Skip to main content

We are best known for maintaining ISO/IEC 5230:2020 and ISO/IEC 18974:2023, the international standards for open source license compliance and security assurance. Below we provide a snapshot of companies that have informed us they are using one or both of our standards and given us permission to list their logo on our website.

Because ISO/IEC standards are freely used around the world, we can only provide limited insight into total market adoption. However, we have reason to believe that usage is significant. For example, PwC have sponsored research indicating 31% of large German companies already use or plan to adopt OpenChain ISO/IEC 5230.

Already Conformant? Let Us Know:




Publicly announced OpenChain ISO/IEC 5230 conformant programs, the international standard for open source license compliance:






Publicly announced OpenChain ISO/IEC 18974 conformant programs, the international standard for open source security assurance:






What Does This Mean?

Having an OpenChain conformant program for ISO/IEC 5230 or ISO/IEC 18974 (or both) means that an organization has a program that uses our process standards for addressing open source license compliance or security assurance.

You need to check with the organization about how their program is scoped (does it cover one project, one product or the whole legal entity?) and you need to ensure – if you are doing business with that organization – that what they consider solid process management matches your own requirements.

The good news is that any OpenChain conformant organization should be providing external contact points for open source license compliance or security assurance matters. It is part of the requirements listed in the standards themselves.

Need Help?