ISO 5230 OpenChain Standard
The OpenChain Project is a Linux Foundation initiative with the objective of building trust in Open Source Software by making Open Source License compliance simpler and more consistent. In December 2020 the OpenChain Specification was ratified and published as an ISO standard, ISO 5230 OpenChain Standard.
The core of the OpenChain is the OpenChain Specification which defines a set of requirements every quality compliance program must satisfy. There is a training curriculum which provides the educational
foundation for how to manage open source software supply chains. Source Code Control have created a bespoke training program based on this curriculum.
Conformance allows organisations to display and promoted their adherence to these requirements. The result is that Open Source Software license compliance becomes more predictable, understandable and efficient for participants of the software supply chain.
A conformant organisation can advertise this fact on their website and promotional material, helping to ensure that potential suppliers and customers understand and can trust their approach to Open Source Software compliance.
The OpenChain Project builds trust in Open Source by making Open Source license compliance simpler and more consistent. The OpenChain Specification defines a core set of requirements which every quality compliance program must satisfy. The OpenChain Curriculum provides the educational foundation for Open Source processes and solutions, whilst meeting a key requirement of the OpenChain Specification. OpenChain Conformance allows organisations to display their adherence to these requirements. The result is that Open Source license compliance becomes more predictable, understandable and efficient for participants of the software supply chain.
ISO 5230 OpenChain Conformance
ISO 5230 has five process areas that need to be implemented to achieve conformance.
ISO 5230 OpenChain Conformance Journey
Source Code Control are an ISO 5230 OpenChain Service Provider and provide a service to guide organisations through their conformance journey.
The journey starts by benchmarking and organisation processes against the ISO 5230 OpenChain Standard. We have created an interactive assessment tool which organisations can assess their current processes against these ISO 5230. We can also independently assess and compare the two outcomes. The tool be accessed at link...
The output of the assessment defines the project plan and areas that need to be addressed in order to conform with ISO 5230. As a service provider Source Code Control have templated documents tools and processes to guide and assist organisations through the journey to conformance.
We have helped organisations of all sizes achieve conformance. See how our customer Interneuron CIC achieved ISO 523o OpenChain conformance link...