UK Web Focus (Brian Kelly)

Innovation and best practices for the Web

  • Email Subscription (Feedburner)

  • Twitter

    Posts on this blog cover ideas often discussed on Twitter. Feel free to follow @briankelly.

    Brian Kelly on Twitter Counter

  • Syndicate This Page

    RSS Feed for this page


    Creative Commons License
    This work is licensed under a Creative Commons Attribution 2.0 UK: England & Wales License. As described in a blog post this licence applies to textual content published by the author and (unless stated otherwise) guest bloggers. Also note that on 24 October 2011 the licence was changed from CC-BY-SA to CC-BY. Comments posted on this blog will also be deemed to have been published with this licence. Please note though, that images and other resources embedded in the blog may not be covered by this licence.

    Contact Details

    Brian's email address is You can also follow him on Twitter using the ID briankelly. Also note that the @ukwebfocus Twitter ID provides automated alerts of new blog posts.

  • Contact Details

    My LinkedIn profile provides details of my professional activities.

    View Brian Kelly's profile on LinkedIn

    Also see my profile.

  • Top Posts & Pages

  • Privacy


    This blog is hosted by which uses Google Analytics (which makes use of 'cookie' technologies) to provide the blog owner with information on usage of this blog.

    Other Privacy Issues

    If you wish to make a comment on this blog you must provide an email address. This is required in order to minimise comment spamming. The email address will not be made public.

Workshop On Risk Management

Posted by Brian Kelly on 5 Mar 2008

The JISC OSS Watch service are running a workshop on “Risk Management in Open Source Procurement” which Ross Gardler describes in a blog post on the OSS Watch Team blog.

The background to this event, which will be held in Oxford on 18 March 2008, is described in an article on open source in HE and FE published in the October 2007 edition of JISC Inform in which Ross suggested that:

There is often a lack of understanding about how best to consider OSS as part of institutional IT procurement and development activities. Ross Gardler, manager of the HE and FE advisory service for open source software, believes such issues can be explained by difficulties surrounding evaluation techniques.

‘There often isn’t an established marketing department that will take you out for lunch and smooth talk you about the potential benefits, like there is with a commercial provider,’ he says.

I can recall that about 10 years ago there seemed to be a feeling that having source code available under an open source software licence was sufficient to guarantee sustainability of software. But you just have to look at example such as the ROADS software which drove a number of what are now know as the Intute hubs. Looking at the graveyard of many open source software projects which fail to be sustainable in the long term, you’ll find an area for ROADS. We do need to do the risk analysis and risk management.

So I’m pleased to see that OSS Watch are running a workshop which will cover the risks associated with procurement of open source software. In his blog post Ross goes on to describe how the OSS Watch service “provide[s] one-to-one consultancy services to help people understand how to evaluate open source and open source providers using frameworks such as the Business Readiness Rating and the Open Source Maturity Model.” The workshop will provide an opportunity for OSS Watch to share their expertise with a wider community.

Of course, there’s not risks risks aren’t only associated with open source software – there are risks associated with use of proprietary software. And also, it needs to be said, use of externally-hosted Web 2.0 services – as we saw recently with the recent downtime of the Amazon S3 service which affected other services including Twitter.

This doesn’t mean, however, that we shouldn’t use externally hosted Web 2.0 service – or, indeed, open source software. Similarly the recent crash of the Northern Rock Bank doesn’t mean that we should withdraw our savings and stuff the cash under our mattresses!

I suspect that a workshop on “Risk Management and Web 2.0” would be popular. I’ve posted previously on Your Views On Externally-Hosted Web 2.0 Services back in September 2007. But, apart from the risk assessment document which have been produced at the universities of Oxford and Edinburgh, have any other institutions published anything in this area?

2 Responses to “Workshop On Risk Management”

  1. I think you have a little error, you say:

    “Of course, there’s not risks associated with open source software – there are risks associated with use of proprietary software.”

    I think you meant something like:

    “Of course, there’s not *only* risks associated with open source software – there are *also* risks associated with use of proprietary software.”

    Anyway, thanks for the plug [Is this another error to create a comment?]

  2. Oops, I obviously wrote that in a hurry. Error corrected. Brian

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: