This project produces information about establishing a corporate open source compliance program -- in checklist form! There's lots of great information out there about setting up a compliance program -- ebooks, articles, the OpenChain Specification. This project seeks to capture the high-level components of an open source compliance program, as well as important processes, as checklists to be easily referenced by those building out a program.

1. Fork it (https://github.com/finos/osr-checklists/fork)
2. Create your feature branch (git checkout -b feature/fooBar)
3. Read our Community Code of Conduct
4. Commit your changes (git commit -am 'Add some foo_bar')
5. Push to the branch (git push origin feature/foo_bar)
6. Create a new Pull Request

NOTE: Commits and pull requests to FINOS repositories will only be accepted from those contributors with an active, executed Individual Contributor License Agreement (ICLA) with FINOS OR who are covered under an existing and active Corporate Contribution License Agreement (CCLA) executed with FINOS. Commits from individuals not covered under an ICLA or CCLA will be flagged and blocked by the FINOS Clabot tool. Please note that some CCLAs require individuals/employees to be explicitly named on the CCLA.

Need an ICLA? Unsure if you are covered under an existing CCLA? Email [email protected]

Copyright 2019 Fintech Open Source Foundation (FINOS).

This project is licensed under the Creative Commons Attribution License v.4.0.

SPDX-License-Identifier: CC-BY-4.0

The structure of the compliance program checklist is based partly on the structure set out in Open Source Compliance in the Enterprise, 2nd edition, by Ibrahim Haddad, which is a great long-form resource about building out an open source compliance program.