Software composition analysis: Difference between revisions

As SCA impacts different functions in organizations, different teams may use the data depending on the organization's corporation size and structure. The IT department will often use SCA for implementing and operationalizing the technology with common stakeholders including the chief information officer (CIO), the Chief Technology Officer (CTO), and the Chief Enterprise Architects (EA).<ref name=SBM_1>{{Citecite web| title=Software bill of materials: Managing software cybersecurity risks| author1=Bailey, T.| author2=Greis, J.| author3=Watters, M.| author4=Welle, J.| url=https://www.mckinsey.com/capabilities/risk-and-resilience/our-insights/cybersecurity/software-bill-of-materials-managing-software-cybersecurity-risks|title publisher=Software[[McKinsey bill& ofCompany]]| materials:date=19 ManagingSeptember software2022| cybersecurityaccess-date=6 risksJanuary 2024}}</ref> Security and license data are often used by roles such as Chief Information Security Officers (CISO) for security risks, and Chief IP / Compliance officer for Intellectual Property risk management.<ref>{{cite book |last=Popp |first=Karl Michael |author-link= |date= 30 October 2019|title= Best Practices for commercial use of open source software|url= https://books.google.com/books?id=w1a6DwAAQBAJ |publisher=BoD – Books on Demand, 2019 |page=10 |isbn=9783750403093}}</ref>