Bob Sutor discusses open source governance for organizations. He emphasizes that organizations need to have proper legal controls and business processes for dealing with open source software. This includes knowing what open source is used internally and in products, as well as policies, tools, education, and processes for open source use and contribution. IBM's experience shows that open source governance requires balancing open and proprietary approaches, managing risks, and having strategic reasons for using open source. Developing open source policies collaboratively, with education, is key.