Skip to main content

14 docs tagged with "Data Leakage Risk"

View All Tags

Risks

Data Leakage Risk

Data leakage risk refers to the potential for sensitive or confidential information to be unintentionally or maliciously disclosed outside of an organization, leading to potential harm to the organization's reputation, finances, or legal standing.

Regulations

Intellectual Property

Open source software is typically distributed under specific licensing terms and conditions that may affect how the software can be used, modified, and distributed. Compliance with these licensing requirements is essential to ensure that the organization does not infringe on the intellectual property rights of the software developers or violate the terms of the license.

Personal Information

Leakage of personal information has a knock-on to Reputational Risk and Legal Risk, as explored in the section below. As noted in the BOK activities addressing supply chain security, incorporating secure development into the Software Development Lifecycle is therefore also a compliance issue.

Roles

Open Source Program Office

The Open Source Program Office (OSPO) is responsible for the overall management and direction of an organization's open source program.

Activities

Maintaining An Open Source Project

We currently live in a world where OSS is everywhere, consumable, helpful and can make a positive or negative outcome on the programs we rely on. Strong open source projects can lessen technical debt, increase reusability and discoverability. For the purpose of this guide, we will cover some key principles and practices for managing your open source project effectively.

Making The Case For Contribution

Organisational change can be very hard to achieve since organisations are naturally protective of themselves and the status quo. Setting up an OSPO and beginning an open source journey will seem like a risky and dangerous proposition for many parts of an organisation.

Open Source Contribution Training

It is generally preferable if an Open Source Contribution Policy can be enforced via tooling (so called policy as code). However, often policy will refer to behaviours and expectations of staff which cannot be controlled through systems. In these cases, training courses will be needed to help promote desired behaviours.

Publication Processes

This article looks at the best practices around publication (of code) to enable open source contribution.

Surveillance Processes

This article looks at the best practices around surveillance (of communications) to enable open source contribution.

Using Open Source Software

Using open source software within a financial services organisation poses unique challenges. This article outlines some of the potential pitfalls and solutions when getting started.

Artifacts

osr-resources

GitProxy

Jamie Slome (Citi) to FINOS Members Meeting on April 3rd 2024.