As a result of the growing need for suitable and effective FOSS compliance processes, most companies are recreating almost identical internal procedures and policies and thereby replicating efforts, wasting time and money. To reduce friction and transaction costs in today’s software supply chain, the OpenChain workgroup was established to identify common best practices in compliance programs that should be applied across a supply chain for efficient and effective compliance with open source licenses. Compilation and documentation of these best practices will result in the first attempt to standardize the future software supply chain by introducing a new conformity assessment standard that specifies a minimum standard for
a) reliable internal processes and
b) educated and well informed personnel.
See OpenChain Project for more details.
The current outline of the OpenChain conformance specification is available here.
The OpenChain curriculum is available here.
A link to the online self certification web app can be found here.