Establishing a reliable Open Source management system Kit
Software supply chain security and open source management from start to finish ISO/IEC 5230 & 18974 based enterprise open source management system construction exercise kit
What can you do with this kit?
New contacts with no experience in open source management can follow the kit to complete the **ISO/IEC 5230 **(License Compliance) and **ISO/IEC 18974 **(Security Assurance) self-certification declarations.
- Agent will automatically create **23 deliverables **for your situation
- **Achieve both standards at the same time **(save 40% on common base)
- Self-study
Quick start
Claude Code User (Recommended)
Bash
git clone https://github.com/trustedoss/trustedoss.github.io.git
cd trustedoss.github.io && claude
# "어디서 시작해야 해?" 입력
For Document-Only Readers
Read the left sidebar in the order Prepare your → experience. Just follow the **Next steps **link at the bottom of each chapter.
All chapters
| Chapters | Content |
|---|---|
| Overview | Map two standards overviews and checklists |
| Supply Chain Security | Software Supply Chain Security + SBOM Concept |
| 01 Environmental Preparation | Install Docker, Git, Claude Code |
| 02 Organization | Organizational structure and assignee |
| 03 Policies | Open Source Policies |
| 04 Process | Open Source Process Design |
| 05 tools | · Create SBOM · Manage SBOM · vulnerability |
| 06 Training | Establish training system |
| 07 Certification | Self-certification declaration |
| 08 Developer's Guide | Automatically comply with policy with Claude Code (optional) |
Learning Path
Self-study (8-12 hours)
Spend a few days on your own Fully read and practice the **Background **section of each chapter.
Start with → Getting Started