Risk Assessments

Expand all | Collapse all

Open Source

  • 1.  Open Source

    Posted 07-22-2020 01:42 PM
    Could anyone please share how your company deals with Open source development software?

    Is your Sourcing and Vendor Management Department involved?

    I appreciate any and all comments.

    Dr. Jayne Suess

  • 2.  RE: Open Source

    Posted 07-23-2020 08:21 AM
    Open source software is vetted by IT Security, once approved the vendor is added to the portfolio in our vendor Risk Management tool and subject to the due diligence appropriate to the risk rating assigned.  From experience, these vendors are rated Minor.