How to Assure Legal Compliance from Software Development to Delivery

Legal compliance in software product life cycle

From a business and product management perspective, legal compliance goes beyond the development process. It needs to be dealt with at project conception and from a customer standpoint. The critical elements of effective software IP management in an organization are:

1. The existence of an IP policy for each project undertaken, and a process to disseminate and apply it. Corporate IP policies must be based on the organization’s business goals, and they should be clear and enforceable.

2. Processes and tools for ascertaining the legal obligations and managing the IP of software created and/or acquired in the organization.

3. A Software Bill of Materials (BOM) that fully records the components in the product, their provenance and the licensing obligations they entail. An adequate BOM is instrumental in determining the legal compliance of the software.

4. Assurance and support for customers concerning the quality and IP cleanliness of software provided.

These elements provide a basis for meeting legal compliance with respect to the life cycle of the software product from conception to delivery.

Software IP management

With respect to the tools available, modern software IP management applications simplify and enable safe open source adoption, giving developers the freedom to select the best solutions in accordance with the corporate IP policy. For instance, these tools can support pedigree analysis and IP policy violation detection automatically—on demand, on schedule or even in real time within the development process. They can also provide a BOM on demand. Taken together, these IP management features deliver higher value and provide customer assurances.

The critical factors driving the economics of software IP management are the efforts to fix the software IP issues and minimize the associated delays in product introduction to market. Because of this, everything should be done to ensure its legal compliance throughout its life cycle for maximized cost efficiencies and minimized risk. As companies continue to leverage third-party code during the software development process, legal compliance issues become increasingly integral to business priorities. 

Sorin Cohn-Sfetcu is involved in Marketing at Protecode. Sorin brings over 30 years of entrepreneurial involvement in technology and business management in multinational (Nortel) and small companies, with a significant portfolio of market successes, innovative products and publications. Sorin holds several patents in Web services, wireless, and digital signal processing. Sorin has a Ph.D. from McMaster University, a Masters of Science degree from University of Calgary, and a Masters of Engineering degree from Polytechnic Institute of Bucharest. He can be reached at scohn@protecode.com.

Kamal Hassin is responsible for product portfolio capabilities at Protecode. Kamal is a thought leader in the area of open-source licensing. Kamal is the author or co-author of a number of papers on Software Intellectual Property management. Kamal has a Bachelor of Engineering degree and a Masters degree in Technology Innovation Management from Carleton University. He can be reached at khassin@protecode.com.