nexb- Software Audit for Acquisition Due Diligence
|
|
- Nicholas Hubbard
- 8 years ago
- Views:
Transcription
1 nexb- Software Audit for Acquisition Due Diligence
2 Agenda About nexb What nexb does Our experience Software Audit: M&A License Violation Risks & Recent Audit Issues Software Audit Process Software Audit Tools Additional Information Why nexb? Contact us Lessons Learned
3 About nexb What nexb does Enable component-based software development Software provenance analysis services Software asset management tools Expertise in all software IP Software audit services Acquisitions Software product releases Active OSS developers
4 About nexb Our experience is our difference Recognized by the buyers and target companies as: experts in software origin analysis a fair and trusted intermediary We identifies issues along with practical remediation steps 350+ software audit projects completed to-date
5 License Violation Risks Free Software Binary-only (Proprietary) source code available Adobe Reader Freeware / Shareware many Java libraries source with limitations (Proprietary) FOSS Microsoft shared source Sun SCSL Copyleft Attribution GNU GPL GNU LGPL MPL CDDL EPL BSD Apache MIT
6 Recent Audit Issue Examples Dependency Issue Workarounds License violation
7 Emerging Audit Issue Examples Cloud computing and Dual Licensing Personal Devices and Application store markets
8 Software Audit Process
9 Software Analysis Scope Commercial Code Original Code Open Source Code
10 Software Analysis Deliverables Complete inventory of OSS and third-party components in Development codebase(s) Bill of materials for Deployed product components Specific Action items and recommended actions for resolution that can be factored into the deal terms Including possible exposure for older product versions Detailed analysis for copyleft contamination Checklist of commercial components as input to due diligence for contract review Analysis of how much code is original versus borrowed (OSS) or purchased (Commercial)
11 Preparation 1 week (1/2) Establish NDA with seller Two-way or three-way Scope audit effort Audit profile (questionnaire) Size of code base - # files and lines of source code Disclosure of known third-party and open source software Onsite or remote access to the code Prepare/agree quote always fixed fee, no surprises Schedule project
12 Preparation (2/2) è Many targets are anxious about the process General level of anxiety is inversely proportional to prior M&A experience of executives We do some hand holding to make them feel comfortable Assure seller that they review all findings first so no surprises Explain the process and tools to the seller
13 License & Origin Analysis 2 weeks (1/2) Analysis Activities Scan files for license, copyright and other origin clues Match target code to reference code repository for origin and license detection (based on digital fingerprints ) Map Deployed code to Development code to: Validate that we have a complete Development codebase Filter issues based on the effective Deployed/Distributed code Analyze software interaction and dependency patterns for copyleftlicensed components as needed Additional domain-specific investigations typically for embedded devices and applications of media codecs
14 License & Origin Analysis (2/2) Results Software Inventory and Bill(s) of Materials Draft Action items & recommendations
15 Review & Report 1 week (1/2) Activities Draft findings review with product team Ask product team to respond to each Action item Accept recommended solution or propose another approach Acknowledge & investigate Not a request to fix anything during the audit Incorporate feedback and answers from product team into the Software BOM and Report We may agree to disagree e.g. we then present two points of view: ours and the seller s. Complete final report Second review cycle with product team Release the report Conference call with buyer to present findings & answer questions
16 Review & Report (2/2) Results Final Software Inventory / BOM spreadsheets Final Report - narrative with executive summary, project data and summary of the Action items and Responses
17 Software Audit Tools nexb typically uses a combination of tools for a software audit Our own DejaCode toolkit is the primary tool Other tools used as needed or as licensed by a customer (open source or commercial) Multiple layers of analysis Direct scan for license and copyright notices Component matching for open source and publicly available thirdparty components (freeware/proprietary) Analysis of source code and pre-built libraries (binary) Interaction and dependency analysis as needed Review and validation by software experts All require expert humans to interpret the results!
18 Additional Information Why nexb (1/2) 100% of our customers are repeat customers and references We have a balanced approach Automated code analysis AND analysis by software experts Direct consultation with engineering, management and legal teams Concrete Action items with recommended nexb action resolution and seller Responses
19 Additional Information Why nexb (2/2) Trusted third party Mitigates confidentiality concerns of a seller company Maintains proper segregation of information during acquisition negotiations Enables objective analysis with appropriate consideration of feedback from all parties
20 Additional Information Contact us Contact person: Pierre Lapointe, Customer Care Manager More information:
21 Additional Information Lessons Learned Acquisitions (1/2) Schedule is always a major issue Initiate a software audit early because Seller company will probably not have done this before Negotiation of an NDA takes longer than you expect Negotiation of access to artifacts and people takes longer than you think The review of findings and recommendations may require several iterations with target company Get answers for open issues Get agreement about remediation strategies Get agreement that report is objective and reasonable
22 Additional Information Lessons Learned Acquisitions (2/2) Identify the crown jewels and key platforms of the seller technology Concentrate the audit on the most important parts For products with multiple operating system versions, focus on the most important platforms Some issues can be specific to the open source policies of the Buyer For instance tolerance for certain version of open source licenses or proprietary Linux drivers varies among companies We apply Buyer company policies if available, Otherwise we apply conservative community standards Exceptional cases may require additional discussion with legal and and business teams to evaluate the risks
Managing Open Source Software Supply Chains
Managing Open Source Software Supply Chains Agenda Introduction Identify the ten most common open source license obligations Explain what you need to do to comply with these obligations Discuss the key
More informationOpen Source Software and the impact on Mergers & Acquisitions
Open Source Software and the impact on Mergers & Acquisitions Black Duck 2013 Speakers Russell Hartz VP of Corporate Development SAP Oliver Vivell Senior Director of Corporate Development SAP Matthew Jacobs
More informationIntellectual Property& Technology Law Journal
Intellectual Property& Technology Law Journal Edited by the Technology and Proprietary Rights Group of Weil, Gotshal & Manges LLP VOLUME 26 NUMBER 6 JUNE 2014 A Practical Approach to Working with Open
More informationOpen Source and the New Software Supply Chain. Mark Tolliver, CEO Palamida Inc.
Open Source and the New Software Supply Chain Mark Tolliver, CEO Palamida Inc. Could You Sign This? Typical Software Project Metrics 2.9 GB 87,863 Files 8,535,345 LOC Copyright holders ~350 Archives 178
More informationHow To Manage An Open Source Software
Executive Briefing: Four Steps to Creating an Effective Open Source Policy Greg Olson Sr. Director OSS Management Olliance Group Speaker Greg Olson Sr. Director, Open Source Management Over 30 years of
More informationFree and Open-Source Software Diligence in Mergers, Acquisitions, and Investments
Free and Open-Source Software Diligence in Mergers, Acquisitions, and Investments Andrew J. Hall Fenwick & West LLP April 16, 2013 Linux Foundation Collaboration Summit Presentation Topics Introduction
More informationBOM based on what they input into fossology.
SPDX Tool Website SPDX Tool Description License and copyright scanner that emits license names that conform to SPDX. In March a module should be added that gives the user an SPDX FOSSology fossology.org
More informationOpen Source Compliance: The Challenge of Managing Abundance. Peter Vescuso Black Duck Software
Open Source Compliance: The Challenge of Managing Abundance Peter Vescuso Black Duck Software Open Source Compliance: The Challenge of Managing Abundance Agenda The abundance The Challenges Meeting the
More informationWhat You Should Know About Open Source Software
What You Should Know About Open Source Software J.D. Marple Silicon Valley Latham & Watkins operates as a limited liability partnership worldwide with an affiliate in the United Kingdom and Italy, where
More informationOpen Source Software and Copyright Infringement Law
What Every GC and CTO Should Know about Open Source Software David Mirchin July 14, 2015 David Mirchin Chair, Meitar Technology Transactions and IP Group Tel Aviv, Israel Open Source sometimes also a
More informationPresentation. Open Source is NOT Free. For ISACA. By Dave Yip / Gamatech Ltd. Agenda
Presentation Open Source is NOT Free For ISACA By Dave Yip / Gamatech Ltd Agenda Gamatech Introduction to Open Source Open Source and Enterprises Open Source Licensing Open Source Risks Open Source Management
More informationOpen Source and Government Procurement
Open Source and Government Procurement Tuesday October 21, 2007 Copyright 2007 Holme, Roberts & Owen LLP Increasingly unwise not to consider open source Increasingly unrealistic to avoid open source You
More informationAn Open Source SCADA Toolkit
An Open Source SCADA Toolkit Stanley A. Klein Open Secure Energy Control Systems, LLC (301) 565 4025 sklein@cpcug.org This work was supported by the United States Department of Homeland Security Agenda
More informationOpen Source in the Real World: Beyond the Rhetoric
Open Source in the Real World: Beyond the Rhetoric Maureen Dorney Partner, DLA Piper Kat McCabe Board of Advisors, Black Duck Software, Inc. Gemma Dreher Senior Counsel, BAE Systems Introduction Widespread
More informationHOW TO UTILIZE OPEN SOURCE IN YOUR CODE BASE AND BUILD PROCESS. 2015 Black Duck Software, Inc. All Rights Reserved.
HOW TO UTILIZE OPEN SOURCE IN YOUR CODE BASE AND BUILD PROCESS 2015 Black Duck Software, Inc. All Rights Reserved. TODAY S PRESENTERS Baruch Sadogursky JFrog Dave Gruber Black Duck 2 2015 Black Duck Software,
More informationOpen Source in Android Apps:
Open Source in Android Apps: Tips for Becoming a Good Open Source Citizen AnDevCon Kim Weins, SVP Marketing, OpenLogic What You ll Learn! How much open source is used in mobile apps?! What level of compliance
More informationWe d like to hear your suggestions for improving our indexes. Send email to index@oreilly.com.
Index A Academic Free License, 14, 24 30 derivative works, 27 disclaimer of warranties, 26 intellectual property rights, 24 limitations of, 26 merger clauses, 29 modifying terms, 30 non-endorsement provision,
More informationOpen Source Sustainability and RDM. Scott Wilson scott.wilson@oucs.ox.ac.uk
Open Source Sustainability and RDM Scott Wilson scott.wilson@oucs.ox.ac.uk What does sustainability mean? To be sustainable a project must meet its own costs. Most projects have their initial costs covered
More informationUniversity of Edinburgh. School of Informatics. Intellectual Property and the Digital Age. Chris Martin
University of Edinburgh School of Informatics Intellectual Property and the Digital Age Chris Martin Outline IP Basics what is IP? / IP ownership / protecting IP Copyright basics infringement / permitted
More informationREAD THIS AGREEMENT CAREFULLY.
NEXB INC. END USER AGREEMENT FOR SOFTWARE AS A SERVICE READ THIS AGREEMENT CAREFULLY. This Agreement is a legally binding agreement between you (meaning the person or the entity that obtained the Service
More informationOPEN SOURCE SOFTWARE CUSTODIAN AS A SERVICE
OPEN SOURCE SOFTWARE CUSTODIAN AS A SERVICE Martin Callinan Martin.callinan@sourcecodecontrol.co Wednesday, June 15, 2016 Table of Contents Introduction... 2 Source Code Control... 2 What we do... 2 Service
More informationOpen Source Software: Strategies and Risk Management
Open Source Software: Strategies and Risk Management Elisabeth Esner i DLA Pper i Rudnick Gray Cary US LLP (858) 677-1484 elisabeth.e isner@dlap iper.com Mark Lehberg DLA Pper i Rudnick Gray Cary US LLP
More informationResearch & Development Software Training - 2016
Research & Development Software Training - 2016 Software Excellence Network March 15, 2016 Overview Introduction: why are we here? swdev.epri.com & you: review of website resources 2015 trends & lessons
More informationIntellectual Property Group Presentation. Using Open Source Software Issues to Consider. Peter J. Guffin, Esq. Pierce Atwood LLP January 22, 2009
Intellectual Property Group Presentation Using Open Source Software Issues to Consider Peter J. Guffin, Esq. Pierce Atwood LLP January 22, 2009 I. Agenda Select key terms in various open source licenses
More informationOpen Source Software:
Open Source Software: Buyer Beware of Custom Development and M&A Transaction Risks By Heather R. Pruger and Adam S. Zarren Does your client develop software for others, or does it purchase customized software
More informationUsing Open Source Software in Product Development: A Primer
focus The use of open source software in industrial products is growing rapidly because its many advantages are well known. 1 4 However, although we in industry understand liability and intellectual-propertyrights
More informationTowards an OSS License for Europe?
Towards an OSS License for Europe? IDABC Workshop at LinuxTag 2005, 23 June 2005 by Dr. Till Jaeger, attorney at law Agenda 1. Status Quo of Free Software Licensing 2. Types of Free Software Licenses 3.
More informationTaiwan Companies in the FOSS Implementation: From the Perspective of Legal Consultation Practice
Taiwan Companies in the FOSS Implementation: From the Perspective of Legal Consultation Practice Open Source Software Foundry, CITI, Academia Sinica Taiwan Florence T.M. Ko 葛冬梅 Legal Specialist Email:
More informationCommercial Software Licensing
Commercial Software Licensing CHAPTER 4: Prepared by DoD ESI January 2013 Chapter Overview Publishers generally create one or more of three major types of software products: Applications software for transactions,
More informationSoftware M&A: What you need to know before buying or selling software assets
Software M&A: What you need to know before buying or selling software assets A Webinar from Black Duck Software, Clearvision and Kemp Little Copyright 2011 Black Duck Software, Inc. All Rights Reserved.
More informationCSPA. Common Statistical Production Architecture Descritption of the Business aspects of the architecture: business models for sharing software
CSPA Common Statistical Production Architecture Descritption of the Business aspects of the architecture: business models for sharing software Carlo Vaccari Istat (vaccari@istat.it) Index Costs categories
More informationHow to Avoid 5 Common Pitfalls in Open Source Utilization. July 2013
How to Avoid 5 Common Pitfalls in Open Source Utilization July 2013 Today s Presenters Phil Odence Black Duck Baruch Sadogursky JFrog 2 Agenda Open Source Trends Avoiding 5 Common Pitfalls JFrog Artifactory
More informationTaking Information Security Risk Management Beyond Smoke & Mirrors
Taking Information Security Risk Management Beyond Smoke & Mirrors Evan Wheeler Omgeo Session ID: GRC-107 Insert presenter logo here on slide master. See hidden slide 4 for directions Session Classification:
More informationAn Open Source Work Shop. Luciano Resende (lresende@apache.org) Haleh Mahbod (hmahbod@gmail.com) Aug. 2008
An Open Source Work Shop Luciano Resende (lresende@apache.org) Haleh Mahbod (hmahbod@gmail.com) Aug. 2008 1 Topics General knowledge about open source Importance of Open Source What is Open Source License
More informationHow To Improve Your Software
Driving Quality, Security and Compliance in Third- Party Code Dave Gruber Director of Product Marketing, Black Duck Keri Sprinkle Sr Product Marketing Manager, Coverity Jon Jarboe Sr Technical Marketing
More informationOpen Source and Legal Issues
In-House Lawyers: Shaping New Legislation, Case-Law and Government Plans into Practical Company Policies Open Source and Legal Issues Rodolphe Michel, British Telecommunications plc This presentation contains
More informationOSADL License Compliance Audit (OSADL LCA)
Open Source Automation Development Lab eg OSADL License Compliance Audit (OSADL LCA) 1. Goals Risk management for any company includes the maintenance of legal and contractual obligations. The observance
More informationMetatron Technology Consulting s Strategic Guide to Open Source Software
Metatron Technology Consulting s Strategic Guide to Open Source Software Chris Travers April 30, 2004 Copyright c April 30, 2004 Metatron Technology Consulting. Permission is granted for verbatim redistribution
More informationGetting Started with Open Source Compliance
Getting Started with Open Source Compliance August 9, 2006 www.hro.com Denver Boulder Colorado Springs London Los Angeles Munich Salt Lake City San Francisco Copyright 2006 Holme, Roberts & Owen LLP Where
More informationOpen-source business models: Creating value from free stuff'
Best Practice in Innovation, Entrepreneurship & Design Open-source business models: Creating value from free stuff' 31 March 2010-18.00 to 19.30 Panellists: Prof. Bart Clarysse - Chair in Entrepreneurship,
More informationOSS LOGISTICS: DRIVING INNOVATIVE SOFTWARE FROM DEVELOPER TO CUSTOMER Alex Bigmore Senior Architect & Open Source Governance Programme Manager SITA
OSS LOGISTICS: DRIVING INNOVATIVE SOFTWARE FROM DEVELOPER TO CUSTOMER Alex Bigmore Senior Architect & Open Source Governance Programme Manager SITA Phil Granof EVP & Chief Marketing Officer Black Duck
More informationLegal Issues for FOSS-based Supply Chain Management. Herve Guyomard, Black Duck Software
Legal Issues for FOSS-based Supply Chain Management Herve Guyomard, Black Duck Software Agenda Legal Case in Supply Chain Open Source in Mobile Mobile devices Supply Chain Management Summary Copyright
More informationPolicy Driven Continuous Software Intellectual Property Management
Policy Driven Continuous Software Intellectual Property Management DETECT LOG IDENTIFY REPORT Session # 227 Tuesday 13:30 Room 207 Richard Mayer Protecode Inc. mayer@protecode.com Come see us at Pedestal
More informationSoftware Licenses Managing the Asset and Related Risks
AUDITOR GENERAL S REPORT ACTION REQUIRED Software Licenses Managing the Asset and Related Risks Date: February 4, 2015 To: From: Wards: Audit Committee Auditor General All Reference Number: SUMMARY The
More informationVulnerability Management
Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other
More informationElectoral Commission. Auction # 10220759. Patch Management Solution
Electoral Commission Auction # 10220759 Patch Management Solution IMPORTANT NOTICE Failure to comply with the completion of the auction conditions and the required information (i.e. Make, model and size
More informationAccelerate Time to Value and Innovation Through Complete Contract Management
SAP Brief Ariba s Ariba Contract Management Objectives Accelerate Time to Value and Innovation Through Complete Contract Management Objectives Drive spend compliance across all contract types Drive spend
More informationWhite Paper November 2006. BMC Best Practice Process Flows for Asset Management and ITIL Configuration Management
White Paper November 2006 BMC Best Practice Process Flows for Asset and ITIL Configuration Copyright 2006 BMC Software, Inc. All rights reserved. BMC, the BMC logo, all other BMC product or service names,
More informationOpen-Source Business Models:
Open-Source Business Models: Making money by giving it away Andrew J. Hall February 20, 2015 Linux Collaboration Summit Santa Rosa, CA 2015 Hall Law. All rights reserved. This presentation is licensed
More informationManaging Open Source Code Best Practices
Managing Open Source Code Best Practices September 24, 2008 Agenda Welcome and Introduction Eran Strod Open Source Best Practices Hal Hearst Questions & Answers Next Steps About Black Duck Software Accelerate
More informationHow To Use Open Source Software
Open Source Software: What You Need to Know Presented By: Lisa Abe, Ian Kyer and Marek Nitoslawski September 15, 2005 Open source software ( OSS ): What you need to know Understanding the business and
More informationDebunking The Myths of Column-level Encryption
Debunking The Myths of Column-level Encryption Vormetric, Inc. 888.267.3732 408.433.6000 sales@vormetric.com www.vormetric.com Page 1 Column-level Encryption Overview Enterprises have a variety of options
More informationFOSS Governance Fundamentals
FOSS Governance Fundamentals HP Part Number: 5992-4059 Published: January 2008 Edition: 1.0 Copyright 2008 Hewlett-Packard Development Company, L.P. Legal Notice Confidential computer software. Valid license
More informationProtecting Data with a Unified Platform
Protecting Data with a Unified Platform The Essentials Series sponsored by Introduction to Realtime Publishers by Don Jones, Series Editor For several years now, Realtime has produced dozens and dozens
More informationMoving a Commercial Forecasting Product to Open Source
American Immunization Registry Conference October 7 9, 2013 Denver, CO Moving a Commercial Forecasting Product to Open Source Judy Merritt, Scientific Technologies Corporation Nathan Bunker, Dandelion
More informationCertified Information Systems Auditor (CISA)
Certified Information Systems Auditor (CISA) Course Introduction Course Introduction Module 01 - The Process of Auditing Information Systems Lesson 1: Management of the Audit Function Organization of the
More informationSeller Information Package
Seller Information Package Ready for Change? Connecting you to the right buyer. Thank you for reaching out to us and inquiring about assistance with one of the most important business decisions of your
More informationHP Asset Manager. Software version: 5.20. Asset Tracking Solution
HP Asset Manager Software version: 5.20 Asset Tracking Solution Document Release Date: 01 October 2009 Software Release Date: October 2009 Legal Notices Copyright Notices Copyright 1994-2009 Hewlett-Packard
More informationThe Corporate Counsel s Guide to Open Source Software Policy Implementation
The Corporate Counsel s Guide to Open Source Software Policy Implementation How to Protect the Enterprise from Risk while Helping Your Company More Efficiently Develop and Maintain Applications Black Duck
More informationRISK MANAGEMENT FOR OPEN SOURCE
RISK MANAGEMENT FOR OPEN SOURCE Ria Farrell Schalnat Open Source Should Not Work (but it does anyway) The Birth Pangs of Open Source January 24, 1956: Antitrust settlement. 1964: Bell Labs and MIT collaborate
More informationRealizing the Breakthrough Economics of Linux and Open Source through Hybrid Development. Tim Yeaton, President and CEO Black Duck Software
Realizing the Breakthrough Economics of Linux and Open Source through Hybrid Development Tim Yeaton, President and CEO Black Duck Software Linux Collaboration Summit April 9, 2009 Agenda Current Market
More informationDeveloping a funding proposal with open source communities. Steve Lee
Developing a funding proposal with open source communities Steve Lee JISC Regional Support Centre South West Funding and Project Management Support Forum Armada House, Bristol 17 November 09 Unless otherwise
More informationTHE BLUENOSE SECURITY FRAMEWORK
THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program
More informationThe FOSSology Project Overview and Discussion. » The Open Compliance Program. ... By Bob Gobeille, Hewlett-Packard
» The Open Compliance Program The FOSSology Project Overview and Discussion By Bob Gobeille, Hewlett-Packard A White Paper By The Linux Foundation FOSSology (http://fossologyorg) is an open source compliance
More informationAn Open Source Software Primer for Lawyers
An Open Source Software Primer for Lawyers July 17, 2014 Presentation to the ABA Open Source Committee, Section of Science & Technology Law Joanne Montague joannemontague@dwt.com Davis Wright Tremaine
More information+ + Apps, App Stores, and Open Source. End-to-End Open Source Management. Enabling Successful and Safe Open Source Adoption At 300+ Enterprises
Apps, App Stores, and Open Source Jilayne Lovejoy Corporate Counsel LinuxCon - August 2012 1 End-to-End Open Source Management Enabling Successful and Safe Open Source Adoption At 300+ Enterprises In the
More informationProductivity Through Open Source Policy Compliance
Productivity Through Open Source Policy Compliance This article is part of a series on how Rational Collaborative Lifecycle Management (CLM) solutions support software development compliance. Today the
More informationGood Practice Guide Open Source Software Exploring the Risk
October 2015 Issue No: 1.1 Good Practice Guide Open Source Software Exploring the Customers may continue to use this guidance. The content remains current, although may contain references to legacy SPF
More informationTivoli Endpoint Manager. Increasing the Business Value of IT, One Endpoint at a Time
1 Tivoli Endpoint Manager Increasing the Business Value of IT, One Endpoint at a Time Endpoint Management Cost Today s Endpoint Management Challenges Drive IT Costs Up More than 50% of end users change
More informationOpen Source Policy Builder
Open Source Policy Builder Effective and comprehensive open source policies are based on a thorough and unbiased organizational assessment. You can start building your organization s open source policy
More informationThe 7 Myths of IP Risk: The Real Exposure Issues with Free and Open Source Software. Black Duck Software White Paper
The 7 Myths of IP Risk: The Real Exposure Issues with Free and Open Source Software Black Duck Software White Paper FOSS is widely recognized as providing significant technology, innovation and financial
More informationYour Open Source Investment Know. Manage. Protect.
Using open source software provides a compelling business case, but if companies violate the software s licenses, the consequences can be more severe than they think. Open Source Risk Management s services
More informationLumension Endpoint Management and Security Suite
Lumension Endpoint Management and Security Suite Patch and Remediation Module Evaluation Guide July 2012 Version 1.1 Copyright 2009, Lumension L.E.M.S.S:LPR - Table of Contents Introduction... 3 Module
More informationFact Sheet IPR management in software development
European IPR Helpdesk Fact Sheet IPR management in software development The European IPR Helpdesk is managed by the European Commission s Executive Agency for Competitiveness and Innovation (EACI), with
More informationAgenda. Introduction: Objective and Purpose Due Diligence V Audit Need of Due Diligence Scope of Due Diligence Approach Report Conclusion.
Due Diligence For Transactions 1 Agenda Introduction: Objective and Purpose Due Diligence V Audit Need of Due Diligence Scope of Due Diligence Approach Report Conclusion PwC 2 Introduction: ti Objectives
More informationPCI DSS COMPLIANCE DATA
PCI DSS COMPLIANCE DATA AND PROTECTION EagleHeaps FROM CONTENTS Overview... 2 The Basics of PCI DSS... 2 PCI DSS Compliance... 4 The Solution Provider Role (and Accountability).... 4 Concerns and Opportunities
More informationBusiness Acquisition Process
Ilse De Loof Business Acquisition Process Target Identification Engagement Due Diligence Negotiation of the transaction Closing Implementation & transition Phase 1: Target identification Deal teams Key
More informationS24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma
S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma Governance, Risk, Compliance (GRC) Automation Siamak Razmazma Siamak.razmazma@protiviti.com September 2009 Agenda Introduction to
More informationService Catalog. it s Managed Plan Service Catalog
Service Catalog it s Managed Plan Service Catalog 6/18/2012 Document Contents Contents Document Contents... 2 Overview... 3 Purpose... 3 Product Description... 3 Plan Overview... 3 Tracking... 3 What is
More informationConnecting the dots from automated software discovery to asset management
Connecting the dots from automated software discovery to asset management Drive Business Value with Service & Portfolio Management PS113SN Connecting the dots from automated software discovery to asset
More informationRisk and Controls 101
Risk and Controls 101 Agenda What is a Risk and Control? Controls 101 What is Risk and Control? Control Types Control Execution Control Categories A-123 Process here at LBNL Wrap-up Process Risk Map Control
More informationPart 1: A Comprehensive Approach to Operational Due Diligence
A Primer on Fund of Hedge Fund Risk Management* Part 1: A Comprehensive Approach to Operational Due Diligence Part 1: A Comprehensive Approach to Operational Due Diligence Introduction Since the launch
More informationThe Benefits of Utilizing a Repository Manager
Sonatype Nexus TM Professional Whitepaper The Benefits of Utilizing a Repository Manager An Introduction to Sonatype Nexus TM Professional SONATYPE www.sonatype.com sales@sonatype.com +1 301-684-8080 12501
More informationChapter 3 Software. Computer Concepts 2013. 3 Chapter Contents. 3 Section A: Software Basics 13-09-27
Chapter 3 Software Computer Concepts 2013 3 Chapter Contents Ø Section A: Software Basics Ø Section B: Office Suites Ø Section C: Installing Software and Upgrades Ø Section D: Buying Software Ø Section
More informationCopyright 11/1/2010 BMC Software, Inc 1
Copyright 11/1/2010 BMC Software, Inc 1 Copyright 11/1/2010 BMC Software, Inc 2 Copyright 11/1/2010 BMC Software, Inc 3 The current state of IT Service How we work today! INCIDENT SERVICE LEVEL DATA SERVICE
More informationMAINTAINING COMPLIANCE AND MANAGING RISK IN OUTSOURCED ENGAGEMENTS. Nick Harrahill PayPal Global Security Operations
MAINTAINING COMPLIANCE AND MANAGING RISK IN OUTSOURCED ENGAGEMENTS Nick Harrahill PayPal Global Security Operations AGENDA Inception of an engagement The legal agreement Assessing the risk Customer call
More informationWhy this lecture exists ITK Lecture 12: Open Source & Cross Platform Software Development
Why this lecture exists ITK Lecture 12: Open Source & Cross Platform Software Development Methods in Image Analysis CMU Robotics Institute 16-725 U. Pitt Bioengineering 2630 Spring Term, 2006 Successfully
More informationPresentation to the ACC Information Technology & Ecommerce Committee June 5, 2008
Cloud Computing: What to Ask When the Clouds Roll In Presentation to the ACC Information Technology & Ecommerce Committee June 5, 2008 Randall S. Parks and James A. Harvey, Partners and Co-Chairs, and
More informationA Method for Open Source License Compliance of Java Applications
FOCUS: Software Engineering for Compliance A Method for Open Source Compliance of Java Applications Daniel M. German, University of Victoria Massimiliano Di Penta, University of Sannio // Kenen is a semiautomatic
More informationSoftware Package Document exchange (SPDX ) Tools. Version 1.2. Copyright 2011-2014 The Linux Foundation. All other rights are expressly reserved.
Software Package Document exchange (SPDX ) Tools Version 1.2 This document last updated March 18, 2014. Please send your comments and suggestions for this document to: spdx-tech@fossbazzar.org Copyright
More informationManaging Open Source Software 2010: Best Practices
Managing Open Source Software 2010: Best Practices Mark Radcliffe, Partner DLA Piper, Silicon Valley Office mark.radcliffe@dlapiper.com www.lawandlifesiliconvalley.com/blog DLA Piper 3,500 attorneys Top
More informationWhite Paper. Information Security -- Network Assessment
Network Assessment White Paper Information Security -- Network Assessment Disclaimer This is one of a series of articles detailing information security procedures as followed by the INFOSEC group of Computer
More informationSimplify the Complexity of Managing 3rd Party Anti-Bribery / FCPA Compliance
Simplify the Complexity of Managing 3rd Party Anti-Bribery / FCPA Compliance Arm Stakeholders with Critical Information to Assess 3rd Party Relationships and Comply with the Foreign Corrupt Practices Act
More informationLeveraging Open Source / Freeware Solutions
Leveraging Open Source / Freeware Solutions Dean Pfoutz (CFE) Information Technology Director Indian River County Property Appraiser dpfoutz@ircpa.org (772) 226-1555 Objectives Understand the Open Source
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationIntellectual Property in M&A
Intellectual Property in M&A October 23, 2015 Dallas Bar Association IP Section Steve Stein, Jesse Betts, Craig Carpenter Thompson & Knight LLP Today s Topics Steps in M&A Transactions Drivers in M&A Transactions
More informationSchedule of Third Party Terms
Scope of this Document Schedule of Third Party Terms This document addresses terms and conditions relating to Third Party Component Terms and Bundled Third Party Products. These terms are defined in the
More informationOpen is as Open Does: Lessons from Running a Professional Open Source Company
Open is as Open Does: Lessons from Running a Professional Open Source Company Leon Rozenblit, JD, PhD Founder and CEO at Prometheus Research, LLC email: Leon@PrometheusResearch.com twitter: @leon_rozenblit
More information"Build and Test in the Cloud "
W5 Class 11/17/2010 10:00:00 AM "Build and Test in the Cloud " Presented by: Darryl Bowler CollabNet Brought to you by: 330 Corporate Way, Suite 300, Orange Park, FL 32073 888 268 8770 904 278 0524 sqeinfo@sqe.com
More informationYour Cloud, Your Data, Your Way! owncloud Overview. Club IT - Private and Hybrid Cloud. Austrian Chambers of Commerce Vienna, January 28th, 2014
Your Cloud, Your Data, Your Way! owncloud Overview Club IT - Private and Hybrid Cloud Austrian Chambers of Commerce Vienna, January 28th, 2014 owncloud s Mission owncloud allows IT organizations to deliver
More information