McKee: Where the buck stops

Accountability and risk in considering open source

Some critical questions for chief information officers missing from recent conversations regarding the potential benefits of open-source software for government are: Who specifically stands behind the open-source software model and takes responsibility when something goes wrong? Who owns the integrated product road map and development life cycle?

Accountability and predictability are crucial for government CIOs. They are responsible for making sound purchasing decisions and delivering a return on investment. To that end, government organizations are evaluating open-source vendors, like other commercial software providers, that focus on business value, advantage and risk.

One of the government's largest software challenges is interoperability and the need to solve complex enterprise computing issues and introduce new solutions across a variety of platforms in which they already are invested. Expectations of an efficient and accountable government only compound the challenges that CIOs face.

Most agencies operate in mixed computing environments, and they consider vendors to be partners that help them meet specific interoperability goals.

Software vendors in this market should address the government's core business requirements. To do so, industry must support customer interoperability needs while helping agencies balance productivity improvements with budget realities by using products that enable platforms and applications to operate in every environment. Strong customer adoption of open, industry-standard Web services to solve core interoperability issues is an important indicator of this commitment.

Open standards should not be confused with open-source standards. And the movement toward open standards has led government interoperability efforts. For CIOs, the result has helped save increasingly scarce resources taking advantage of industry's investment in creating uniform technical specifications.

Another role of industry is to support its products and protect customers from any liability associated with deploying their software. Consider the issue of software indemnification, or the ultimate ownership of the intellectual property being deployed. Disputes over IP can place a software user at risk, and agencies need to know that the code they are deploying is protected from legal or other challenges.

In the case of open-source vendors, there is limited or no indemnification protection. CIOs must determine whether the low-cost solution they are considering might later become costly. If anything, indemnification and ongoing technical support for open-source solutions should be an important part of any discussion about risk assessment or licensing.

The market ultimately will determine a particular model's success or failure. If that model, however, fails to offer customers an integrated approach to innovation while ensuring that liability resides with the software maker, additional strains will be placed on government resources in the long run, increasing life cycle cost and impeding the interoperability agencies are demanding.

McKee is Microsoft's national technology officer and former CIO of Washington state.

The 2015 Federal 100

Meet 100 women and men who are doing great things in federal IT.


  • Shutterstock image (by venimo): e-learning concept image, digital content and online webinar icons.

    Can MOOCs make the grade for federal training?

    Massive open online courses can offer specialized IT instruction on a flexible schedule and on the cheap. That may not always mesh with government's preference for structure and certification, however.

  • Shutterstock image (by edel): graduation cap and diploma.

    Cybersecurity: 6 schools with the right stuff

    The federal government craves more cybersecurity professionals. These six schools are helping meet that demand.

  • Rick Holgate

    Holgate to depart ATF

    Former ACT president will take a job with Gartner, follow his spouse to Vienna, Austria.

  • Are VA techies slacking off on Yammer?

    A new IG report cites security and productivity concerns associated with employees' use of the popular online collaboration tool.

  • Shutterstock image: digital fingerprint, cyber crime.

    Exclusive: The OPM breach details you haven't seen

    An official timeline of the Office of Personnel Management breach obtained by FCW pinpoints the hackers’ calibrated extraction of data, and the government's step-by-step response.

  • Stephen Warren

    Deputy CIO Warren exits VA

    The onetime acting CIO at Veterans Affairs will be taking over CIO duties at the Office of the Comptroller of the Currency.

  • Shutterstock image: monitoring factors of healthcare.

    DOD awards massive health records contract

    Leidos, Accenture and Cerner pull off an unexpected win of the multi-billion-dollar Defense Healthcare Management System Modernization contract, beating out the presumptive health-records leader.

  • Sweating the OPM data breach -- Illustration by Dragutin Cvijanovic

    Sweating the stolen data

    Millions of background-check records were compromised, OPM now says. Here's the jaw-dropping range of personal data that was exposed.

  • FCW magazine

    Let's talk about Alliant 2

    The General Services Administration is going to great lengths to gather feedback on its IT services GWAC. Will it make for a better acquisition vehicle?

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above