KKStream’s parent company, KKCompany, today received the first OpenChain ISO / IEC 5230 international open source third-party certification in Taiwan. KKCompany is cooperating with Open Culture Foundation (OCF) and Bureau Veritas to successfully meet certification requirements. Together with KKBOX, KKStream, and other relevant business units in the group, KKCompany delivers innovative products and services with open source technologies. It also sponsors open source communities and incentivizes employees to contribute their technical experiences. KKCompany will continue to support communities. With open and sharing in mind, it is committed to a trustworthy software supply chain and an open source ecosystem with technology partners.
“KKCompany believes in the power of technology to provide solutions and tackle challenges faced by various industries today,” said KKCompany Group President & COO Steve Wang. “Empowering creators has always been the core of our philosophy. We value the creations of creators and developers. This OpenChain ISO/IEC 5230 certification further demonstrated our commitment to creators and developers.”
The OpenChain Project was established in 2016 by The Linux Foundation. Its mission is to increase trust in the global supply chain around the use of open-source software. The project is best known for developing ISO/IEC 5230, the International Standard for open source license compliance. The ISO/IEC standard, released in 2020, has helped to make process for managing open sources more effective and efficient, reducing resources spent and increasing the speed of products to market.
“KKCompany’s OpenChain ISO/IEC 5230 third-party certification underlines their commitment to operating a quality open source compliance program,” said Shane Coughlan, OpenChain General Manager, “The processes they have adopted provide substantial benefit in reducing errors, fixing any issues that arise, and decreasing time spent bringing products and services to market. KKCompany is the first company in Taiwan to obtain third-party certification, a step that illustrates how they value creator rights and support open source technologies. With leadership from companies like KKCompany, we aspire to expand our coverage in Asia further into the supply chain, and promote excellence in open innovation.
As supply chains in tech industries become fragmented, vertical and horizontal collaborations have become the norm. Enterprises need to monitor if their source codes comply with licensing terms, and also ensure compliances from suppliers. With OpenChain ISO/IEC 5230 and third-party audits, it is possible to integrate open source compliance into business processes. This practice reduces risks on operation and reputation, and manages software components easier.
OCF has been promoting open source codes for years. “Open source codes do not ‘reinvent the wheel’,” said OCF Chief Executive Officer Singing Li. “Open and sharing are a global trend that enhances enterprise development efficiency. OCF serves as an advisor to KKCompany in the OpenChain ISO/IEC 5230 certification process. We support the group to pass compliance and audit requirements. It’s a milestone for Taiwanese companies to align with international industry chains.”
OpenChain ISO/IEC 5230 is the first and only International Standard for open source license compliance. The standard allows companies of all sizes and sectors to adopt the key requirements of a quality open source compliance program in order to reduce inherent risk in supply chain management.
Pascal LE-RAY, the General Manager of Bureau Veritas Consumer Products Services Technology Taiwan, said, “Bureau Veritas has become the first OpenChain certifier in Greater China in 2021. We are delighted to have this opportunity to support KKCompany to successfully obtain the first ISO/IEC 5230 Certificate in Taiwan, which demonstrates that KKCompany’s capabilities in open source application is not only proven, but also effectively enhances the sense of trust within the industry. This cooperation represents collaboration between Bureau Veritas’ deep expertise and experience, and KKCompany’s effective compliance practices. Furthermore, OpenChain aids open source transparency by using software bill of material to identify and manage security vulnerabilities that synergize with cybersecurity standards to reduce compliance and security risks effectively. We look forward to continuing to promote the development of open source technology and develop an open source ecosystem in the future.”