The understanding, analysis and identification of obligations resulting from open source licenses in a particular use case is a complex legal matter. Therefor it would be sort of overwhelming to shift the whole workload on the shoulders of an IT project manager or SCRUM Master.
Thus the final review should always be done by some one with sufficient legal knowledge such as a Compliance Manager. TrustSource has been designed to foster this process, support the project managers and ease the work of Compliance Managers by assessing the situation, giving advice and helping to reduce the complexity of the matter to deal with.
By pushing a project or module into an approval process, the Project Manager confirms that he has assembled all required information and components to allow the Compliance Manager a sound compliance analysis. To make sure, all is green, the compliance report is open to both roles.
We highly recommend to run such a report before submitting an approval. The approval then will forward the bundled information to the corresponding Compliance Manager for that particular project. As soon as he will approve the request, the Project Manager can be sure having passed on responsibility for the compliance of his project in that particular version to the Compliance Manager.