance?
*
Yes
No
Not applicable / Not sure
Are you aware of the SPDX ISO/IEC 5962:2021 standard for software bill of materials?
*
Yes
No
Not applicable / Not sure
Do you use the OpenChain ISO/IEC 5230:2020 standard for open source license compliance?
*
Yes, we use it for all our open source activities
Yes, we use it for some open source activities
No, we do not use it
Not applicable / Not sure
Do you use the SPDX ISO/IEC 5962:2021 standard for software bill of materials?
*
Yes, we use it for all our open source activities
Yes, we use it for some open source activities
No, we do not use it
Not applicable / Not sure
Do you use other formal International Standards (like ISO) for open source management?
*
Yes
No
Not applicable / Not sure
Do you use other de-facto industry standards (like CycloneDX) for open source management?
*
Yes
No
Not applicable / Not sure
Do you have membership in organizations promoting collaboration around open source projects?
*
Yes, we are a member of the Linux Foundation
Yes, we are a member of the Eclipse Foundation
Yes, we are a member of the Apache Software Foundation
Yes, we are a member of the OpenAtom Foundation
No, we do not participate in these organizations
Not applicable / Not sure
Required
Has open source engagement improved your relationship with suppliers?
*
Yes
No
Not applicable / Not sure
Has open source engagement improved your relationship with customers?
*
Yes
No
Not applicable / Not sure
Has open source engagement improved your relationship with competitors?
*
Yes
No
Not applicable / Not sure
Submit
Clear form
Never submit passwords through Google Forms.
This content is neither created nor endorsed by Google.
Report Abuse
-
Terms of Service
-
Privacy Policy
Forms