OSS Compliance & Security

Introduction

• OSS Governance: Process Definition & Deployment

  Objective: OSS awareness, policy creation and OSS stakeholders organization.

• OSS Auditing: Code Base lining, Obligations Management & Risk Mitigation

  Objective: OSS licensing compliance for each software release.

• OSS Management Training & Coaching

  Objective: OSS training and coaching sessions for various development and management roles.

• OSS Support & Documentation

  Objective: Provide access to OSS experts at any time for any questions or issues. And keep up-to-date risk assessment of OS SW usage in ASML

OSS Governance Process

Definition & Deployment

• Setup OSS policy.
• Setup OSS licensing scope.
• Setup OSS influx management workflow (approvals & rejections).
• Setup OSS roles and responsibilities.

OSS Auditing

Code Base lining, Obligations Management & Risk Mitigation

• Scan source code for OSS components and snippets (weekly recommended)
• Identify potential matches and associated licenses.
• Review obligations.
• Report compliance status for each software release and/or customized reporting.

OSS Management Training & Coaching

• Class room training onsite for managers and developers.
• Specific training on base lining and auditing.
• Customized computer based training to roll-out OSS processes within the organization.

OSS Support & Documentation

• Bug fixes and enhancements.
• Security updates.
• OSS licensing compliance.