We maintain OpenChain ISO/IEC 5230, the international standard for open source license compliance programs, and OpenChain ISO/IEC 18974, the industry standard for open source security assurance programs.
Our vision is a supply chain where open source is delivered with trusted and consistent process management information. Our mission is to make that happen.
The OpenChain Project has an extensive global community of over 1,000 companies collaborating to make the supply chain quicker, more effective and more efficient. We work with our sister projects at The Linux Foundation like SPDX (SBOM), OpenSSF (Security), TODO Group (OSPO) and CHAOSS (Metrics) to help drive forward business management of open source.
Our community also develops best practices to reduce friction and increase efficiency across all aspects of open source process management. Everyone is invited to be part of what we do. There are no restrictions to join our mailing lists, our calls and most of our events.
We have an extensive library covering everything from making an open source policy to training your staff to making decisions around risk allocation.
-
Industry
-
IT Services and IT Consulting
-
Company size
-
2-10 employees
-
Headquarters
-
San Francisco, California
-
Type
-
Nonprofit
-
Founded
-
2016
-
Specialties
-
Open Source, Compliance, Supply Chain, Best Practices, Processes, Standardization, Industry Standard, Free Software, Community, Intellectual Property, Standard, Security, Process Management, Open Source License Compliance, Open Source Security Assurance, FinOps, InnerSource, OSPO, IP, and Legal