Almost two years ago, The Linux Foundation launched the Open Compliance Program  to help companies manage their end-to-end open source license compliance processes. We have continually added papers , training , tutorials , and dedicated Legal/Compliance session tracks at conferences like Collaboration Summit  to help make compliance processes easier to understand, and more cost-effective to implement.
Today, we are releasing a new template  that will help companies manage the flow of data through the compliance process.
License compliance best practices require complete and accurate information about FOSS components being incorporated into the software supply chain. This requires a continual focus on ensuring the right information is collected and archived when a new FOSS component is to be introduced into a software product, from initial request to final shipment.
To help with this process we've just published a template for collecting information about a FOSS  component and its usage, so that when a request is made to the company's internal open source review board, it can be easily and thoroughly evaluated. This template will also help development organizations spend less time re-submitting missing data, and a standardized format can accelerate the approval process.
We will publish additional templates for usage guidelines, due diligence on a supplier's FOSS compliance practices, and more over the coming months. In the meantime, we encourage you to download and reuse the request template . And as always, if you need additional guidance on designing your FOSS compliance program, we can help with that too.