When searching for compliance the scope of compliance is a relevant aspect. Legal compliance implies that the solution provided respects all the obligations and does not violate any of the restrictions resulting from the use of third party tools, utilities or components.
Licenses are nothing bad. In general the purpose of a license is to offer you rights. In countries governed by a code of law, as for example in Germany, the creator of an asset - may it be any kind of code, picture, painting or literature - automatically is protected by some intellectual property law (e.g. UrhG for Germany). But countries governed by Common Law such as UK or USA meanwhile developed similar understandings.
This law prevents third parties form using, replicating or modifying the work of the creator. To overcome this general right for protection, a the creator shall provide a license to third parties. This license - depending on its character - will provide the freedom of use to the recipient of the work.
Therefor TrustSource has ordered CMS - one of the leading law firms to assess the almost 300 existing licenses and split the regulations in
- rights - you receive from the creator
- obligations - you must comply with to cope with the creators requirements
Depending on your goals - e.g. the commercial usage, need for the protection of trade secrets or the planned distribution approach - and your implementation - e.g. changes in code, operational model, etc. - the suitability of a license for a particular approach may change!
To ensure compliance while giving development the maximum of freedom, this analysis has to be performed by each component in the solution. To allow this, TrustSource provides its legal engine, alerting you of obligations and violations.
TrustSource has been designed to support your quest achieving compliance across your complete software portfolio: therefor the system will help you to perform all the following steps:
- Prepare your organization for Open Source Compliance
- Understand Roles and process
- Create and manage subsidiaries
- Invite colleagues and organizational members
- Integrate your projects
- Setup a project
- Create Modules from API integrations
- Create modules from SPDX documents
- Complete a legal questionnaire
- Understand legal analysis results
- Resolve legal issues
- Provide a general open source policy
- Organize black- and whitelists
- Understanding black and whitelists
- Blacklisting licenses
- Enforce whitelisting
- Manage whitelisting approvals
- Surveillance of Compliance
- Running a Compliance report
- Reading the Audit Log
- Freezing Releases
- Requesting Compliance approvals
- Approving Compliance
- Support publishing requirements
The list of tasks seems to be overwhelmingly long. But with the support of TrustSource, you will see that each task can be resolved with only a few clicks. To drill down into any of the segments, click on the topics.
Do not hesitate to contact our support for further details or review our training schedule or training materials for more information.
Please sign in to leave a comment.