FOSS (Free and Open Source Software) - software subject to one or more licenses that meet the Open Source Definition published by the Open Source Initiative (OpenSource.org) or the Free Software Definition (published by the Free Software Foundation) or similar license.
FOSS Liaison - a designated person who is assigned to receive external FOSS inquires.
Identified Licenses - a set of FOSS licenses identified as a result of following an appropriate method of identifying such licenses.
OpenChain Conforming – a program that satisfies all the requirements of this specification.
Software Staff - any employee or contractor that defines, contributes to or has responsibility for preparing Supplied Software. Depending on the organization, that may include (but is not limited to) software developers, release engineers, quality engineers, product marketing and product management.
SPDX or Software Package Data Exchange – the format standard created by the SPDX Working Group for exchanging license and copyright information for a given software package. A description of the SPDX specification can be found at ww.spdx.org.
Supplied Software – software that an organization delivers to third parties (e.g., other organizations or individuals).
Verification Artifacts - evidence that must exist in order for a given requirement to be considered satisfied.