Creating an Environment for "Continuous Compliance" within Open Source Software hosted by

Open Source Software is now broadly used in the development of software applications. The ability to reuse components of code already created allows development teams to create more code, with more functionality, faster. It also promotes the adoption of standards and makes applications more interoperable. Although Open Source Software components typically require no licensing fee, it does come at a cost. This cost is uncertainty – or perceived uncertainty in many cases. Most software developers will be meticulous about what components they use from the perspective of functionality as they want to build code that works. However those Open Source Software components could have inherent business risks associated with them such as Legal/IP compliance, security vulnerabilities and operational risk. IP Investors, cyber insurance companies and business management are becoming aware of the need for demonstrable controls to be in place to mitigate these risks. This session will discuss strategies organisations continuous compliance culture which will manage the risks without impacting technical innovation. These strategies can be leveraged by both organisations implementing open source based solutions or by technical organisations are creating open source based solutions.