The fifth edition of the seminal open source compliance book by Dr Till Jaeger and Professor Axel Metzger is now out in German. This updated edition features OpenChain prominently in the compliance chapter, further solidifying our place in the larger software governance ecosystem, and ensuring a new audience can understand our role in defining the key requirements of quality open source compliance programs. While an English version of this book is not available, OpenChain has an extensive and growing German Work Group, and we hope this text may be useful in discussions with suppliers.
Fiducia & GAD came third in the public award voting AND received the special Jury Award at the recent SAM Strategies event held in Germany. Stefan Thanheiser and his team have spearheaded the topic of open source license compliance in software asset management, and have been an early participant in the OpenChain Project German community as we formalize the key requirements of quality open source compliance programs. We are delighted to celebrate their work and promotion of OpenChain in Germany and beyond.
Jan Thielscher and his team at EACG have prepared a one-slide overview of the OpenChain Project. Clear, easy-to-digest communication is critical as OpenChain expands and our industry standard for open source compliance is more widely adopted. We deeply appreciate all the work by our users and partners in helping with this process.
The EACG overview material is licensed under CC-BY-SA-4.0. It is not part of our CC-0 reference library but it is freely available.
As part of the OpenChain Project’s ongoing commitment to providing a large library of useful reference material, and thanks to the kind contribution of Ibrahim Haddad, we are delighted to release a series of draft worksheets to help companies with their governance activities. This material is sourced from Ibrahim’s book ‘Assessment Of Open Source Practices As Part Of Due Diligence In Merger and Acquisition Transactions’. You can get the full book for free on the Linux Foundation website.
The Draft Worksheets Cover
Adaption of Business Processes
Automation and Tool Support
Community Contributions
Compliance Process Management
Compliance Staffing
Discover of Open Source Software
Obligation Satisfaction
Open Source Software Inventory
Policy
Process Adherence
Review and Approval of the Usage of Open Source Software
Training
Verification
As usual this additions to the OpenChain Project library are under CC-0. We look forward not only to your use of this material, but also your help in further improving it over time.
SAN FRANCISCO, MARCH 5, 2020 – The OpenChain Project is delighted to announce that id est avocats is our latest partner organization. A boutique corporate and technology law firm based in Switzerland, id est avocats provides an exceptional bridge into industry sectors where OpenChain will become increasingly important.
id est avocats has a strong track record helping innovative
businesses, successful entrepreneurs, top VCs and global brands navigate
today’s digital world, and is also regularly trusted by large Swiss and
international companies for their expertise in technology,
life sciences and media sectors, but also in M&A transactions and financing.
“Open source has always been in the firm’s
DNA; becoming a partner of OpenChain is for us a natural step” says
Michel Jaccard, id estavocats’
founder and partner. “With its focus on excellence and on building positive
long-term relationships, there is also a clear alignment in values between our
firm and the OpenChain Project” adds Juliette Ancelle, who heads the IP
practice at the firm.
The OpenChain standard defines inflection points in business
workflows where a compliance process, policy or training should exist
to minimize the potential for errors and maximize the efficiency of
bringing solutions to market. The companies involved in the OpenChain
community number in the hundreds. The OpenChain standard is being prepared
for submission to ISO and evolution from de facto into a formal
standard this year.
“The OpenChain Project has a strong emphasis
on ensuring the support infrastructure for adoption is as comprehensive as
possible as we complete the ISO process,” says Shane Coughlan, OpenChain
General Manager. “Michel Jaccard and the team at id est avocats have
exceptional knowledge in this field and provide us with a substantial increase
in coverage and knowledge throughout the OpenChain Partner Program.”
About id
est avocats
id est avocats (www.idest.pro) is an award
winning boutique law firm based in Switzerland, specialized in advanced
technologies, intellectual property, corporate finance and acquisitions. The
firm places industry knowledge at the heart of its activity and enjoys
well-established relationships with global brands, prominent entrepreneurs,
institutional investors, international groups and many CEOs and owners of
businesses that it has assisted in growth, acquisitions, combinations,
restructurings, and exits. The firm regularly interacts
with law firms from across the world, and is well connected with multinational
practices based in key European markets, in the United States and in Asia.
About the OpenChain Project
The OpenChain Project builds trust in open
source by making open source license compliance simpler and more
consistent. The OpenChain Specification defines a core set of
requirements every quality compliance program must satisfy. The
OpenChain Curriculum provides the educational foundation for open
source processes and solutions, whilst meeting a key requirement of
the OpenChain Specification. OpenChain Conformance
allows organizations to display their adherence to these
requirements. The result is that open source license compliance
becomes more predictable, understandable and efficient for participants
of the software supply chain. More information can be found at www.openchainproject.org.
About The Linux Foundation
The Linux Foundation is the organization of
choice for the world’s top developers and companies to build ecosystems
that accelerate open technology development and industry adoption.
Together with the worldwide open source community, it is solving the
hardest technology problems by creating the largest shared technology
investment in history. Founded in 2000, The Linux Foundation today
provides tools, training and events to scale any open source project,
which together deliver an economic impact not achievable by any
one company. More information can be found at www.linuxfoundation.org.
The Linux Foundation has registered trademarks and uses trademarks. For a
list of trademarks of The Linux Foundation, please see our trademark
usage page: https://www.linuxfoundation.org/trademark-usage.
Linux is a registered trademark
of Linus Torvalds.
The OpenChain Project has a comprehensive reference library covering all aspects of open source compliance management, including numerous resources related to training, policy and process content. This official and community-sourced reference material has been extensively reordered to allow easier discovery of content and to provide a multi-language first approach.
This involved consolidating 43 repositories into 1 to ensure anyone can quickly access, download, share and remix our extensive CC-0 material, while also being able to access, download and share case studies and similar material under different licenses.
At the same time as reorganizing the 395 documents in the reference library we took the opportunity to make the official Specification and translation easier to browse, to make our community image assets simpler to access, and to locate the project charter and other official agreements in a single location.
We invite you to check out the results and to help us expand, improve and translate the material ahead of becoming an ISO standard.
All Reference Material and Translations in One Location
We had an excellent OpenChain Global First Monday call. It covered a lot of news and we had a robust, useful discussion on some items in the specification.
We are delighted to announce that Moxa is our latest Platinum Member company. As a leading provider of industrial edge-to-cloud connectivity and computing solutions for Industrial Internet of Things (IIoT) environments, Moxa has demonstrated its continuous commitment to open source compliance to enable advanced industrial networking and communications applications for the IIoT world.
“Moxa is thrilled to join the OpenChain Project to demonstrate our commitment in supporting open source compliance standard,” said Andy Cheng, President of Strategic Business Unit at Moxa. “Moxa has been a strong supporter of the Linux Foundation for some of its important projects such as Civil Infrastructure Project (CIP) for long-term support Linux distribution. We are now looking forward to working closely with the OpenChain community for industry standards of open source compliance.”
OpenChain + SPDX Lite – Credit where Credit is Due The OpenChain Japan Work Group has run an active licensing sub-work group throughout 2019. Their activity has been focused on practical applications of a streamlined Software Bill of Materials using core attributes of SPDX. Now that the work is advanced, collaboration with the SDPX Project is fully established, and we are heading into production it is time to highlight the individuals behind this initiative. Find out more: https://www.openchainproject.org/news/2020/02/24/openchain-spdx-lite-credit-where-credit-is-due
PwC offers Open Source Software management compliance attestation according to the OpenChain industry standard. Thanks to a global PwC reporting platform, the report can be made available to all clients, effectively demonstrating the professional and appropriate handling of Open Source Software.
Suppliers will benefit from PwC OSS certification in invitations to tender, in the initiation of contracts and in negotiations with purchasing departments. At the same time, they will benefit from the outwardly presentable proof of OSS compliance when selling their products and services, as they create confidence in their products