Consuming open source software

Our organization uses open source software to do our work and as libraries/dependencies for our projects.

I can update and install software on the machine I use for work.

We use snippets of code from online sources in our projects.

We use open source libraries or dependencies.

We use entire applications developed in open source.

The use and tracking of open source projects is consistent across our organization.

We have identified and communicated the open source licenses we are willing to accept.

We have guidelines for selecting secure and reliable open source projects for use.

There are processes in place to ensure we are compliant with license requirements for the projects we use.

We have processes in place to quickly address security vulnerabilities in the projects we consume.