Skip to main content

3rd-party Software Owner

The 3rd-party software owner is responsible for monitoring and maintaining 3rd-party software and open-source used in the development of PCP products.

Description

ABB PCP uses 3rd-party software, tools, and open-source components in the development of new products and systems. The software needs to be monitored and maintained for updates, security, export control, and other lifecycle issues.

The 3rd-party software owner monitors the status of software from suppliers. It includes software integrated into ABB PCP products and the tools used in product development. He/she also evaluates risks with open-source licenses and makes sure no legal aspects prevent a release.

The 3rd-party software is registered in Decision Focus, where lifecycle aspects, costs, and other issues are tracked. For open source, the source code is scanned by Black Duck provided by the OCC team.

The 3rd-party software owners need to collaborate with streams and teams in PCP to make sure actions are planned in increments and iterations to address any issues.

There must be one or more 3rd-party software owners in a development stream and at least one in a system stream. The role can be shared with other roles (e.g., the release owner is also responsible for 3rd-party software, and the product owner initiates OSS scans and reviews the result).

Responsibilities

  • Drive investigations of new 3rd-party software needs.
  • Monitor 3rd-party software lifecycle and security vulnerabilities, and security updates, and initiate new versions and updates.
  • Maintain 3rd-party software and suppliers database in Decision Focus (agreements, licenses, etc.).
  • Identify and mitigate risks for open-source licenses, operations, and cyber security.
  • Ensure the 3rd-party processes are followed in streams.
  • Participate in the continuous improvement of 3rd-party processes, practices, and tools.
  • Give support to the organization about 3rd-party.
  • Ensure export control classification numbers (ECCNs) are received from 3rd-party software vendors and updated in Decision Focus.