Commission 1: Landscape challenges Chairperson: Aslam Raffee Issues in the current environment : – Lack of sponsorship and accountability – No coordination and support to drive and promote adoption of FOSS – GITOC standards possibly still has gaps in it around FOSS. – No progress and performance measurement strategy /monitoring and evaluation that promotes the use and adoption of FOSS. We should measure business and no just the CIO. – We need to move from the 2007 policy to the next level of regulations, strategies and policies - the lack of sponsorship and enforcement of the policy is the challenge. Failure to comply should have negative consequences for the department and / or individual... Concern that you cannot regulate without an Act being in place GCIO Summit 27 – 30 May 2013

Commission 1: Landscape challenges- Chairperson: Aslam Raffee GCIO Summit 27 – 30 May 2013 Solutions to address the current issues: – We need a political champion to show commitment to FOSS. Maybe find someone will support the conversion of their applications under their control – Create clear standards for selection and promotion of FOSS – Need frameworks that are in place to promote adoption – We need a central project office to drive standards, training, policies, procurement around FOSS vendors – The role of AG needs to be finalized in ensuring compliance to FOSS using the GITOC standards – Setup the FOSS Programme office at SITA again – Identify low hanging fruits in our environments that will show value to business. Also target departments or entities that are largely manual. The value will be immediately noticeable and there will be limited complexity in delivering time to value (green field environments) – SITA should look to include training for its resources and departmental resources to skill up FOSS. Recommendation that SITA partner with the key FOSS vendors – Find a department that can be an example for FOSS – Clarify SITA role in implementing FOSS. They need to be central to delivering the journey. – Get industry to buy-in to the technology direction of government. They will then be part of a partner ecosystem. – We need to focus on marketing, awareness, business case education to government departments – Create an innovation fund to subsidies and promote uptake of FOSS

Commission Name: FOSS Security Chairperson: Jason Ming Sun Issues in the current environment : – Concerned about how secure is personal information when it comes to FOSS as compared to proprietary software – How does data privacy and FOSS work together? – Training in new technologies is a problem. This poses additional security risks as users are not familiar with the new software solutions – Patching of current FOSS systems can be disparate – Application security and code libraries have no consistent means to notify users when there are patches released – FOSS adoption is being hampered by the lack of a framework which can be used to ensure that the appropriate applications are chosen in the FOSS space vs proprietary software GCIO Summit 27 – 30 May 2013 Solutions to address the current issues: – Look at specific policies around patching FOSS systems in the environment – Look at making use of external parties to conduct audits on security capabilities in deployed FOSS systems – A central body or center of excellence (perhaps within SITA) to look at setting a security framework when it comes to FOSS. This can provide guidance to CIO’s when considering FOSS – Adopt a top down approach to security in FOSS with buy-in at a Senior Level and filter that down toward the CIO level – Align to other international standards (eg. ISO)

Commission 3: Change management Chairperson: Allan Wattrus Issues in the current environment : – When FOSS was presented there seemed to be a stronger focus on the risks rather than the rewards – Concerns around adopting something that is not perceived as mainstream – Support structures around FOSS are not clear – FOSS can be a tedious exercise when CIOs are under pressure to deliver within timeframes – Given the learnings from programmes such as IFMS, if Government had spent this on proprietary solutions we may have been a lot further down the road – Government does not have the capacity to take on large scale FOSS implementation – No motivation for public sector FOSS specialists to pursue the career – FOSS has potential to complicate reporting and audits if different solutions create different reporting and difficulty in consolidating information – Policy creation does not translate into execution GCIO Summit 27 – 30 May 2013 Solutions to address the current issues: – Effort needs to be focused on services development rather than underlying technology. Reuse what is there – A common middleware layer will contribute to reducing effort taken to develop functionality – Promote employment for FOSS skills at university and school level – Need to create partnerships with the private sector to promote FOSS skills – Government CIO structures need to be geared towards supporting FOSS – Environment needs to be created where FOSS can be successful including architecture, skills, structures – Change management needs to focus on providing people the skills to adapt to FOSS rather than just adopt FOSS solutions