Mitigating the Risks of Open-Source Software

Although open-source software (OSS) poses a number of risks, financial services companies can take several steps to mitigate those risks, including developing robust policies, procedures and controls; obtaining certain representations and warranties when dealing with software developers; and conducting appropriate due diligence of OSS vendors and the software. The first article of this two-part series discussed how OSS is being used by financial services companies and analyzed the benefits and risks of OSS. The second article evaluated actions financial services companies can take to mitigate OSS risks, including policies, procedures and controls to adopt; ways to deal with third-party vendors; and due diligence. See also “How to Mitigate the Risks of Open-Source Software (Part One of Two)” (Oct. 25, 2017); Part Two (Nov. 8, 2017). 

To read the full article

Continue reading your article with a CSLR subscription.