PwC provides OSS Trust through OpenChain
Mutual commitment to Open Source compliance.
Joint business relationship between PwC and OpenChain.
PwC: Our purpose is to build trust in society and solve important problems.
1. Open Source Summit Europe
OpenChain & PwC
Lyon, 29th October 2019
Marcel Scholze, Director Open Source Software Management & Compliance
2. PwC
Mutual commitment to Open Source compliance
Joint business relationship between PwC and OpenChain
Our purpose is
to build trust in society
and solve important
problems.
A Simple Logo,
A Significant
Meaning.
2
October 2019OSS EU Summit Lyon OpenChain & PwC
3. PwC
Process Flows for OpenChain Conformance
Self-
Certification
Assessment Procedure Outcome
1
Self-
Certification
Planning Program Set-up Assessment of program
Your customer’s
view
Listed on
www.openchain
project.org
October 2019OSS EU Summit Lyon OpenChain & PwC
3
4. PwC
Process Flows for OpenChain Conformance
You need advice?
You / your clients need more Trust?
Self-
Certification
Assessment Procedure Outcome
1
Self-
Certification
Planning Program Set-up Assessment of program
Your customer’s
view
Listed on
www.openchain
project.org
October 2019OSS EU Summit Lyon OpenChain & PwC
4
5. PwC
Process Flows for OpenChain Conformance
Assessment Procedure Outcome
1
Self-
Certification
Planning Program Set-up Assessment of program
Your customer’s
view
October 2019OSS EU Summit Lyon OpenChain & PwC
Self-
Certification
2
Independent
Compliance
Assessment External Support, Guidance and Review
Planning Program Set-up Assessment of program
Listed on
www.openchain
project.org
Support
■ Organization ■ OpenChain ■ Third Party
5
6. PwC
Process Flows for OpenChain Conformance
Assessment Procedure Outcome
1
Self-
Certification
Planning Program Set-up Assessment of program
Your customer’s
view
October 2019OSS EU Summit Lyon OpenChain & PwC
Self-
Certification
2
Independent
Compliance
Assessment External Support, Guidance and Review
Planning Program Set-up Assessment of program
Listed on
www.openchain
project.org
SupportTrust
■ Organization ■ OpenChain ■ Third Party
Third Party
Certification/
Audit Reliance on
Third Party Report
3
Third Party
Certification/
Audit
Planning
Program Set-up
Optional Readiness Assessment Independent Audit of
Program
6
7. PwC
Define the strategic OSS focus areas
Design and role-out the OSS organizational model
Design and role-out OSS Review process
Design and role-out OSS Compliance Artifacts process
Design OSS Contribution Policy
Support for Readiness/Assessment
2
Independent
Compliance
Assessment External Support, Guidance and Review
Planning Program Set-up Assessment of program
Independent Compliance Assessment
Program
Foundation
Relevant Tasks
Defined and
Supported
Open Source
Content Review
and Approval
Compliance
Artifact Creation
and Delivery
Understanding
Open Source
Community
Engagements
Adherence to the
Specification
Requirements
1
2
45
6
3
3
2
4
5
6
1
7
October 2019OSS EU Summit Lyon OpenChain & PwC
8. PwC
Levels of report statements
Design Effectiveness (existance of artefacts)
Design Effectiveness (content review of artefacts)
Design and Operating Effectiveness (sample testing)
Third Party Certification/Audit
Third Party
Certification/
Audit
3
Third Party
Certification/
Audit
Planning
Program Set-up
Optional Readiness Assessment Independent Audit of
Program
Reliance on
Third Party Report
8
October 2019OSS EU Summit Lyon OpenChain & PwC
9. PwC
Levels of report statements
Design Effectiveness (existance of artefacts)
Design Effectiveness (content review of artefacts)
Design and Operating Effectiveness (sample testing)
Third Party Certification/Audit
Third Party
Certification/
Audit
3
Third Party
Certification/
Audit
Planning
Program Set-up
Optional Readiness Assessment Independent Audit of
Program
Reliance on
Third Party Report
9
October 2019OSS EU Summit Lyon OpenChain & PwC