Assessment of Open Source Practices as Part of Due Diligence in Merger and Acquisition Transactions

By March 11, 2019 March 13th, 2019 Open Source Management, Publications

Assessment of Open Source Practices as Part of Due Diligence in Merger and Acquisition Transactions

A Contribution to the OpenChain Project

This open source merger and acquisition (M&A) assessment checklist is intended as a tool to help evaluate the open source practices of an organization as part of the due diligence process. The checklist presents a set of recommended practices distilled from the experiences of organizations committed to encouraging the use of open source while fully complying with license obligations.

The checklist explores the following areas as part of this due diligence process:

  • Discovery of open source software in code bases
  • Review and approval of open source use
  • Satisfaction of open source license obligations
  • Overseeing community contribution to open source projects
  • Process adherence audits
  • Open source policy
  • Appropriate staffing for compliance execution
  • Adaptation of business processes to accommodate open source specific requirements
  • Training
  • Verification practices
  • Compliance process management
  • Maintaining inventory of open source software
  • Automation and tool support for large scale use, consumption, and compliance
Follow Us

The Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.
The Linux Foundation
Follow Us