II.
Workflow overview
Reference · liveworkflow:license-compliance-audit
License Compliance Audit overview
Scans all third-party dependencies and transitive licenses for compliance with corporate license policy — generating SBOM reports, flagging copyleft contamination risks, and tracking exception approvals. Excludes contract negotiation.
Attributes
displayName
License Compliance Audit
workflowKind
governance
triggerType
scheduled
typicalCadence
quarterly
complexity
cross-team
description
Scans all third-party dependencies and transitive licenses for compliance
with corporate license policy — generating SBOM reports, flagging copyleft
contamination risks, and tracking exception approvals. Excludes contract negotiation.
Outgoing edges
applies_to_domain2
- domain:software-engineering·DomainSoftware Engineering
- domain:security·DomainSecurity
involves_role2
- role:license-auditor·RoleLicense Auditor
- role:security-reviewer·RoleSecurity Reviewer
performed_by_org_unit2
- org-unit:open-source-program-office·OrgUnitOpen Source Program Office
- org-unit:engineering·OrgUnitEngineering
requires_skill_area1
- skill-area:gitops·SkillAreaGitOps Skill Area
triggers_responsibility2
- responsibility:dependency-audit·ResponsibilityDependency audit
- responsibility:run-security-scans·ResponsibilityRun security scans
Incoming edges
None.