This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
openchain:specification-questions-and-answers [2019/11/14 15:58] mgisi [Is a third party audit required to declare an Open Source Compliance program to be OpenChain Conforming?] |
openchain:specification-questions-and-answers [2019/11/17 19:12] (current) mgisi [Does the specification describe how to comply with the most popular Open Source licenses?] |
||
---|---|---|---|
Line 13: | Line 13: | ||
* Avoid boiling the ocean - Focus specifically on providing the necessary and sufficient requirements of a “high quality” compliance program | * Avoid boiling the ocean - Focus specifically on providing the necessary and sufficient requirements of a “high quality” compliance program | ||
* Focus on meaningful pain points based on practical use cases | * Focus on meaningful pain points based on practical use cases | ||
+ | * If we could remove words and still preserve meaning and value then use fewer words | ||
- Focus of the what and why (avoid the how and when) | - Focus of the what and why (avoid the how and when) | ||
* Embrace the implementation of different practices to solve a given requirement | * Embrace the implementation of different practices to solve a given requirement | ||
Line 60: | Line 61: | ||
====Does the specification describe how to comply with the most popular Open Source licenses?==== | ====Does the specification describe how to comply with the most popular Open Source licenses?==== | ||
- | No. The specification does not provide legal guidance. It does require an organization to designate a legal expert who can assist with legal guidance. Furthermore the specification requires that a process exists that ensures the appropriate attention is given to license obligation analysis and and fulfillment. | + | No. The specification does not provide legal guidance. It does require an organization to designate a legal expert who can assist with legal guidance. Furthermore the specification requires that ''a process exists'' that ensures the appropriate attention is given to license obligation analysis and and fulfillment. |
====Does OpenChain program conformance guarantee license compliance?==== | ====Does OpenChain program conformance guarantee license compliance?==== |