To completely understand the role of Risk Management in Open Source Software, it is
necessary to define Open Source Software first. Open Source Software is the type of
software that is made by an individual and/or entity which can be readily used, amended and
even enhanced by other parties for their own purposes – even to the point of modifying the
Open Source Software into a new form so that these other parties can redistribute it
themselves. The source code of Open Source Software is usually provided through a license or
can be availed of under a public domain arrangement.
When one has been able to access Open Source Software, one even has the legal capacity to
market his own version of the software if he wishes. So where does Risk Management come in?
Risk Management is important when one has created Open Source Software in case the parties
that will use your Open Source Software opt to use it in ways that can be detrimental to
other people. For example, perhaps you have created Software 123 and allowed it to be
posted in the public domain. However, perhaps another party has downloaded Software 123,
amended it and embedded a virus into it somehow then released this new version as Open
Source Software as well. What if someone gets that new version, uses it and his computer
system suffers irreparable damage – would you (being the original author of the original
Software 123) be at risk somehow from litigation from the end user of the tampered version?
This is why many software developers do not create Open Source Software and protect
themselves with copyright and licensing agreements – they want to protect their product and
themselves from people who have evil intent.