S&T | Selecting & Evaluating : Software & Suppliers

S&T | Selecting & Evaluating : Software & Suppliers

By Martin Callinan 
Source Code Control Limited / OpenUK

S&T | Selecting & Evaluating : Software & Suppliers

Free & Open Source software is already driving functions within your daily life. It may be your web servers, network infrastructure, desk phone or conference room TV. Personal devices like your mobile phone, smart watch,  and tablet are likely to contain Open Source, as does almost all of the Internet. These have all been developed using the most effective and practical solutions and without Open Source, may never have reached the depth and breadth of technical capability. This guidance aims to assist you in accessing this technology and integrating with your project.

1. Adoption vs professional implementation 

Adoption has proven a common way to implement Open Source within organizations. With single purpose applications that connect to commodity services through Open Standards such as web browsers and word processors, adoption has provided a cost effective acquisition method. The shortcoming of the adoption approach is that it provides no guarantees of security and suitability. Bypassing the procurement function can mean that critical business software has no diligence applied and that the software is untracked within an organization. Where the customer is able to maintain updates and satisfy themselves that this does not present a risk, this process is cost effective to operate and manage. Where the requirement is complex or the necessary skills are not locally available, professional services from subject matter experts should be sought.

2. Short listing suppliers and solutions 

GDS have published extensive evaluation and selection guidance[1] for creating and managing a short-list of suppliers. Consideration should be given to the business model of the supplier as this is an indicator as to the value that they deliver. 

3. Assessing Open Source options 

Business models vary for Open Source applications and there are subtle differences between services that are built on Open Source and services that are available as Open Source. As the desirability of Open Source increases, existing proprietary suppliers are adapting their business models to use Open Source  as a marketing process for locked down applications. One example is Open Core where the base software is Open Source but key functionality is only available with pay-for modules. An assessment tool is available from OSSWatch [2], created by the University of Oxford to assess the openness of a project.

4. Choosing an Open license 

When selecting or integrating Open Source software, the license accompanying the software will affect what you can do with the software, and when developing, your choice of license will impact what others can do with it. GDS offer guidance[3]  and Joinup.eu[4]  offer a tool to assist with selection. The EUPL license has been developed by the European Commission specifically for use by Commission services. There are times when it may not be desirable to export digital assets [5] implementation details and configuration could be exposed.

5. The Custodian model of engagement 

The Custodian model has been pioneered by Open Source foundations for decades and commercially focused organizations replicating this proven method are being established. This model separates the key roles of the software life cycle and empowering the customer to be in control of their project. A Custodian retains title to the software application and competing companies offer development, integration, training and support services. A recent example is Apperta [6] , the NHS Open Source foundation who is controlled by a board of clinicians with NHS England as an institutional director and direct the Code 4 Health [8] program. This process ensures that the software remains under the control of the public sector whilst value services are delivered by private sector organizations.

6. Frameworks 

At the time of writing, G-Cloud10 hosts over 1500 services registered as Open Source covering many commodity lines of business. For bespoke requirements or for solutions not available through G-Cloud, the Digital Outcomes & specialist frameworks[8] provides access to pre-screened development services and many of the providers offer Open Source services

Endnotes:

[1] https://www.gov.uk/guidance/how-to-shortlist-digital-outcomesand-specialists-suppliers and https://www.gov.uk/guidance/how-toevaluate-digital-outcomes-and-specialists-suppliers 

[2] http://oss-watch.ac.uk/apps/openness/ 

[3] https://www.gov.uk/service-manual/making-software/openstandards-and-licensing.html 

[4] https://joinup.ec.europa.eu/community/eupl/og_page/licence-wizard

[5] https://gds.blog.gov.uk/2014/10/08/when-is-it-ok-not-to-open-allsource-code/ 

[6] http://apperta.org 

[7] http://code4health.org 10 https://www.digitalmarketplace.service.gov.uk/g-cloud 

[8] https://www.gov.uk/guidance/digital-outcomes-and-specialistsbuyers-guide

Publication Details:

This article is an excerpt taken from a technical paper, titled - "Professional re-usable software principles for the Public Sector", Jointly published by OpenUK, COIS, and OpenForum Europe under Creative Commons License CC-BY-SA
    Blogger Comment
    Facebook Comment