What Is This?
OpenChain ISO/IEC 5230:2020 defines the key requirements of a quality open source license compliance program.
What Does It Do?
The OpenChain ISO/IEC 5230:2020 helps organizations manage open source licensing requirements for past, current and future products or services.
It identifies:
- The key places to have license compliance processes
- How to assign roles and responsibilities
- And how to ensure sustainability of the processes
The OpenChain ISO/IEC 5230:2020 is lightweight, easy to read and is supported by our global community with free reference material and conformance resources.
ISO/IEC 5230 Conformant Programs Announced Via Our Website
Get the Current Standard
Adopt the Standard
Report Your Adoption
Past Versions of the Standard
History
This specification is built from the Security Assurance Reference Guide. It went through a final approval process via editing on our specification list and calls, before graduating to a governing board vote to transform into a published security specification on 2022-09-14.
History
This specification was developed by over 100 contributors in the 2014~2016 before its first public release as OpenChain 1.0 in October 2016. It was submitted to the ISO/IEC JTC-1 PAS Transposition Process in April 2020. It graduated as ISO/IEC 5230:2020 in December 2020.
Improving OpenChain ISO/IEC 5230:2020
OpenChain ISO/IEC 5230:2020, the International Standard for open source license compliance, is available for everyone to review, adopt and to submit suggestions for improvement. We collect these comments on the OpenChain ISO/IEC 5230:2020 GitHub Repository. You can add your comments in the “Issues” section.
You can also send questions and feedback to the mailing list or by email to the OpenChain Project administration team if you prefer to remain anonymous.
