Sascha Pudenz
Sascha Pudenz helps organizations implement governance, processes, and technology for Open Source compliance management and IT asset management systems. He has been advising private and public sector organizations of all sizes for over 12 years. As a team member of Deloitte's Extended Enterprise practice, he identifies, assesses and manages the risks that organizations face from external business relationships, such as license agreements.
Session
We introduce a publicly-available capability model to assess management of FOSS compliance risk. Developed in conjunction with both the OpenChain project and active FOSS-using businesses, this model, based on ISO 5230:2020, provides an intuitive and practical framework for assessing FOSS risk, and developing a roadmap to improve it.