OPEN SOURCE AND CODE REUSE EXCEPTIONS - 4984.2

(New: 05/2018)

Nothing in SAM Section 4984 shall be construed to require Agencies/state entities to make custom developed-code available as Open Source, if, on the facts of the particular case, disclosure of that code would reveal vulnerabilities to, or otherwise increase the potential for an attack on, an information technology system of an Agency/state entity.

The exceptions provided below may be applied, in specific instances, to exempt an Agency/state entity from sharing custom-developed code with other Agencies/state entities. Any exceptions used must be approved and documented in the enterprise code inventory by the Agency/state entity’s Chief Information Officer (CIO) for the purposes of ensuring effective oversight and management of information technology resources.

Applicable exceptions are as follows:

  1. The sharing of the source code is restricted by law or regulation, including—but not limited to—patent or intellectual property law, the Export Asset Regulations, the International Traffic in Arms Regulation, and the Federal laws and regulations governing classified information;
  2. The sharing of the source code would create an identifiable risk to the detriment of national security, confidentiality of Government information, or individual privacy;
  3. The sharing of the source code would create an identifiable risk to the stability, security, or integrity of the Agency/state entity’s systems or personnel;
  4. The sharing of the source code would create an identifiable risk to the Agency/state entity’s mission, programs, or operations.

Revisions

No Revisions for this item.

Search Entire Manual

Print Entire SAM Manual