Skip to main content

Collaboration Starts Here

Join the ORC
Working Group

The Open Regulatory Compliance (ORC) Working Group brings together key stakeholders from industry, small and medium enterprises (SMEs), research institutions, and open source foundations. Together, they collaborate to establish best practices for ensuring that open source software development meets regulatory requirements across various domains, including cybersecurity, AI, and industry-specific directives.

Why Join ORC?

Stay Ahead of Evolving Regulation

Receive early insights into compliance requirements under the Cyber Resilience Act (CRA) and similar frameworks to reduce risks associated with non-compliance, including potential fines and product recalls.

Shape the Future of Compliance Standards

Collaborate with policymakers, standards bodies, and industry leaders to ensure fair and practical compliance guidelines to help harmonise compliance efforts across industries to reduce regulatory burdens.

Protect Open Source Development

Work with a vendor-neutral community to develop security best practices that align with open source principles, ensuring that compliance solutions respect the realities of open source software development.

Learn more about ORC’s mission and governance in the ORC Working Group Charter.

Who Should Join?

ORC membership is open to organisations and individuals invested in open source software security and regulatory compliance, including:

Manufacturers & Software Vendors

Navigate compliance obligations, reduce business risks, and ensure regulatory alignment.

Open Source Stewards & Foundations

Influence compliance standards while protecting the open source ecosystem.

Developers &
Maintainers

Understand CRA requirements and access tools to support secure software development.

Investing in Open Regulatory Compliance

Membership Levels and Benefits

Strategic Member

Organisations that view this Working Group's standards, specifications and technologies as strategic to their organisation and are investing significant resources to sustain and shape the activities of this working group.

€10 000 - €50 000
(Based on corporate revenue)

Participant Member

Participant Members are typically organisations that deliver products or services based upon related standards, specifications and technologies, or view this working group’s standards and technologies as strategic to their organisation.

€0 - €20 000
(Based on corporate revenue)

Foundation Member

Recognised non-profits hosting open source projects under an OSI-approved license. Must be an Eclipse Foundation member at any level.

No Fee

Guest Member

Guest Members are Associate members of the Eclipse Foundation, such as universities or research centers, who participate in meetings by invitation, but do not have voting rights.

No Fee

For more details on membership fees, review the Participation Agreement.

The CRA will impact open source users and producers alike. Legislators will benefit from the brain trust of open source organisations that Eclipse has brought together to ensure that the legislation is crafted in a way that protects all parties. The Apache Software Foundation is committed to safeguarding our digital future by addressing the multifaceted challenges of cybersecurity in the open source ecosystem, and cooperating with and implementing the CRA.

David Nalley, President of the Apache Software Foundation

We support the mission of the Open Regulatory Compliance Working Group to help shape the future of secure software development in Europe, together with the European Commission, Open Source foundations and other industry players.

Jochen Strenkert, Chief Engineer MB.OS

Open source communities and the software they produce are ever more important for the whole industry. This is exactly why for Nokia the wellbeing and sustainability of the open source communities is paramount. We are looking forward to working as part of the community to ensure getting the best possible outcome of the EU CRA for everybody.

Jonne Soininen, Head of Open Source Initiatives

Compliance with the Cyber Resilience Act and other upcoming legislation poses a new challenge for the Open Source community. The Open Regulatory Compliance Working Group gives us an opportunity to find solutions together, and to work with lawmakers and regulatory bodies to help them better understand Open Source.

Stefano Maffulli, Executive Director

Join ORC Today

By becoming an ORC member, you’ll gain access to essential compliance resources, regulatory engagement opportunities, and a community of experts dedicated to protecting open source innovation.

Is your organisation ready to become a member?

Join now

Questions? Need help with your application? Complete the form below to contact us.

Contact Us About Membership

Back to the top