What are the possibilities for Audit and Risk reporting?
Proactively: configuring dedicated OSS policies (to automatically approve/reject specific libraries/licenses/vulnerabilities/severities, to trigger an action items for certain libraries/licenses/vulnerabilities).
Reactively: generating the corresponding reports for the existing OSS inventory