This interactive ISO 5230 OpenChain assessment tool comprises 53 questions designed to evaluate your environment and readiness for managing Open Source License Compliance within your software supply chain. The majority of the questions are 'Yes' or 'No' choices, while some are matrix-based, requiring you to indicate the level of importance and your current level of practice. Your responses will help us identify any gaps and areas for improvement

The following areas are assessed.

A. Open Source Program - Includes the program scope is clearly defined, with roles, support, and compliance procedures adequately staffed and funded

B. Awareness Program -  Includes measures and documents awareness efforts, ensuring attendees understand the program`s objectives and policies.

C. Open Source Polices - Includes license compliance, guide contributions, undergo regular reviews and are clearly communicated to staff and contributors.

D. Open Source Contribution - Includes processes are in place for employee contributions to open source, project approvals and ensuring projects are well-documented and maintained.

E. License Review & Compliance - Includes license review of obligations with processes for compliance, remediation and ensuring source code and attributions are properly managed.

F. Software Bill of Materials (SBOM) & Compliance Artifacts - SBOM's are generated and archived using SCA tools with all components and compliance artifacts maintained and archived as per procedure.

G. Legal - Legal support ensures open source license compliance, with the team reviewing obligations and aligning policies a with legal standards.

H. Addressing Open Source External Queries - A public contact for compliance issues, assigned responders, and a procedure for handling inquiries are in place.