September 19-21, 2023
Bilbao, Spain
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit Europe 2023 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central European Summer Time (UTC/GMT +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Back To Schedule
Thursday, September 21 • 11:00 - 11:40
A Milestone for Open Source Security: How the Brand New ISO 18974 Certification Looks Like and Why the ISO 5230 Supports as a Stepping Stone - Katharina Grauf & Marcel Scholze, PwC GmbH

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

This presentation will take a closer look at the certification process for the brand new ISO 18974 and show the parallels to ISO 5230. As such, the talk will highlight the additional requirements for a compliant Open Source Security Management System to enable attendees to initiate their ISO 18974 compliance program. ISO 5230 for Open Source Compliance Management has arrived in the industry - and it's here to stay. The standard marks a significant milestone in the industry that has attracted the attention of executives, legal departments, compliance managers and developers alike. In the form of explicit requests from customers, as a request to suppliers, or in the context of current legislation on IT management. Although they have been in circulation for nearly three years, many people are still uncertain about their correct application. Nonetheless, by complying with ISO 5230, companies can lay the foundation for certification to ISO 18974, which is essential to building a robust and secure supply chain. The certification process for the new ISO 18974 requires an in-depth understanding of Open Source Software, its potential vulnerabilities, and effective security measures to mitigate the associated risks.

avatar for Marcel Scholze

Marcel Scholze

Head of OSS Services, PwC GmbH
Marcel Scholze is a computer scientist and has more than 20 years of experience in the IT sector. 2007 Marcel joined PwC and since then has been involved in consulting and audit projects in the field of IT sourcing and Open Source Software. Today he is a Director at PwC and the Head... Read More →
avatar for Katharina Grauf

Katharina Grauf

Senior Associate OSS Services, PwC GmbH
Katharina Grauf is Senior Associate of the Open Source Services team at PwC Germany and is specialized in OSS Management and the design and implementation of respective governance systems. She has relevant expertise in the assessment and implementation of ISO conformant processes... Read More →

Thursday September 21, 2023 11:00 - 11:40 CEST
Room 3A (Floor 3)
  Open Source Leadership Summit
  • Presentation Slides Attached Yes