Shane Coughlan

The OpenChain Community, with which NTT DATA has a partnership, has obtained the international standard ISO/IEC 5230:2020

The OpenChain Project, with which NTT DATA has a partnership from February 2020, goes from being the biggest and most authoritative Open Source Compliance community in the world and maintaining a de facto industry standard, into becoming the steward of the new International Standard ISO/IEC 5230:2020.

This standard specifies the key requirements of an Open Source compliance program and of its related licenses and is a reference point that creates trust between organizations exchanging solutions realized with Open Source software.

Reaching this important goal confirms and reinforces NTT DATA’s commitment to sustaining Open Source and its competencies regarding Open Source software compliance and governance, which are distinctive and unique traits of our offering.

Among non-legal Service Provider, NTT DATA is the first company in Italy to join the OpenChain Project.

SeQuenX BV, a company based in the Netherlands, is the latest vendor to join the OpenChain Project Partner program. Our collaboration will focus on ensuring that the Dutch companies have an option to consult and get support if required during ISO/IEC 5230 conformance activities. ISO/IEC 5230 is the International Standard for Open Source License Compliance.
  
“The Netherlands has an exceptional range of companies involved in technology and broader intellectual property management,” says Shane Coughlan, OpenChain General Manager. “We look forward to collaborating with SeQuenX in raising awareness and in providing support as these companies integrate ISO/IEC 5230 into their supply chains. We also invite user companies across the Netherlands to engage with the OpenChain Project directly via our regular calls, mailing list and events.”
  
“We are thrilled to be part of OpenChain and look forward to expanding the OpenChain ecosystem into the Dutch software industry,” says Shurjeel Tousif, SeQuenX CEO. “It is important to implement a proactive, comprehensive and an automated approach to third party IP compliance that integrates across the application development lifecycle. The new ISO standard benchmarks a high-quality software compliance program and we look forward in helping our customers evaluate and implement it. For more information, please visit our website.”

WhiteSource, a leader in open source security and license compliance management software, is the latest vendor to join the OpenChain Project partner program. Our collaboration will focus on ensuring user companies have freedom of choice when considering commercial automation solutions around ISO/IEC 5230 Conformance activities. ISO/IEC 5230 is the International Standard for open source license compliance.

“WhiteSource has a long history of supporting technology and broader market companies with automation around security and compliance,” says Shane Coughlan, OpenChain General Manager. “We look forward to collaborating with WhiteSource in raising awareness and in providing support as companies around the world integrate ISO/IEC 5230 into their supply chains. We also invite user companies across to engage with the OpenChain Project directly via our regular calls, mailing list and events.”

“We see many of our large customers looking to adopt license compliance standards and meet compliance standards such as ISO/IEC 5230. With the current software supply chain challenges, standardization is a key for proper communications between different teams and between vendors, especially when representing a bill of materials. We’re happy to join OpenChain, which is open and widely adopted by the industry.” Says David Habusha, VP Product at WhiteSource.

About WhiteSource

WhiteSource is the pioneer of open source security and license compliance management. Founded in 2011, its vision is to empower businesses to develop better software by harnessing the power of open source. WhiteSource is used by more than 800 customers worldwide, from all verticals and sizes, including 23% of Fortune 100 companies, as well as industry leaders such as Microsoft, IBM, Comcast, and many more. For more information, please visit www.WhiteSourceSoftware.com

About the OpenChain Project

OpenChain began when a group of open source compliance professionals met in a conference lounge and chatted about how so much duplicative, redundant open source license compliance work was being done inefficiently in the software supply chain simply. They realized that while each company did the same work behind the scenes in a different manner the output for downstream recipients could not realistically be relied on because there was no visibility into the process that generated the output.

The answer the early principles of this discussion arrived at was to standardize open source compliance, make it transparent and build trust across the ecosystem. The project began as outreach to the community with the idea of a new standard for open source license compliance with slides titled, “When Conformity is Innovative.” A growing community quickly recognized the value of this approach and contributed to the nascent collaboration soon named The OpenChain Project.

We have added French, Hebrew, Hindi, Italian, Russian and Spanish to our self-certification questionnaire. This means that anyone in the world can now self-certify to ISO/IEC 5230 (OpenChain 2.1) for free in:

• Chinese Simplified
• Chinese Traditional
• English
• French
• German
• Hebrew
• Hindi
• Italian
• Japanese
• Korean
• Russian
• Spanish

Get Started

• https://certification.openchainproject.org/

Learn More About The Process

• https://www.openchainproject.org/get-started/conformance