ISO/IEC 5230 OpenChain Open Source License Compliance 2021-03-30T15:07:00+00:00

ISO5230 Open-Source Licensing Compliance

The OpenChain Project  

Open source code and software has grown from an idealistic movement led by individuals around software and intellectual property to an integral resource used by government, enterprise companies, start-ups and universities.  These organisations have recognized that open source is a key part of their IT strategy and want to take part in its development.

Legacy technology companies also paying attention to open-source software and making it a priority in using open-source software for strategic development within their companies.

The Linux Foundation initiated the OpenChain Project to define an effective specification for open-source license compliance throughout the software supply chain.

Why is compliance important?

According to David Rudin, the Assistant General Counsel at Microsoft:

‘When companies, especially large enterprises, purchase software, they need to know what open source is included in the product so they can be sure to meet their compliance obligations. As supply chains grow, each link in the chain must meet its open-source obligations – a weak link means you can’t trust the code… and if you can’t trust the code… you can’t easily use it.’

The advantage of a supply chain where the members are OpenChain compliant, the use of open-source software becomes much simpler. Companies can freely use open-source software and be assured that the developer has quality governance in place to ensure the software is compliant.

Many companies such as Microsoft, Facebook, Toyota, Uber, Cisco, Siemens and Hitachi have publicly announced OpenChain conformant programs.

Introducing ISO/IEC 5230

In December 2020, the OpenChain specification was published as an industry standard by the International Organization for Standardization .

The ISO 5230 standard defines the key requirements of a robust open-source licensing compliance system, which builds trust between companies exchanging and adopting software that includes the use of open-source software.

Certification with ISO 5230

Self-certification provides an inexpensive and speedy route to compliance with ISO/IEC 5230:2020. Through our partnership with Source Code Control, a Linux Foundation partner, we can guide companies through the ISO 5230 compliance certification process which will include an external and independent certification of compliance.

source code control logo

Learn more about the OpenChain Project

Send us a Message

If you have any questions and would like to send us a message then you can use the form here. Simply fill in your details and somebody will be in touch with you.

We're committed to your privacy. Escrow London uses the information you provide to us to contact you about our relevant content and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.