FOSS Compliance Certification Program The Linux Foundation.

Slides:



Advertisements
Similar presentations
MONITORING OF SUBGRANTEES
Advertisements

[INSERT APPLICABLE REGIONAL ENTITY NAME/LOGO] [ENTITY NAME] [FUNCTION CERTIFYING] Certification [LOCATION] – [DATES OF ON-SITE VISIT] [Presenter Name,
Back to Basics David L. Presuhn Manager Configuration Management and Product Definition Integration Boeing Commercial Airplanes.
The ISO 9002 Quality Assurance Management System
ISO 9000 Quality Management Systems Program Evaluation and Audit Verl ‘Andy’ Anders 1, Merle Pochop 2, Chad M. Laux 3 1 Industrial Specialist, Center for.
BSBPMG408A Apply Contract and Procurement Procedures Apply Contract and Procurement Procedures Unit Guide C ertificate IV in Project Management Qualification.
Grade 12 Subject Specific Ministry Training Sessions
Purpose of the Standards
Protection Against Occupational Exposure
Welcome ISO9001:2000 Foundation Workshop.
Fundamentals of ISO.
Internal Auditing and Outsourcing
NVLAP Overview and Accreditation Process March 2006.
A SOUND INVESTMENT IN SUCCESSFUL VR OUTCOMES FINANCIAL MANAGEMENT FINANCIAL MANAGEMENT.
ISO Quality management International Organization for Standardization International Organization for Standardization It addresses various aspects.
CHAPTER 5 Infrastructure Components PART I. 2 ESGD5125 SEM II 2009/2010 Dr. Samy Abu Naser 2 Learning Objectives: To discuss: The need for SQA procedures.
Roles and Responsibilities
BSBPMG404A Apply Quality Management Techniques Apply Quality Management Techniques Unit Guide C ertificate IV in Project Management Qualification.
March 26-28, 2013 SINGAPORE CDIO Asian Regional Meeting and Workshop on Engineering Education and Policies for Regional Leaders Programme Evaluation (CDIO.
BSBPMG405A Apply Human Resource Management Approaches Apply Human Resource Management Approaches Unit Guide C ertificate IV in Project Management
© Mahindra Satyam 2009 Decision Analysis and Resolution QMS Training.
1 Thank you for visiting our site and welcome to the “Introduction to ISO 22000” Presentation that you requested. For more information.
Monitoring & Evaluation. Objective Learn the why, what and how-to approach to monitoring Review monitoring techniques and define the roles monitoring.
1 Implementing a Business Management System compliant to ISO 9001:2000.
Programme Objectives Analyze the main components of a competency-based qualification system (e.g., Singapore Workforce Skills) Analyze the process and.
BSBPMG505A Manage Project Quality Manage Project Quality Unit Guide Diploma of Project Management Qualification Code BSB51507 Unit Code BSBPMG505A.
AET0012PPT by Dr. Anwar El-Tawil Dr. Anwar El-Tawil Director ISO Programme for Developing Countries QUALITY MANAGEMENT SYSTEM ACCORDING TO.
QUALITY MANAGEMENT STATEMENT
Company Confidential Registration Management Committee RMC Auditor Workshop Charleston, SC July Supplemental Oversight AS9104/2A & Special.
Purpose: The purpose of CMM Integration is to provide guidance for improving your organization’s processes and your ability to manage the development,
Unit-5 Introduction to IS/ISO 9004:2000 – quality management systems – guidelines for performance improvements. Presented by N.Vigneshwari.
BSBPMG408A Apply Contract and Procurement Procedures Apply Contract and Procurement Procedures Unit Guide C ertificate IV in Project Management Qualification.
Assessment Design and its relationship to NARS and ILOs Arthur Brown Advisor to the Quality Assurance and Accreditation Project Republic of Egypt.
Assessment Validation. MORE THAN YOU IMAGINE ASQA (Australian Skills Quality Authority) New National Regulator ASQA as of 1 July, 2011.
Session 12 Information management and security. 1 Contents Part 1: Introduction Part 2: Legal and regulatory responsibilities Part 3: Our Procedures Part.
Employee Orientation to ISO Sygnetics, Inc. is committed to quality. ‘Quality’ is the ability to consistently produce a product or service that.
28 June 2016 | Proprietary and confidential information. © Mphasis 2013 Audit and its classifications Mar-2016 Internal Auditor Training.
ISO Certification For Laboratory Accreditation ISO Certification For Laboratory Accreditation.
ISO 9001: 2015 BUSINESS PROCESS IMPLEMENTATION GENERAL AWARENESS
Centre for Development of Advanced Computing Chennai 103/1/12 Open Source Compliance Program Vidhyalakshmi A CDAC chennai
BSBPMG404A Apply Quality Management Techniques Apply Quality Management Techniques Unit Guide C ertificate IV in Project Management Qualification.
UNDERSTANDING ISO 9001:2008.
Transitional ISO 9001:2015 Internal Audit
WRTVC INTERNATIONAL GUIDELINES Requirements for
OpenChain Meeting 2/3/15.
Data Minimization Framework
Subject : Management I Electrical A Sem III
Data Architecture World Class Operations - Impact Workshop.
MANAGING HUMAN RESOURCES
Iowa Teaching Standards & Criteria
Service Organization Control (SOC)
Fundamentals of ISO.
UNIT V QUALITY SYSTEMS.
Построение культуры integrity в компании Aнар Каримов партнёр «ЭКВИТА»
FOSS Compliance Certification Program
[INSERT APPLICABLE REGIONAL ENTITY NAME/LOGO]
UNLV Data Governance Executive Sponsors Meeting
Lockheed Martin Canada’s SMB Mentoring Program
Purpose of Ethical Standards
Ethics as Culture key elements
Introduction to ISO & The Quality Process.
Quality Management System ISO 9001:2008
Chapter # 8 Quality Management Standards
How to conduct Effective Stage-1 Audit
QA Reviews Lecture # 6.
Eloise Forster, Ed.D. Foundation for Educational Administration (FEA)
ISO 9001.
Ethics as Culture key elements
TLQAA STANDARDS & TOOLS
HR AUDIT (An Early Evaluation System) (An Early Evaluation System) S.Jayaprakash., M.Sc (IT), PGD.HRM, DLL & AL.
Presentation transcript:

FOSS Compliance Certification Program The Linux Foundation

Basic elements of a certification program A purpose or motivation for certification Sponsors or customers that require suppliers to be certified A standard or reference model to certify against A certification or appraisal methodology and trained appraisers A certificate designating the supplier’s certification achievement 2

Certification is based on a key principle Process matters: A repeatable and systematic compliance process is required to achieve FOSS compliance consistently and routinely Certification appraises a supplier’s process as a predictor of eventual compliance success. Certification addresses conformance to a standard rather than business efficiency  Appraisals certify that process goals have been achieved rather than that specific practices and/or tools are used The Linux Foundation Confidential3

Open Certification Proposal Reference model  Grounded in Self-Assessment Checklist  Proposes 6 compliance goals:  G1. Everyone knows their FOSS responsibilities  G2. Responsibility for achieving compliance is assigned  G3. FOSS content (packages/licenses) is known  G4. FOSS content is reviewed and approved  G5. FOSS obligations are satisfied  G6. Community contributions are encouraged  At least two possible certification approaches, based on goals and sub-goals:  Multi-level: Initial, Basic, Advanced  Single level: Certified, Uncertified  Community consensus will be needed about the reference model The Linux Foundation Confidential4

Certification appraisal methodology On-site appraisal involving interviews and examination of evidence  The Self-Assessment Checklist will provide the primary guide for interviews and data collection  Responses  Goal/Sub-goal satisfaction  Certification level Other appraisers (in addition to LF) could be trained and authorized to conduct certification appraisals The Linux Foundation Confidential5

Back-up: Reference Model The Linux Foundation Confidential6

GoalG1. Everyone knows their FOSS responsibilities SP1.1 FOSS policy exists SP1.2 FOSS compliance training program actively used Supporting practices

GoalG2. Responsibility for achieving compliance is assigned SP2.1 FOSS Compliance Officer exists SP2.2 Compliance management activity is resourced Supporting practices SP2.3 Licensing expertise is available SP2.2.1 Processes, procedures, templates, forms, etc. are developed SP2.2.2 Compliance tool needs are identified SP2.2.3 Compliance tools are evaluated, developed or acquired, and deployed

GoalG3. FOSS content (packages/licenses) is known SP3.1 Code audits/scans are conducted SP3.2 Supplier compliance is managed Supporting practices SP3.3 FOSS records are maintained SP3.2.1 Supplier compliance practices are assessed SP3.2.2 Supplier FOSS disclosures are made and reviewed SP3.2.3 Supplier FOSS obligations are satisfied

GoalG4. FOSS content is reviewed and approved SP4.1 OSRB exists and is staffed appropriately SP4.2 Planned FOSS use is reviewed in context Supporting practices SP4.3 License obligations are identified, understood, and documented SP4.4 Issues are resolved and approval decisions are followed

GoalG5. FOSS obligations are satisfied SP5.1 Documentation obligations are met SP5.2 Source code obligations are met Supporting practices SP5.3 Community interface exists SP and postal addresses work SP5.3.2 Web portal works SP5.3.3 Community requests and inquiries are satisfied

GoalG6. Community contributions are encouraged SP6.1 Individual contributions are reviewed and approved SP6.2 Company contributions are reviewed and approved Supporting practices