McKee: Where the buck stops
Accountability and risk in considering open source
- By Stuart McKee
- May 02, 2005
Some critical questions for chief information officers missing from recent conversations regarding the potential benefits of open-source software for government are: Who specifically stands behind the open-source software model and takes responsibility when something goes wrong? Who owns the integrated product road map and development life cycle?
Accountability and predictability are crucial for government CIOs. They are responsible for making sound purchasing decisions and delivering a return on investment. To that end, government organizations are evaluating open-source vendors, like other commercial software providers, that focus on business value, advantage and risk.
One of the government's largest software challenges is interoperability and the need to solve complex enterprise computing issues and introduce new solutions across a variety of platforms in which they already are invested. Expectations of an efficient and accountable government only compound the challenges that CIOs face.
Most agencies operate in mixed computing environments, and they consider vendors to be partners that help them meet specific interoperability goals.
Software vendors in this market should address the government's core business requirements. To do so, industry must support customer interoperability needs while helping agencies balance productivity improvements with budget realities by using products that enable platforms and applications to operate in every environment. Strong customer adoption of open, industry-standard Web services to solve core interoperability issues is an important indicator of this commitment.
Open standards should not be confused with open-source standards. And the movement toward open standards has led government interoperability efforts. For CIOs, the result has helped save increasingly scarce resources taking advantage of industry's investment in creating uniform technical specifications.
Another role of industry is to support its products and protect customers from any liability associated with deploying their software. Consider the issue of software indemnification, or the ultimate ownership of the intellectual property
being deployed. Disputes over IP can place a software user at risk, and agencies need to know that the code they are deploying is protected from legal or other challenges.
In the case of open-source vendors, there is limited or no indemnification protection. CIOs must determine whether the low-cost solution they are considering might later become costly. If anything, indemnification and ongoing technical support for open-source solutions should be an important part of any discussion about risk assessment or licensing.
The market ultimately will determine a particular model's success or failure. If that model, however, fails to offer customers an integrated approach to innovation while ensuring that liability resides with the software maker, additional strains will be placed on government resources in the long run, increasing life cycle cost and impeding the interoperability agencies are
McKee is Microsoft's national technology officer and former CIO of Washington state.