After a review cycle with ISO/IEC WG/SC27 the OpenChain Security Assurance Specification 1.1 is now available.
The OpenChain Security Assurance Specification 1.1 is being prepared by the Joint Development Foundation for submission to ISO/IEC JTC-1 via the PAS Transposition Process. We expect the specification to graduate as an ISO/IEC International Standard in mid-2023. Meanwhile, it is ready for market adoption as a de facto industry standard.
It helps organizations identify:
- The key places to have security processes
- How to assign roles and responsibilities
- And how to ensure sustainability of their approach
Like OpenChain ISO/IEC 5230, the International Standard for open source license compliance, the OpenChain Security Assurance Specification 1.1 is lightweight, easy to read and will be extensively supported by our global community with free reference material and conformance resources.