If you are not familiar with "creating an open source policy" you may want to first learn more by reading the corresponding article.
Having an open source policy is already a great step. But how to make sure, it is read and understood? How do you propagate changes?
TrustSource - starting from the corporate editions - provides the compliance manager with a simple solution: The policy upload. As a compliance manager you see an additional topic "Policies" in the the "Knowledge" section of the navigation bar. Clicking there allows you to see the history of policies you have provided or upload a new one (version).
Uploading a policy document
To upload a policy select the "POLICY" menu and click on the "upload new policy" button below the menu name.
A modal window opens allowing you to define a name for the policy. We suggest to give a meaningful name and add a version number. This will allow you to keep track of updates, e.g. "MyComp OpenSourcePolicy v1.0". Even if you do not see the policy to be changed that often, it helps to clarify the current version.
Then select the file to upload from you local disc or share. Please bear in mind that the file should not exceed 20 MB in size. Despite TrustSource supporting all kind of different formats such as PPTX or DOCX, we would recommend using PDF. In general it is most likely to be readable by everyone and will reduce criticism by those not willing to accept.
Also we would advise to provide the policy in presentation style instead of a book format. Books - or long articles - are less likely to be read. Summaries in form of a presentation typically receive much more attention.
In the field "Summary of changes" you may give a brief summary of the changes, e.g. "new process definition for requesting whitelist changes, adotped definition of trade secrets for public projects,..."
Deciding on distribution
In the "Notify users" section you may select the group of users that shall be informed of these changes. This allows to keep minor changes such as text updates or interpretation hints on a specific group or ensure that major process changes will be transported to all users.
As soon as you click "Create Policy" the document will be uploaded and it is available at the platform. As soon as you activate it, all logins will get the document presented. They will see the summary and a link to download / open the document.
PLEASE NOTE (Removal of Policies):
You may remove any uploaded document as long as it has not been presented to more than one person. To make it available for users, you have to activate it. Right from that point in time, it will be presented. The first person is assumed to be you, testing the presentation. That's why 1 visitor is accepted. the 2nd could be someone else. For reference purposes it should not be possible to remove the policy once it has been seen by your users. However, you still may upload a new document and activate it. This will - from the users perspective - replace the older document.
Followup and confirmation
The users being presented the update has two choices. Either he opens the document and confirms he has read it, or he will get the document presented every 24hrs until he confirms having seen and read the contents. However, he is not forced to confirm the reading as many people might want to continue working and read procedural advice such as policies after doing their current tasks.
Therefor the systems allows the compliance manager to keep track of the number of presentations and confirmations, so that he may contact outstanding confirmations and thus make sure the policy really will actively be consumed.