FOSS Compliance Practices for Supplied Software
This white paper examines compliance practices needed when software supplied by a third party vendor is brought into the code baseline of a product to be distributed externally. The white paper discusses requirements a company should impose upon its suppliers to disclose FOSS in their deliverables and to provide what’s needed to achieve compliance. The paper also discusses steps a company should take to review and validate the FOSS disclosures made by its suppliers. In addition to those topics, the white paper addresses measures a company can undertake to assess its suppliers’ compliance capabilities.
About the Author (Philip Koltun, Ph.D.)
Dr. Philip Koltun directs The Linux Foundation’s Open Compliance Program and works with the community to provide a full range of services and intellectual assets that enhance compliance activities.