Versions Compared

Old Version 1

changes.mady.by.user Marcin Wolski

Saved on

compared with

New Version Current

changes.mady.by.user Marcin Wolski

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Appoint a Licence Compliance Officer responsible for licensing decisions and queries.
  • Establish and enforce governance policies covering:

    • Inbound licences (allowed third-party licences)

    • Outbound licensing (especially if various licences are applied)

    • Dependency evaluation, approval, and monitoring

    • Contribution terms (e.g. CLAs) and management

    • Licence conflict resolution

    • Use and maintenance of compliance tools
    • Internal reviews and audits

  • Ensure the team understands and follows these policies.

  • Maintain records of licensing of licensing decisions,  reviews reviews and audits, their findings, corrective actions, and training activities.. 

Establish and Maintain Compliance Tools

...

  • Results of the SLA or equivalent review

  • Access to the code repository with all relevant artefacts
  • Results of automated checks

  • Governance and compliance policies

  • Evidence of governance and training activities

  • Any clarifications or supporting notes

Use sw-licences@software.geant.org, #sw-licences on the GÉANT Project Slack, or submit a Software Review Request in the Help DeskSee the Contact us section for getting information how to communicate with the Team.

Respond to Review Feedback

...

You may reference the certificate in your documentation, metadata, project page, or communications. The Licence The Licence Management Team will provide guidance on how to do this. They will also provide a review report.

...

  • A full audit is required at least once every two years.
    • Internal audits can be conducted by your team.
    • External audits may be arranged with or through the Licence Management Team.
  • Spot checks may be initiated after major changes or events.
  • An internal review is required following:
    • Governance or leadership changes
    • Major changes to compliance processes
    • Compliance concerns raised by users

Contact the Licence Management Team  proactively proactively when significant changes occur to determine if recertification is needed. See the Contact us section for getting information how to communicate with the Team.