Lawyer course

Course #1

Open source compliance: identify, prevent and manage risks

Providing students with a 360° view of open source legal issues and risks. This course will enable students to acquire open source specific risk prevention & management best practices.

Target group

Chief legal officers, lawyers

Duration

1 day (7 hours)

Prerequisites

None

Course outline

Refresher on open Source

Definition & idiosyncrasies

Open source market

Corporate open source

First & second rank risks

Identify risks

Legal framework governing open source works

Licensor & licensee contractual rights & obligations

License compatibility

Hybrid business model issues & snares

Risk identification priorization

Prevent risks

Internal risk prevention: lawyer tools

Client risk prevention in the private sector

Client risk prevention and public procurement

Supplier risk prevention

Manage risks

Internal risk management

Client risk management

Supplier risk management

Course #2

Auditing software components and their licenses

Providing workshop students with a practical understanding of software developement, and a hands-on experience of technical & legal constraints of component integration. Students will discover software component auditing & learn by auditing a real-world software case.

Target group

Chief legal officers, lawyers

Duration

1 day (7 hours)

Prérequis

Formation « Identifier, prévenir et gérer les risques liés à l’Open Source » ou niveau équivalent

Plan de cours

Open source auditing challenges

Open source exploitation framework

Incompatibility risk prevention & management

Open source audit base

Merits & limits of automated tools

Open source licensing mechanisms

User rights

Copyleft & reciprocity

Additional duties

Compatibility definition

Focus on compatibility mechanisms

Bi-unique relationships

Express compatibility

Logical compatibility

Tutorial session 1

Auditing dependencies in a "bill of materials" file generated by a dependency manager tool

Development practices

Modular architectures

Technical dependencies and derivative works

Package managers & dependencies

Tutorial session 2

Auditing software module directories & identifying non-compliances

Analysing non-compliances & finding leads for correction

Tutorial session 3

Performing a full audit of a software program & identifying non-compliances

Analyzing non-compliances & finding leads to solve them