Building Trust in the Supply Chain Since 2016
Our vision is a supply chain where open source is delivered with trusted and consistent process management information. Our mission is to make that happen.
The OpenChain Project has an extensive global community of over 1,000 companies collaborating to make the supply chain quicker, more effective and more efficient. We work with our sister projects at The Linux Foundation like SPDX (SBOM), OpenSSF (Security), TODO Group (OSPO) and CHAOSS (Metrics) to help drive forward business management of open source.
We Maintain Standards
- OpenChain ISO/IEC 5230
The international standard for open source license compliance programs - OpenChain ISO/IEC DIS 18974
The industry standard for open source security assurance programs
Research indicates that 20% of German companies with over 2,000 employees have already implemented ISO/IEC 5230.
Source: Bitkom Open Source Monitor 2021
We Develop Best Practices
Our community develops best practices to reduce friction and increase efficiency across all aspects of open source process management. Everyone is invited to be part of what we do. There are no restrictions to join our mailing lists, our calls and most of our events.
We have an extensive library covering everything from making an open source policy to training your staff to making decisions around risk allocation.
Check out the OpenChain Reference Library on GitHub
ISO/IEC 5230 or ISO/IEC DIS 18974 Programs Announced Via Our Website
