Sarbanes-Oxley IT Compliance Using COBIT and Open Source Tools

In this chapter, we initially take a brief departure from Sarbanes-Oxley to discuss open source software, its developmental methodology, and some of the benefits that can be realized by its adoption into your organization. Undoubtedly, you have had some exposure to the phenomenon, whether in the actual deployment of various projects, or at the very least, you may have read about open source in trade periodicals, news publications, or other sources. The purpose of this book is not necessarily to educate you on the philosophy of open source per se, but rather to have an understanding of the underlying concepts and some of the possible misconceptions surrounding the subject so you can gain the most benefit from the technologies presented here. Before we discuss the pros and cons of the open source model, we should spend a few minutes discussing how software is developed in general, and highlight the differences between this and closed source methodology.
The General Public License (GPL) is by far the most popular, widely used, and sometimes controversial license in the open source arena; however, it is not the only one by any means. When most people talk about an open source-compatible license, they are usually referring to a license that has been reviewed and certified by the Open Source Initiative (OSI), a nonprofit organization whose sole purpose is to promote the idea of Free/Libre/Open Source Software (FLOSS). Here, we take a brief look at...