I work in a big multinational company as a software engineer and I'm currently holding a very nice conversation with IT and other developers with regards to adopting a DVCS (Mercurial and/or Git).
One of the issues raised by IT was compliance and intellectual property (BTW, Perforce talks loudly about this and in relation to Git). It seems to me that IT is under the impression that because Mercurial/Git are distributed, having repositories in every developer machine is an out-of-control scenario and they would have to audit every single repository.
Another thing that I think is a concern to IT is the fact of now having "100" repositories instead of "10" humongous ones, I'm under the impression that they think their administrative effort to maintain/monitor them would grow "ten-fold". I think repository management software (Rhodecode, Atlassian Stash) would be the first step towards giving access control & traceability.
My questions are:
Is repository management software enough for a company this size (lets say ~2000 developers & ~50 Perforce depots over ~10 servers)?, to be compliant (and meet other enterprise requirements?)
What exactly is encompassed by this "compliance" requirement?, are there any references you can give (e.g. an IEEE standard or something like that)?
My company has used Perforce for ~10 years