Skip to main content

OpenChain Security Assurance Specification 1.1 – Global Support

The OpenChain Security Assurance Specification 1.1 has been building momentum as a sister specification to ISO/IEC 5230:2020, the International Standard for open source license compliance. With an identical approach to high level process management, the OpenChain Security Assurance Specification is designed to help companies adopt the key requirements of a quality open source security assurance program.

Self-certification is available in English, German and Simplified Chinese. In addition, the following companies have announced services to support adoption of this specification. Three of these organizations are OpenChain Project official third-party certifiers, and all of these companies provide onboarding, adoption and review services across the global supply chain.

CAICT (Mainland China)

CAICT is an official OpenChain Project partner and one of our third-party certifiers with a regional service offering.

Bureau Veritas (Taiwan, Worldwide)

Bureau Veritas is an official OpenChain Project partner and one of our third-party certifiers with a global service offering.

PwC (Germany, Worldwide)

PwC is an official OpenChain Project partner and one of our solution providers and third-party certifiers with a global service offering.

  • PwC OpenChain Security Assurance Specification services in English:
    https://www.pwc.de/en/opensource
    (Under ‘Consulting & Implementation’ and ‘Audit & Certification’)

Orcro (UK, Worldwide)

Orcro is an official OpenChain Project partner and one of our solution providers and third-party certifiers with a global service offering.

Source Code Control (UK, Worldwide)

Source Code Control is an official OpenChain Project partner and one of our solution providers with a global service offering.

OSS Consultants (USA, Worldwide)

OSS Consultants is an official OpenChain Project partner and one of our solution providers with a global service offering.