Building Trust in the Supply Chain Since 2016
Our vision is a supply chain where open source is delivered with trusted and consistent compliance information. Our mission is to make that happen.
This Is Where You Will Find:
- The ISO/IEC standard for open source license compliance programs
- The industry standard for open source security assurance programs
- The community that powers these standards
We maintain OpenChain ISO/IEC 5230:2020, the International Standard for open source license compliance. This is a simple, effective standard suitable for companies of all sizes in all markets. It is developed openly by a vibrant user community and freely available to all. It is supported by free online self-certification, extensive reference material and official service provider partners.
Did You Know…
20% of German companies with over 2,000 employees have already implemented ISO/IEC 5230.
Source: Bitkom Open Source Monitor 2021
ISO/IEC 5230 Conformant Programs Announced Via Our Website
We also maintain DIS 18974, OpenChain Security Assurance Specification. This industry standard describes the key requirements of a quality open source security assurance program. It is currently in the JTC-1 PAS Transposition Process and is expected to graduate mid-2023 as an ISO/IEC standard. The ISO/IEC standard is expected to be ISO/IEC 18974:2023, OpenChain Security Assurance Specification. You can adopt DIS 18974 via self-certification or through one of the official Third-Party Certification Partners. Adoption of DIS 18974 is also valid for ISO/IEC 18974:2023.