The Linux Foundation continues to provide simple, straightforward guidance to organizations setting up their open source compliance programs. Last month, we released a free webinar titled “Six Tips to Getting Started With Open Source Compliance.” Before that, we published “Keys to Managing a FOSS Compliance Program.”
Now, we’ve released a freely available new white paper, “A Five-Step Compliance Process for FOSS Identification and Review” that discusses key aspects of two compliance actions: identifying open source in a product’s code baseline, and performing architecture and license reviews on the path to approving FOSS inclusion. The white paper reviews inputs, outputs, and essential process elements involved in five interrelated compliance steps: scanning source code; positively identifying FOSS, its licensing, and its provenance; reviewing licenses and license compatibility issues; reviewing architectural interactions of proprietary and open source components; and achieving final approval for FOSS use. So, download the white paper for some useful information.
Upcoming white papers will address steps involved in satisfying license obligations, and ways to work with suppliers on their compliance responsibilities. Feel free to provide suggestions for future white paper topics to
. For more LF resources on compliance, including white papers, webinars, self-assessment checklist, and open source tools, go to the Linux Foundation’s open compliance program webpage.