Jan 29, 2020 - 01:09 AM
To clarify packaging - you mean you will handle SW to the 3r party (separate company), which will not use the software itself at all. They will only create package, which will be later installed on your HW for use by your employees for your benefit only.
In case of audit, you and your computers will be audited, not the 3rd party. So they are out of scope.
In case 3rd party gets audited, they should not have any SW installed or use it. Once package is done, sources should be deleted. If not, it is not your problem.
It is kind of grey zone, but SW will be used only for your business operations and benefit and you will not provide service to any other company.
Hope it helps...
Jan 29, 2020 - 02:08 AM
Thanks for the answer - that was exactly what I mean.
Good points regarding the scope of the audit - I see why this would probably not pop-up in an license audit. But as you mention, it is a grey zone and may have an impact - altough it seems that the risk is quite low.
Feb 02, 2020 - 10:50 PM
- Many agreements allow use by a 3rd party as long as it is for the sole benefit of the licensee. In this case you should be fine, but your contract with the outsourcer needs to make sure it is clear that they cannot re-use the software packages created, for example to provide to another customer
- Where 3rd parties are not included in your use rights; then the simple act of making the binaries available to them will likely be a breach of your agreement. To provide them the binaries, you would need to make a copy, and licensing "Copyright" is what your license agreements are all about.