This document discusses how to manage open source software (OSS) usage in a way that keeps developers happy and lawyers calm. It begins by debunking common myths about OSS, such as that it is free to use without obligations or that it does not need to be tracked. It then outlines legal, technical, and support risks of OSS usage. The document emphasizes that developers will use OSS regardless of policies and that they should be educated rather than restricted. It proposes giving developers awareness training and clear guidelines while also performing audits and reporting processes. The goal is to empower developers to identify and mitigate risks while still allowing innovation, with lawyers involved to review licensing and compliance.