Skip to main content

Building Trust in the Supply Chain Since 2016

Our vision is a supply chain where open source is delivered with trusted and consistent compliance information. Our mission is to make that happen.

This Is Where You Will Find:

  • The ISO/IEC standard for open source license compliance programs
  • The industry standard for open source security assurance programs
  • The community that powers these standards

We maintain OpenChain ISO/IEC 5230:2020, the International Standard for open source license compliance. This is a simple, effective standard suitable for companies of all sizes in all markets. It is developed openly by a vibrant user community and freely available to all. It is supported by free online self-certification, extensive reference material and official service provider partners.

Did You Know…

20% of German companies with over 2,000 employees have already implemented ISO/IEC 5230.

Source: Bitkom Open Source Monitor 2021

ISO/IEC 5230 Conformant Programs Announced Via Our Website


We also maintain DIS 18974, OpenChain Security Assurance Specification. This industry standard describes the key requirements of a quality open source security assurance program. It is currently in the JTC-1 PAS Transposition Process and is expected to graduate mid-2023 as an ISO/IEC standard. The ISO/IEC standard is expected to be ISO/IEC 18974:2023, OpenChain Security Assurance Specification. You can adopt DIS 18974 via self-certification or through one of the official Third-Party Certification Partners. Adoption of DIS 18974 is also valid for ISO/IEC 18974:2023.

ISO/IEC DIS 18974 Conformant Programs Announced Via Our Website

Check Out Our Community Calendar

What Do You Want To Do?

Do You Want Something Else?

Get Our Help