Creating a 'level playing field' for open source software
options in IT selection and procurement http://oss-watch.ac.uk
@osswatch Slide 2 1. Strategy Slide 3 What Are We Talking About?
Slide 4 Free Software "Free as In Freedom" 1) The freedom to run
the program, for any purpose 2) The freedom to study how the
program works, and adapt it to your needs 3) The freedom to
redistribute copies so you can help your neighbour 4) The freedom
to improve the program, and release your improvements to the
public, so that the whole community benefits Slide 5 Open Source
Freely Redistributable Source Code Included Derived Works Permitted
Integrity of Author Source Code No Discrimination Against Persons
or Groups No Discrimination Against Fields of Endeavor Distribution
of License License Must Not Be Specific to a Product (or
distribution) License Must Not Restrict Other Software License Must
Be Technology-Neutral (no 'click wrap') Slide 6 Open Development
Free/Open Source Software (FOSS) just refers to the licence Open
Development refers to projects which are developed with engagement
and contribution from communities, which promotes sustainability.
Not all FOSS software is produced by Open Development, e.g.
Android, MySQL Slide 7 Why does this matter? Slide 8 Sustained
Value Total Cost of Ownership (TCO) is often (although not
necessarily) lower for FOSS solutions No license fees to pay when
purchasing/upgrading Open market for service providers Option to
provision some or all of the solution yourself Slide 9 Sustained
Value Sustainability Risk Management What if the company
disappears? What if the software is bought and killed off? What is
the exit strategy? Transparency of open development makes judging
"health" of a project easier Slide 10 Meeting User Needs No
restrictions on your use of the software Design your own trials and
pilots Make changes (or have them made) Share the costs of niche
requirements with others in the community Access to the "best of
breed" solutions Slide 11 Case Studies Department for Culture,
Media and Sport Replaced proprietary intranet platform with open
source Wordpress Procured development services from and SME through
G-Cloud Developed the new system through an iterative process
Solution realised for 15k, with ongoing monthly costs in the
hundreds, a 90% saving Slide 12 NHS Developing Spine2
communications infrastructure using Riak database in place of
current Oracle solution Riak chosen "to deliver a more flexible and
resilient solution" No major proprietary solutions in Riak's field
Riak developed by Basho, Spine2 being developed by BJSS, engaged
through G-Cloud Case Studies Slide 13 City of Munich Migrated all
municipal systems from Microsoft software to FOSS Switch instigated
by end-of-life of existing products, and the prospect of further
lock-in in the future Migrating office documents and apps costs
200k more than if they'd upgraded to newer MS Windows However, 6.8m
saved on licensing costs Total savings exceeded 10m, although "Our
main goal was to become independent" Case Studies Slide 14 French
Profile Gendarmerie Nationale switched 37,000 Windows Desktops to
Ubuntu Linux, with double that due to by migrated by summer 2014.
Lowered TCO by 40%, 2m per year "Using Ubuntu Linux massively
reduces the number of local technical interventions" ongoing
savings made on support costs Case Studies Slide 15 2. Policy Slide
16 Agnostic Don't mention "open source" Has its merits, avoids
creating "Fear, Uncertainty and Doubt" "Open source software, while
it can be useful in many instances and appear to be cost effective,
may present a security risk because open source developers dont
typically follow security best practices when developing their
software." - IRS Memorandum on use of FOSS Relies on
already-instilled culture to be effective Slide 17 Agnostic Don't
mention "open source" Has its merits, avoids creating "Fear,
Uncertainty and Doubt" Relies on already-instilled culture to be
effective "Open source Software, while it can be useful in many
instances and appear to be cost effective, may present a security
risk because open source developers dont typically follow security
best practices when developing their software." Slide 18 Equal
consideration Require that both open source and proprietary
solutions are considered on a level playing field "The Government
will actively and fairly consider open source solutions alongside
proprietary ones in making procurement decisions" - UK Cabinet
Office Open Source Policy Encourages an awareness of open source
options Need to put in place a process for ensuring that solutions
can be considered equally Need to monitor the procurement process
to ensure that such a policy is followed Slide 19 Preferential
Explicitly prefer open source solutions "Where there is no
significant overall cost difference between open and non-open
source products that fulfil minimum and essential capabilities,
open source will be selected on the basis of its inherent
flexibility." - UK Government Digital By Default Service Manual
Maximises the advantage taken of the inherent benefits of open
source Particularly relevant when selecting technologies for
development of new software and services Slide 20 3. Process Slide
21 Levels of Engagement Deep Engagement Shallow Engagement Pure
Procurement CustomisationContribution Leadership Slide 22 Selection
and Procurement Does the traditional IT procurement process work
against open source? RFQ/RFPs require investment from the seller,
recouped from subsequent licensing and mandatory support fees.
Companies offering support for OSS typically lack a sales team
working overtime to understand, master, and win procurement
competitions. Pre-sales trials and installations are also at cost
to the vendor. For closed source, this can be recouped in later
fees. For open source, its not clear how this would happen Slide 23
Active Pre-Procurement How do we ensure a good range of solutions
are considered if we dont get responses to RFPs for some of the
best options? One answer is to spend more effort identifying and
analysing potential solutions available before issuing RFPs/RFQs.
An open relatively free-form open RFI could be followed by a closed
RFP. SSMM is a methodology developed by OSS Watch involving
iterative evaluation and selection phases Open Source Options (CO)
and Open Source Options for Education (OSSWatch) are resources to
help identify candidate solutions Slide 24 Paid Discovery Stage
Include a budget for a paid discovery stage for OSS candidates In
other words, engage potential OSS vendors commercially - or fund an
in-house team - to help answer all of the same questions you may be
expecting from closed-source vendors as part of their pre-sales
activity Example: Moodle vs. Blackboard competition, University of
Bolton Slide 25 Unbundling Pre-RFP The pre-procurement analysis
process can be used to identify ways to unbundle solutions For
example, pre-procurement may identify an OSS product such as Drupal
as the best-fit, and then go to RFP for customisation and support
services. Slide 26 Unbundling Post-RFP In some cases there are
options to unbundle parts of a proposal (services, applications,
middleware, database, infrastructure) and to ask the supplier to
consider open source alternatives If open alternatives are not
considered possible (e.g. it only works on SQL Server) this needs
to be considered as a lock-in risk Slide 27 Parallel Purchasing It
may be worth considering parallel processes - and parallel RFPs -
for closed-source and open- source procurement and then comparing
the outcome of each in a runoff An example of parallel procurement
is the Swedish public sector framework, ppna programvaror However,
the argument can be made that better value can be realised by a
combined process where considerations are balanced e.g. looking at
how areas such as lock-in and exit strategy are considered versus
sustainability Slide 28 Evaluating Sustainability Sustainability
involves asking questions like: Is anyone else using it? Is anyone
around to fix issues/apply patches? -Can I buy services and support
for it? -Will it be around in 5 years time All software solutions
should be evaluated for sustainability. However, for open source
the process is different from closed source For OSS much more of
the data needed is publicly available, and tools exist to help
analyze it, from informal guidance- driven models to complex
frameworks such as QSoS and BRR For closed source were more reliant
on company-provided evidence Slide 29 Slide 30 Deep Engagement
Slide 31 request for partnership If there are no clear existing
solutions, can we procure a partnership to collaborate on a
solution? For example, an existing project may be the best fit, but
still requires additional investment in software development to
support the user requirements. Often in the past this has been
externally funded as projects e.g. Jisc, EC, and in some cases
subcontracted to development partners e.g. Cottage Labs Slide 32
Evaluating openness Where a solution requires development
(partnership or internal) another key factor to evaluate is
openness The OSS Watch Openness Rating is a simple tool for
measuring how open an open source project is to engagement and
collaboration Slide 33 Business Case Making the procurement process
a level playing field doesnt need to create bureaucracy The process
can scale relative to that of the potential procurement. For
example, using informal sustainability evaluation for small
procurements, adopting formal measures such as QSoS at large scale
An effective process can help deliver sustained value and meet user
needs Slide 34 4. Practice Slide 35 How does procurement practice
fit into this picture? Awareness of policies, processes and tools
Understanding of how open source works and the issues involved
Capacity to effectively evaluate open source as well as closed
source solutions using standard tools Cultural alignment with the
strategy and its aims Slide 36 Questions and Discussion
