Educational Output Best Practice
training-manager This is a completed example of the three outputs generated by the agent.
Use it to check missing items by comparing it with your output/training/ file.
Go to reference: Education System Chapter Guide
Open source education curriculum
Document: curriculum.md
- Company Name: Tech Unicorn
- Version: 1.0
- Written date: 2026-03-23
- Basic policy:
output/policy/oss-policy.md - Education type: Mixed (online self-paced + offline group)
- Proof Level: For certification submission (OpenChain self-certification)
Related Standards
- 5230 §3.1.2·§3.1.3
- 18974 §4.1.2·§4.1.3
Status of training targets
| Occupation | Personnel | Education priorities |
|---|---|---|
| Developer | 1,000 people | Essential (Advanced) |
| Operations | 100 people | Required (default) |
| Administrator | 10 people | Required (Policy/Risk) |
| Total | 1,110 people | — |
Curriculum by occupation
A. Developer course (1,000 people)
Related Standards
- 5230 §3.1.2.1
- 18974 §4.1.2.1
Goal: License identification, SBOM generation, and vulnerability response autonomously performed in practice
| module | Subjects | form | time | Required/Optional |
|---|---|---|---|---|
| M1 | Open source licensing basics (MIT·Apache·GPL·LGPL·AGPL) | Online Autonomy | 2h | Required |
| M2 | Understanding Tech Unicorn open source policy | Online Autonomy | 1h | Required |
| M3 | SBOM creation practice (Syft, CycloneDX) | offline set | 3h | Required |
| M4 | vulnerability scanning and CVE response practice | offline set | 2h | Required |
| M5 | License obligations by distribution channel (SaaS, App Store, Embedded) | Online Autonomy | 1.5h | Required |
| M6 | Open source contribution process | Online Autonomy | 1h | Select |
| Total | — | — | 10.5h (required 9.5h) | — |
Completion criteria: Completion of all required modules + 70 points or higher in online evaluation Offline meeting: Once a quarter, 50 people per team
B. Administrator course (10 people)
Related Standards
- 5230 §3.1.2.1
- 18974 §4.1.2.1
Goal: Securing policy approval, risk judgment, and compliance reporting capabilities
| module | Subjects | form | time | Required/Optional |
|---|---|---|---|---|
| M1 | Open source compliance overview and risks | Online Autonomy | 1.5h | Required |
| M2 | Tech Unicorn open source policy and KPI | Online Autonomy | 1h | Required |
| M3 | ISO/IEC 5230·18974 Self-certification procedure | offline set | 2h | Required |
| M4 | Risk management and incident response system | offline set | 1.5h | Required |
| M5 | External delivery/supply chain security management | Online Autonomy | 1h | Required |
| Total | — | — | 7h | — |
Completion criteria: Completion of all modules + Attendance of offline workshop Offline Meeting: Once a year, for all administrators
C. Operation/Other Courses (100 people)
Related Standards
- 5230 §3.1.3.1
- 18974 §4.1.3.1
Goal: Raise awareness of open source use, understand basic rules
| module | Subjects | form | time | Required/Optional |
|---|---|---|---|---|
| M1 | What is open source (awareness training) | Online Autonomy | 30min | Required |
| M2 | Summary of the company's open source policy | Online Autonomy | 20min | Required |
| M3 | Violations and reporting procedures | Online Autonomy | 10min | Required |
| Total | — | — | 1h | — |
Completion Criteria: Completion of all modules (no assessment)
Planning your training schedule
| branch | target | Course | Remarks |
|---|---|---|---|
| 2026-Q2 | Operation 100 people | C course (online) | Bulk opening in May |
| 2026-Q2 | 10 managers | Course B (online + offline) | June group training |
| 2026-Q2~Q3 | 1,000 developers | Course A M1·M2·M5·M6 (online) | 250 people per quarter |
| 2026-Q3 | 250 developers (1st round) | Course A M3·M4 (offline) | 50 people × 5 times |
| 2026-Q4 | 250 developers (2nd round) | Course A M3·M4 (offline) | 50 people × 5 times |
| 2027-Q1 | 500 developers (3rd and 4th rounds) | Course A M3·M4 (offline) | 50 people × 10 times |
Training completion management
- Completion record:
output/training/completion-tracker.md - Storage of evidence: Certificate of completion/attendance book → Stored by the person in charge (in preparation for submission of OpenChain certification)
- Those who have not completed the course: Complete the supplementary course within 1 month after the end of the quarter
- Renewal cycle: Retake once a year (frequently when policy changes)
Training Completion Tracking Sheet
Document: completion-tracker.md
- Company Name: Tech Unicorn
- Version: 1.0
- Written date: 2026-03-23
- Proof Level: For certification submission (OpenChain self-certification)
- Management person in charge: DevOps team open source person in charge
Related Standards
- 5230 §3.1.2·§3.1.3
- 18974 §4.1.2·§4.1.3
How to use
- Completion date: Based on course completion date (YYYY-MM-DD)
- Status:
completed/In Progress/Not Completed - Proof: Enter certificate file name or attendance list number
- OpenChain When submitting certification, submit this sheet + supporting file in batches
A. Developer course (target: 1,000 people)
Below is a sample record. Please add a row for actual completion.
| Name | Department | Occupation | M1 Online (2h) | M2 Online (1h) | M3 Offline (3h) | M4 Offline (2h) | M5 Online (1.5h) | All Soo-il Lee | status | Proof |
|---|---|---|---|---|---|---|---|---|---|---|
| Hong Gil-dong | Platform Development Team | Developer | ✓ | ✓ | ✓ | ✓ | ✓ | 2026-09-15 | Done | CERT-DEV-001 |
| Cheolsu Kim | Cloud Development Team | Developer | ✓ | ✓ | — | — | ✓ | — | In progress | — |
| (name) | (Department) | Developer | Miisu | — |
Summary of completion status
| Item | figures |
|---|---|
| total target | 1,000 people |
| Done | 0 people |
| In progress | 0 people |
| Miisu | 1,000 people |
| completion rate | 0% |
B. Administrator course (target: 10 people)
| name | Position | M1 Online (1.5h) | M2 Online (1h) | M3 Offline (2h) | M4 Offline (1.5h) | M5 Online (1h) | All Soo-il Lee | status | Proof |
|---|---|---|---|---|---|---|---|---|---|
| Younghee Lee | DevOps Team Leader | ✓ | ✓ | ✓ | ✓ | ✓ | 2026-06-30 | Done | CERT-MGR-001 |
| (name) | (position) | Miisu | — |
Summary of completion status
| Item | figures |
|---|---|
| total target | 10 people |
| Done | 0 people |
| In progress | 0 people |
| Miisu | 10 people |
| completion rate | 0% |
C. Operation/Other Courses (Target: 100 people)
| name | Department | Occupation | M1 Awareness Training (30min) | M2 Policy Summary (20min) | M3 reporting procedure (10min) | Soo-il Lee | status | Proof |
|---|---|---|---|---|---|---|---|---|
| Jisu Park | IT Operations Team | Operations | ✓ | ✓ | ✓ | 2026-05-20 | Done | CERT-OPS-001 |
| (name) | (Department) | Operations | Miisu | — |
Summary of completion status
| Item | figures |
|---|---|
| total target | 100 people |
| Done | 0 people |
| In progress | 0 people |
| Miisu | 100 people |
| completion rate | 0% |
Total completion status (integrated)
| Occupation | target | Done | completion rate | Goal |
|---|---|---|---|---|
| Developer | 1,000 people | 0 people | 0% | 100% |
| Administrator | 10 people | 0 people | 0% | 100% |
| Operations | 100 people | 0 people | 0% | 100% |
| Total | 1,110 people | 0 people | 0% | 100% |
Policy KPI: Open source-related occupations Completed at least once a year (
output/policy/oss-policy.md§3)
Change history
| version | Date | Changes | Posted by |
|---|---|---|---|
| 1.0 | 2026-03-23 | Originally written | DevOps Team Open Source Manager |
List of free educational resources
Document: resources.md
- Company Name: Tech Unicorn
- Version: 1.0
- Written date: 2026-03-23
Related Standards
- 5230 §3.1.2·§3.1.3
- 18974 §4.1.2·§4.1.3
Recommended usage
- Use the free resources below in conjunction with online self-study modules (A·B·C courses)
- The certificate issuance process can be submitted directly as proof of OpenChain certification.
1. OpenChain Official Training Materials
| Resources | target | form | Certificate | Link |
|---|---|---|---|---|
| OpenChain e-Learning | All occupations | Online Autonomy | None | https://www.openchainproject.org/resources |
| OpenChain Curriculum | Developer/Administrator | Slides/Documents | None | https://github.com/OpenChain-Project/curriculum |
| OpenChain Reference Materials | Administrator | document | None | https://www.openchainproject.org/resources |
Curriculum connection: Developer M1·M2, Administrator M1·M2 supplementary materials
2. Linux Foundation Course
| Course name | Course Code | target | time | Certificate | Link |
|---|---|---|---|---|---|
| Open Source Compliance in the Enterprise | LFC193 | Developer/Administrator | ~3h | Available (free) | https://training.linuxfoundation.org/training/open-source-compliance-in-the-enterprise/ |
| Open Source Licensing Basics for Software Developers | LFD106x | Developer | ~3h | Available (free) | https://training.linuxfoundation.org/training/open-source-licensing-basics-for-software-developers/ |
| Secure Software Development Fundamentals | LFD121 | Developer | ~12h | Available (free) | https://training.linuxfoundation.org/training/developing-secure-software-lfd121/ |
| Kubernetes and Cloud Native Security Associate | — | Operations | — | Paid | — |
Curriculum Linkage:
- LFC193 → Developer M2, Administrator M1·M2 key data
- LFD106x → Developer M1 core data
- LFD121 → Developer M4 supplementary material
Use of certificate: LFC193·LFD106x certificate can be used as proof of submission of OpenChain self-certification
3. SPDX Education
| Resources | target | form | Link |
|---|---|---|---|
| SPDX Specification official document | Developer | document | https://spdx.github.io/spdx-spec/ |
| SPDX Introductory Guide | Developer | document | https://spdx.dev/learn/ |
| SPDX How to use Tools | Developer | Documents/Tools | https://tools.spdx.org/ |
Curriculum Link: Developer M3 (SBOM Creation Practice) Reference Materials
4. Resources related to open source vulnerabilities
| Resources | target | Link |
|---|---|---|
| NVD (National vulnerability Database) | Developer/Administrator | https://nvd.nist.gov/ |
| OSV (Open Source Vulnerabilities) | Developer | https://osv.dev/ |
| CISA Known Exploited Vulnerabilities | Administrator | https://www.cisa.gov/known-exploited-vulnerabilities-catalog |
Curriculum connection: Developer M4, Administrator M4
5. Tools and Practice Materials
| Tools/Materials | Use | Link |
|---|---|---|
| Syft (Anchor) | SBOM creation practice | https://github.com/anchore/syft |
| Grype (Anchor) | vulnerability scanning practice | https://github.com/anchore/grype |
| CycloneDX Official Site | SBOM Understanding Standards | https://cyclonedx.org/ |
| FOSSA Blog | License Compliance Case | https://fossa.com/blog/ |
| REUSE Specifications | Source code license notation | https://reuse.software/ |
Curriculum connection: Developer M3·M4 practice tools
6. ISO/IEC 5230 · 18974 References
| Resources | Description | Link |
|---|---|---|
| OpenChain ISO/IEC 5230 Specification | License Compliance Standards | https://www.openchainproject.org/license-compliance |
| OpenChain ISO/IEC 18974 Specification | Security Assurance Standards | https://www.openchainproject.org/security-assurance |
| OpenChain Self-certification checklist | Certification Preparation | https://www.openchainproject.org/conformance |
Curriculum Linkage: Administrator M3 Core Resources
Resource Selection Guide
| Occupation | Priority Resources | Use of certificate |
|---|---|---|
| Developer | LFD106x → LFC193 → Syft Practice | Submit LFD106x + LFC193 certificate |
| Administrator | LFC193 → OpenChain Curriculum → ISO 5230/18974 Specification | Submit LFC193 certificate |
| Operations | OpenChain e-Learning | Replaced with completion record |