OpenChain ISO/IEC 5230:2020 is the International Standard for open source license compliance. ISO/IEC 18974:2023 OpenChain Security Assurance Specification is the industry standard for open source security assurance. They are both suitable for companies of all sizes and in all sectors.
You can choose between self-certification, independent assessment or third-party certification for either standard. Our recommendation is to start with self-certification and a narrowly-scoped program. We provide free short, simple checklists or questionnaires to do this with “yes” or “no” questions.
If you can answer yes to everything it means you are self-certified. If you answer no to a few questions, it means you can focus resources on key areas of process improvement.