The Cabinet Office yesterday released an Open Source Procurement Toolkit that details best practice for evaluating the use of open-source solutions.
The government's policy, as stated in its ICT Strategy released in March, is to procure open-source solutions "where appropriate".
The toolkit contains advice and information about open-source software, open-source vendors and running costs. It also includes a guidance paper by the CESG, an arm of GCHQ, that covers security matters relating to public sector use of open-source software.
In the past, the CESG's rules on information assurance have been criticised for hindering uptake of open source, but the agency denied this, saying its Code of Connection (CoCo) and guidance were being interpreted incorrectly. The new toolkit aims to clarify the CESG's policies around security and open source.
The government first set out its policy on the use of open source in 2004. This was restated in both 2009 and 2010.
The Cabinet Office said the toolkit aims to "create a level playing field for the use of innovative ICT solutions, [by providing] best practice for evaluating the use of open source solutions".
The government has already set up bodies to "break down the technical and cultural barriers that impede the use of open source solutions across government". These include an Open Source Implementation Group, a System Integrator Forum and an online Government Open Solutions Forum.
The government's recent Strategic Implementation Plan, which fleshed out the original ICT Strategy, said that open-source solutions will be considered as a matter of course against proprietary solutions based on value for money and total cost of ownership.
Government departments' use of open source will be monitored while a database called the ICT Asset and Services Knowledgebase, which was tendered for at the end of July, will be used to record the reuse of existing open-source solutions.
Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes
Focus on cost efficiency, simplicity, performance, scalability and future-readiness when architecting your data protection strategy