Skip to main content

8 docs tagged with "Level 2 (OSMM)"

View All Tags

OSMM

Level 2: Compliant Usage

At this level, an organization has established some practices for managing open source software. The organization has some visibility into open source use and there are limited controls in place to manage open source software and to ensure compliance with licenses.

Activities

Compliant Open Source Consumption

Using open source within regulated organisations must be done in accordance with the policies and procedures in place to control risks and adhere to regulation. In this article we will look at:

License Compliance Management

There are several key points that a large enterprise should consider to ensure compliance with open-source license obligations:

Open Source Consumption Training

This guide is intended to help OSPOs of all maturity levels build an open source training course that is created with purpose to deliver impact. Whether your OSPO recently launched or is looking into re-doing the firms open source training, this guide will provide ideas and content that can be implemented to a comprehensive open source training course.

Open Source Supply Chain Security

In this article we are going to look at the growing issue of software supply chain attacks via some examples and then look at the emerging field of open source supply chain security: what it is, current best practices, the institutional landscape and emerging legislation.

Software Inventory

Software inventory is a precondition to most of the activities involved in OSMM level 2. The first step to licence compliance or supply chain security is to understand what software is in your estate.