Procurement of professional re-usable open source software
Acquiring professional re-usable open source software
Organisations are continuously striving to be more efficient, competitive, agile and reduce operating costs. IT plays a major role in achieving these goals.
An emerging strategy is to implement a buy once use many strategy of re-usable technology, best practice, design and intellectual capital. Open source software based solutions coupled with open standard interfaces are designed to enable this approach.
However this leaves a challenge facing IT procurement professionals of how to negotiate commercial terms to ensure success for the organisation both in the short and long term.
The re-usable software ecosystem
The open source software ecosystem offers re-usable software component solutions to address many of an organisation’s requirements.
These re-usable software components are created by software engineers and experts who collaborate to design, improve and evolve software code’s efficiency and capabilities.
This software when released will be well tested, robust and of a high-quality.
End user organisations can contribute their own unique modifications which will further contribute to a rapid development of the solution. This sharing and iteration, improves availability, quality and security.
However simply adopting open source software code can have a number of shortcomings such as lack of structure for managing security vulnerability exposure or licence compliance and intellectual property risk.
To most organisations these unknown risk would in all likelihood mean the solutions would not meet their quality requirements, therefore what could have been the right solution from a functionality perspective could ultimately be rejected.
How to acquire professional re-usable software
Source Code Control have created training, tool kits and services to help procurement professionals and IT leadership to effectively evaluate open source
software based solutions and the related services offered by solution providers who will support and implement solutions. This includes:
Open source software policies
- What should your policies be?
- What requirements should your service providers be demonstrating?
- What is the commercial model?
- Disclosure of software components used - "bill of materials"
- Open source software licensing
- Transparency of openness
- Fully open or,
- Open with chargeable proprietary or restrictive add-ons e.g.the controversial Open Core models
- Transparency of openness
- What is the security vulnerability management strategy?
- Demonstration of tracking of security vulnerabilities
- Service level agreement for security fixes
Professional re-usable software principles for the Public Sector
guidance to procurement professionals on a practical approach to accessing Free and Open re-usable software for use in public sector titled:
"Professional re-usable software principles for the Public Sector"
This publication although aimed at public sector procurement professionals covers principles which are relevant to any type of organisations looking to implement professional open source software solutions.