Tasks an Auditor Performs
Code Insight 6.14.2
An auditor has the job of analyzing evidence but not performing Intellectual Property (IP) compliance and vulnerability problem-solving actions. The general auditing and analysis steps are as follows:
|
1.
|
Setting up the workspaces to scan codebases for third-party materials |
|
2.
|
Scheduling scans and reports |
|
4.
|
Viewing scan and reports in the task queue |
|
6.
|
Choosing the workspaces to open and analyze |
|
7.
|
Opening and accessing scan results |
|
8.
|
Viewing different types of evidence (for example, source code fingerprint matches, exact files [digest] matches, copyright matches, license matches, string search term matches, Java name matches, etc.) |
|
9.
|
Organizing and viewing the codebase scan evidence |
|
10.
|
Analyzing the codebase scan evidence and constructing groups and components to represent detected inventory |
|
11.
|
Publishing groups as inventory |
|
12.
|
Managing a catalog of custom Open Source Software (OSS) material |
A general view of the auditor workflow is presented in the following diagram. If the scan is not providing you with the information you are seeking, you can re-configure the workspace and schedule a new scan to analyze.
