Presentation is loading. Please wait.

Presentation is loading. Please wait.

FOSS Compliance Certification Program

Published byAnis Ford Modified over 6 years ago

Similar presentations

Presentation on theme: "FOSS Compliance Certification Program"— Presentation transcript:

1 FOSS Compliance Certification Program
2018/9/7 2018/9/7 FOSS Compliance Certification Program The Linux Foundation 1

2 Basic elements of a certification program
2018/9/7 Basic elements of a certification program A purpose or motivation for certification Sponsors or customers that require suppliers to be certified A standard or reference model to certify against A certification or appraisal methodology and trained appraisers A certificate designating the supplier’s certification achievement 2

3 Certification is based on a key principle
2018/9/7 Certification is based on a key principle Process matters: A repeatable and systematic compliance process is required to achieve FOSS compliance consistently and routinely Certification appraises a supplier’s process as a predictor of eventual compliance success. Certification addresses conformance to a standard rather than business efficiency Appraisals certify that process goals have been achieved rather than that specific practices and/or tools are used The Linux Foundation Confidential 3

4 Open Certification Proposal
2018/9/7 Open Certification Proposal Reference model Grounded in Self-Assessment Checklist Proposes 6 compliance goals: G1. Everyone knows their FOSS responsibilities G2. Responsibility for achieving compliance is assigned G3. FOSS content (packages/licenses) is known G4. FOSS content is reviewed and approved G5. FOSS obligations are satisfied G6. Community contributions are encouraged At least two possible certification approaches , based on goals and sub-goals: Multi-level: Initial, Basic, Advanced Single level: Certified, Uncertified Community consensus will be needed about the reference model The Linux Foundation Confidential 4

5 Certification appraisal methodology
2018/9/7 Certification appraisal methodology On-site appraisal involving interviews and examination of evidence The Self-Assessment Checklist will provide the primary guide for interviews and data collection Responses  Goal/Sub-goal satisfaction  Certification level Other appraisers (in addition to LF) could be trained and authorized to conduct certification appraisals The Linux Foundation Confidential 5

6 Back-up: Reference Model
2018/9/7 Back-up: Reference Model The Linux Foundation Confidential 6

7 G1. Everyone knows their FOSS responsibilities
2018/9/7 Goal G1. Everyone knows their FOSS responsibilities SP1.1 FOSS policy exists SP1.2 FOSS compliance training program actively used Supporting practices

8 G2. Responsibility for achieving compliance is assigned
2018/9/7 Goal G2. Responsibility for achieving compliance is assigned SP2.1 FOSS Compliance Officer exists SP2.2 Compliance management activity is resourced Supporting practices SP2.3 Licensing expertise is available SP2.2.1 Processes, procedures, templates, forms, etc. are developed SP2.2.2 Compliance tool needs are identified SP2.2.3 Compliance tools are evaluated, developed or acquired, and deployed

9 G3. FOSS content (packages/licenses) is known
2018/9/7 Goal G3. FOSS content (packages/licenses) is known SP3.1 Code audits/scans are conducted SP3.2 Supplier compliance is managed Supporting practices SP3.3 FOSS records are maintained SP3.2.1 Supplier compliance practices are assessed SP3.2.2 Supplier FOSS disclosures are made and reviewed SP3.2.3 Supplier FOSS obligations are satisfied

10 G4. FOSS content is reviewed and approved
2018/9/7 Goal G4. FOSS content is reviewed and approved SP4.1 OSRB exists and is staffed appropriately SP4.2 Planned FOSS use is reviewed in context Supporting practices SP4.3 License obligations are identified, understood, and documented SP4.4 Issues are resolved and approval decisions are followed

11 G5. FOSS obligations are satisfied
2018/9/7 Goal G5. FOSS obligations are satisfied SP5.1 Documentation obligations are met SP5.2 Source code obligations are met Supporting practices SP5.3 Community interface exists SP and postal addresses work SP5.3.2 Web portal works SP5.3.3 Community requests and inquiries are satisfied

12 G6. Community contributions are encouraged
2018/9/7 Goal G6. Community contributions are encouraged SP6.1 Individual contributions are reviewed and approved SP6.2 Company contributions are reviewed and approved Supporting practices

Download ppt "FOSS Compliance Certification Program"

Similar presentations

MONITORING OF SUBGRANTEES

MONITORING OF SUBGRANTEES
The ISO 9002 Quality Assurance Management System

The ISO 9002 Quality Assurance Management System
ISO 9000 Quality Management Systems Program Evaluation and Audit Verl ‘Andy’ Anders 1, Merle Pochop 2, Chad M. Laux 3 1 Industrial Specialist, Center for.

ISO 9000 Quality Management Systems Program Evaluation and Audit Verl ‘Andy’ Anders 1, Merle Pochop 2, Chad M. Laux 3 1 Industrial Specialist, Center for.
IAQG OPMT OP Assessor Training Oversight Assessment of Training Provider Approval Bodies February 2015 Module 14.

IAQG OPMT OP Assessor Training Oversight Assessment of Training Provider Approval Bodies February 2015 Module 14.
BSBPMG408A Apply Contract and Procurement Procedures Apply Contract and Procurement Procedures Unit Guide C ertificate IV in Project Management 17871 Qualification.

BSBPMG408A Apply Contract and Procurement Procedures Apply Contract and Procurement Procedures Unit Guide C ertificate IV in Project Management Qualification.
Purpose of the Standards

Purpose of the Standards
ISO 9000:2000 Quality system standards adopted in 1987 by International Organization for Standardization; revised in 1994 and 2000 Technical specifications.

ISO 9000:2000 Quality system standards adopted in 1987 by International Organization for Standardization; revised in 1994 and 2000 Technical specifications.
Fundamentals of ISO.

Fundamentals of ISO.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
NVLAP Overview and Accreditation Process March 2006.

NVLAP Overview and Accreditation Process March 2006.
CHAPTER 5 Infrastructure Components PART I. 2 ESGD5125 SEM II 2009/2010 Dr. Samy Abu Naser 2 Learning Objectives: To discuss: The need for SQA procedures.

CHAPTER 5 Infrastructure Components PART I. 2 ESGD5125 SEM II 2009/2010 Dr. Samy Abu Naser 2 Learning Objectives: To discuss: The need for SQA procedures.
Verification: Quality Assurance in Assessment Verification is the main quality assurance process associated with assessment systems and practice - whether.

Verification: Quality Assurance in Assessment Verification is the main quality assurance process associated with assessment systems and practice - whether.
Roles and Responsibilities

Roles and Responsibilities
1 CT DDS Quality Service Review Connecticut Community Providers Association Presented by Fred Balicki, DDS Quality Management Services May 27, 2008.

1 CT DDS Quality Service Review Connecticut Community Providers Association Presented by Fred Balicki, DDS Quality Management Services May 27, 2008.
Understanding Meaning and Importance of Competency Based Assessment

Understanding Meaning and Importance of Competency Based Assessment
BSBPMG405A Apply Human Resource Management Approaches Apply Human Resource Management Approaches Unit Guide C ertificate IV in Project Management 17871.

BSBPMG405A Apply Human Resource Management Approaches Apply Human Resource Management Approaches Unit Guide C ertificate IV in Project Management
Www.22000-Tools.com 1 Thank you for visiting our site and welcome to the “Introduction to ISO 22000” Presentation that you requested. For more information.

1 Thank you for visiting our site and welcome to the “Introduction to ISO 22000” Presentation that you requested. For more information.
1 Implementing a Business Management System compliant to ISO 9001:2000.

1 Implementing a Business Management System compliant to ISO 9001:2000.
Programme Objectives Analyze the main components of a competency-based qualification system (e.g., Singapore Workforce Skills) Analyze the process and.

Programme Objectives Analyze the main components of a competency-based qualification system (e.g., Singapore Workforce Skills) Analyze the process and.
AET0012PPT 2004-03-13 1 by Dr. Anwar El-Tawil Dr. Anwar El-Tawil Director ISO Programme for Developing Countries QUALITY MANAGEMENT SYSTEM ACCORDING TO.

AET0012PPT by Dr. Anwar El-Tawil Dr. Anwar El-Tawil Director ISO Programme for Developing Countries QUALITY MANAGEMENT SYSTEM ACCORDING TO.

Similar presentations

Ads by Google