OSPO Alliance issueshttps://gitlab.ow2.org/groups/ggi/-/issues2024-03-28T10:01:00Zhttps://gitlab.ow2.org/ggi/ggi/-/issues/179Corrections after handbook 1.2 FR review2024-03-28T10:01:00ZSébastien LEJEUNEsebastien.lejeune@thalesgroup.comCorrections after handbook 1.2 FR review- [ ] page 3, missing space in Contact title (see toc 10Contacts
- [x] page 8 missing 's' personnalisé
- [ ] page 10 pratiques open source réussies (check which word is used in english version)
- [ ] page 13-14 missing : between bold ter...- [ ] page 3, missing space in Contact title (see toc 10Contacts
- [x] page 8 missing 's' personnalisé
- [ ] page 10 pratiques open source réussies (check which word is used in english version)
- [ ] page 13-14 missing : between bold terms and the following in 4.2 and 4.3
- [ ] page 15 wrong numbers in list of 4.4 (workflow standard ...)
- [x] page 19 Missing uppercase on nexus
- [x] page 22 Doubled entry (in point de controle list)
- [x] page 23 Doubled paragraph 'Alors que le logiciel ...'
- [ ] page 34 Add chatGPT next to Stack Overflow
- [ ] page 40 wrong alignment
- [ ] page 43 wrong alignment (evaluation de l'opportunité)
- [ ] page 57 add the forum link ?Sébastien LEJEUNEsebastien.lejeune@thalesgroup.comSébastien LEJEUNEsebastien.lejeune@thalesgroup.comhttps://gitlab.ow2.org/ggi/ggi/-/issues/178After "Level 2: Engagement" and "Ebene 3: Verallgemeinerung" there is no para...2024-03-27T20:57:57ZSilvério SantosAfter "Level 2: Engagement" and "Ebene 3: Verallgemeinerung" there is no paragraph translation of v1.2 in ch. 9.5It reads:
```
Ebene 3: VerallgemeinerungFür alle
```
but it should be like:
```
Ebene 3: Verallgemeinerung
Für alle
```
Same for Level 2 before.
Appears in German, French and Portuguese.It reads:
```
Ebene 3: VerallgemeinerungFür alle
```
but it should be like:
```
Ebene 3: Verallgemeinerung
Für alle
```
Same for Level 2 before.
Appears in German, French and Portuguese.https://gitlab.ow2.org/ggi/ggi/-/issues/177Numbered list restarting translation of v1.2 in ch. 4.42024-03-27T20:57:58ZSilvério SantosNumbered list restarting translation of v1.2 in ch. 4.4In ch. 4.4, the numbered list is 1., 1., 1. and 2. instead of 1. , 2. , 3. and 4.
Found in German, French, and Portuguese.In ch. 4.4, the numbered list is 1., 1., 1. and 2. instead of 1. , 2. , 3. and 4.
Found in German, French, and Portuguese.https://gitlab.ow2.org/ggi/ggi/-/issues/175Missing simple identifiers for Activities2024-03-04T18:01:33ZNicolas ToussaintMissing simple identifiers for ActivitiesIn the handbook, each Activity does have an identifier. For example [Inventory of open source skills and resources](https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/51_activity_17.md) has the ID `GGI-A-17`
The problem is that...In the handbook, each Activity does have an identifier. For example [Inventory of open source skills and resources](https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/51_activity_17.md) has the ID `GGI-A-17`
The problem is that these number have a history (all activities were initially developed in GitLab Issues, those IDs are the number of these issues), but make little sense now. They are actually quite confusing because one cannot tell which Goal they belong to and are almost following the order of the book, but not quite.
It makes it hard to make reference to Activities without quoting the complete name every time (plus mention the Goal for to find it easily)
I would like to propose to re-number the Activities:
| chapter | title | Current ID | New ID example | Link |
| --- | --- | --- | --- | --- |
| 6.4 | Manage key indicators | GGI-A-24 | `Trust.4` / `G2-A4`| https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/52_activity_24.md |
| 6.5 | Run code reviews | GGI-A-44 | `Trust.5` / `G2-A5` | https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/52_activity_44.md |
| 8.3 | Publicly assert use of open source | GGI-A-31 | `Engagement.3` / `G4-A3` | https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/54_activity_31.md |
| 8.4 | Engage with open source vendors | GGI-A-33 | `Engagement.4` / `G4-A4` | https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/54_activity_33.md |
There may be a little tech challenge, but I would argue it is a sane investment for the future, make the whole concept more professional.https://gitlab.ow2.org/ggi/com-tf/-/issues/55Privacy enhancements for ospo-alliance.org web site2024-03-04T16:41:18ZPaolo VecchiPrivacy enhancements for ospo-alliance.org web siteIt is an excellent thing that many tools that protect the privacy of participants to the OSPO Alliance have been put in place but there is still a small issue to fix in relation to the fonts loaded by the web site.
The template used in ...It is an excellent thing that many tools that protect the privacy of participants to the OSPO Alliance have been put in place but there is still a small issue to fix in relation to the fonts loaded by the web site.
The template used in the Hugo web site downloads the fonts and the relative stile sheet from Google Fonts:
https://fonts.googleapis.com/css?family=Open+Sans:400,600
It is possible to download the woff2 fonts from here:
https://gwfh.mranftl.com/fonts/open-sans?subsets=latin
upload them to the server and change the template to match the location of the fonts.
This blog post provides more instructions:
https://rednafi.com/misc/self_hosted_google_fonts_in_hugo/https://gitlab.ow2.org/ggi/ggi/-/issues/174Open Source vs. open source vs. open-source2024-03-05T14:02:54ZNicolas ToussaintOpen Source vs. open source vs. open-sourceFollowing today's GGI meeting discussion about how "open source" should be written in the GGI Handbook (and beyond), let's unearth the discussion we had that led to the current choice.
The historical discussion (see [email thread](https...Following today's GGI meeting discussion about how "open source" should be written in the GGI Handbook (and beyond), let's unearth the discussion we had that led to the current choice.
The historical discussion (see [email thread](https://mail.ow2.org/wws/arc/ossgovernance/2021-10/msg00007.html), topic #1) led to "open source" over "open-source" or "Open Source".
It looks like times have changed (again) and it may be a good idea to revisit the current usage for voices future versions of the GGI.https://gitlab.ow2.org/ggi/ggi/-/issues/168Criteria for Partner hub (or new name to be defined)2024-03-27T21:03:32ZFREDERIC AATZCriteria for Partner hub (or new name to be defined)Considering the on-going discussion, it would be good to make sure all criteria are clearly agreed or documented when unsufficient.
Please read see following links and document gaps
* See https://pad.castalia.camp/p/ospo-alliance-consu...Considering the on-going discussion, it would be good to make sure all criteria are clearly agreed or documented when unsufficient.
Please read see following links and document gaps
* See https://pad.castalia.camp/p/ospo-alliance-consultancy-qo20pl0
* See https://ospo-alliance.org/partners/https://gitlab.ow2.org/ggi/com-tf/-/issues/54[Metrics] Identify key metrics and community analysis2024-02-12T16:31:08ZFREDERIC AATZ[Metrics] Identify key metrics and community analysisDraft established [resources/Metrics/2024-02_OSPO_Alliance_n_GGI_Metrics_v1.pdf · 91c48cb2ee8c74473e031ddb5293881aa3ed7fa2 · OSPO Alliance / Communication Task Force · GitLab (ow2.org)](https://gitlab.ow2.org/ggi/com-tf/-/blob/91c48cb2ee...Draft established [resources/Metrics/2024-02_OSPO_Alliance_n_GGI_Metrics_v1.pdf · 91c48cb2ee8c74473e031ddb5293881aa3ed7fa2 · OSPO Alliance / Communication Task Force · GitLab (ow2.org)](https://gitlab.ow2.org/ggi/com-tf/-/blob/91c48cb2ee8c74473e031ddb5293881aa3ed7fa2/resources/Metrics/2024-02_OSPO_Alliance_n_GGI_Metrics_v1.pdf). Follow-up thru next months, check for Forum stats when available (matomo ?).
Audience, geosFREDERIC AATZFREDERIC AATZhttps://gitlab.ow2.org/ggi/ggi/-/issues/159Community roles2024-03-05T13:14:58ZChristian PatersonCommunity rolesCurrently, in the GitLab the OSPO Alliance list of "members" is limited to those who have a maintainer role. I understand that maintainers are people who have provided "meaningful" updates the to GGI project over the last 6 months.
I be...Currently, in the GitLab the OSPO Alliance list of "members" is limited to those who have a maintainer role. I understand that maintainers are people who have provided "meaningful" updates the to GGI project over the last 6 months.
I believe that it would be of benefit to extend the formal list of community roles as a means of providing recognition of people who, for example, join the monday calls at least n times in the last 6 months.
Possibly this list of monday call people could simply be called "Active Participants" or "Guiding Council". I propose that such people are given "Reporter" role in GitLab, for example, and be listed on the OSPO Alliance website somewhere.https://gitlab.ow2.org/ggi/ggi/-/issues/158Remove reference to europe in first chapter2024-03-05T13:17:32ZBoris BaldassariRemove reference to europe in first chapter@silverio says we have a sentence about targeting europe. That's not true, remove it.@silverio says we have a sentence about targeting europe. That's not true, remove it.https://gitlab.ow2.org/ggi/com-tf/-/issues/53[OnRamp] IATA2023-12-19T11:50:48ZFlorent Zara[OnRamp] IATA# On Ramp session preparation
<!-- Use this to track the preparation of an upcoming OnRamp session -->
- Title: **Insert title of the presentation here**
- Speaker Name: **Insert speaker name here**
- Speaker Company: **Insert speaker n...# On Ramp session preparation
<!-- Use this to track the preparation of an upcoming OnRamp session -->
- Title: **Insert title of the presentation here**
- Speaker Name: **Insert speaker name here**
- Speaker Company: **Insert speaker name here**
- Date: **Insert session date here**
## Required information
Contact the speaker and ask for
- [ ] Fullname
- [ ] Position
- [ ] Company exact name
- [ ] A small bio to present the speaker during the OnRamp session
- [ ] A photo for the speaker card to be used on social networks
- [ ] Title and abstract of the talk
- [ ] Twitter handle of the speaker and the company
- [ ] Mastodon handle of the speaker and the company
- [ ] LinkedIn profile of the speaker and the company
- [ ] website of the speaker and the company
## Communication
Advertise on the following networks / website
- [ ] Twitter
- [ ] LinkedIn (create an **Event**, not a post)
- [ ] Mastodon
- [ ] Website news section (aka Eclipsed Newsroom)
- [ ] Ospo.Zone ML
- [ ] Next OnRamp session slides
## Slides
- [ ] Prepare intro and outro slides, including
- [ ] Latest news from the Alliance (translations, TF, new members, etc.)
- [ ] Introduction slide
- [ ] Next sessions
- [ ] Ask speaker for his/her slides at least 2 days in advance
## Post meeting
- [ ] Check video replay on BBB
- [ ] Update website: move abstract to previous meetings and resources pages by adding link to slides and replay
- [ ] Communicate about the replay and thank the speaker on social networks
- [ ] Twitter
- [ ] LinkedIn
- [ ] Mastodon
- [ ] Website news section (aka Eclipsed Newsroom)
- [ ] Ospo.Zone MLFlorent ZaraFlorent Zarahttps://gitlab.ow2.org/ggi/com-tf/-/issues/52[OnRamp] Tobie Langel - January 20242024-01-24T10:27:04ZFlorent Zara[OnRamp] Tobie Langel - January 2024# On Ramp session preparation
<!-- Use this to track the preparation of an upcoming OnRamp session -->
- Title: **Alignment isn't just for AI: increasing OPSO awareness and impact by aligning with organizational mission, goals, and stra...# On Ramp session preparation
<!-- Use this to track the preparation of an upcoming OnRamp session -->
- Title: **Alignment isn't just for AI: increasing OPSO awareness and impact by aligning with organizational mission, goals, and strategy**
- Speaker Name: **Tobie Langel**
- Speaker Company: **Unlock Open**
- Date: **January 19th**
## Required information
Contact the speaker and ask for
- [x] Fullname
- [x] Position: Open ecosystem strategy consultant
- [x] Company exact name: UnLock Open
- [x] A small bio to present the speaker during the OnRamp session
- [x] A photo for the speaker card to be used on social networks
- [x] Title and abstract of the talk
- [ ] Twitter handle of the speaker and the company
- [ ] Mastodon handle of the speaker and the company
- [ ] LinkedIn profile of the speaker and the company
- [ ] website of the speaker and the company
## Communication
Advertise on the following networks / website
- [ ] Twitter
- [ ] LinkedIn (create an **Event**, not a post)
- [ ] Mastodon
- [ ] Website news section (aka Eclipsed Newsroom)
- [ ] Ospo.Zone ML
- [ ] Next OnRamp session slides
## Slides
- [ ] Prepare intro and outro slides, including
- [ ] Latest news from the Alliance (translations, TF, new members, etc.)
- [ ] Introduction slide
- [ ] Next sessions
- [ ] Ask speaker for his/her slides at least 2 days in advance
## Post meeting
- [ ] Check video replay on BBB
- [ ] Update website: move abstract to previous meetings and resources pages by adding link to slides and replay
- [ ] Communicate about the replay and thank the speaker on social networks
- [ ] Twitter
- [ ] LinkedIn
- [ ] Mastodon
- [ ] Website news section (aka Eclipsed Newsroom)
- [ ] Ospo.Zone MLFlorent ZaraFlorent Zarahttps://gitlab.ow2.org/ggi/ggi/-/issues/152Advertise new communication tools on the OSPO Alliance website2024-03-05T13:17:41ZNicolas ToussaintAdvertise new communication tools on the OSPO Alliance websiteFor the new tooling (eg. [Forum](https://forum.ospo-alliance.org/)), we should add links in the website menu.
I guess a new entry "Forum" in the "Contribute" menu ?For the new tooling (eg. [Forum](https://forum.ospo-alliance.org/)), we should add links in the website menu.
I guess a new entry "Forum" in the "Contribute" menu ?https://gitlab.ow2.org/ggi/my-ggi-board/-/issues/55Consider a GitHub backend for deployment2024-03-26T15:55:36ZBoris BaldassariConsider a GitHub backend for deploymentDevelop a GitHub backend for My GGI Deploy.
See with Fred Aatz.Develop a GitHub backend for My GGI Deploy.
See with Fred Aatz.https://gitlab.ow2.org/ggi/my-ggi-board-test/-/issues/227Open source enabling digital transformation2024-03-28T09:25:43ZGhost UserOpen source enabling digital transformationActivity ID: [GGI-A-37](https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/51_activity_37.md).
----
### Scorecard
<details><summary>Click to expand</summary>
#### Customized description
Scope of what has to be done.
####...Activity ID: [GGI-A-37](https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/51_activity_37.md).
----
### Scorecard
<details><summary>Click to expand</summary>
#### Customized description
Scope of what has to be done.
#### Opportunity assessment
Why is this activity relevant?
#### Objectives
What we aim to achieve in this iteration.
- [x] Task 1 - meet stakeholders
- [ ] Task 2 - devise a plan
- [ ] Task 3 - implement the plan
- [ ] Task ' - check results.
#### Tools
Technologies, tools and products used in the Activity.
#### Operational Notes
Approach, method to progress in the Activity
</details>
----
### Description
> "Digital Transformation is the adoption of digital technology to transform services or businesses, through replacing non-digital or manual processes with digital processes or replacing older digital technology with newer digital technology." (Wikipedia)
When the most advanced organisations in Digital Transformation jointly drive change through their Business, IT and Finance to anchor digital in the way, they reconsider:
- Business model: value chain with ecosystems, as a service, SaaS.
- Finance: opex/capex, people, outsourcing.
- IT: innovation, legacy/asset modernization.
Open source is at the heart of digital transformation:
- Technologies, Agile practices, product management.
- People: collaboration, open communication, development/decision cycle.
- Business models: try & buy, open innovation.
In terms of competitiveness, the most visible processes are probably the processes that directly impact the customer experience. And we have to recognize that the big players, as well as start-up companies, by delivering totally unprecedented customer experience, drastically changed customer expectations.
Customer experience as well as all the other processes within a company entirely depend on IT. Every company has to transform its IT, this is what the digital transformation is about. Companies that have not done it yet, have now to achieve their digital transformation as fast as possible, otherwise the risk is that they could be wiped out of the market. Digital Transformation is a condition for survival. Since the stakes are so high, a company cannot entirely leave the digital transformation to a supplier. Every company has to get hands on with its IT, which means that every company has to get hands on with open source software because there is no IT without open source software.
Expected benefits of the digital transformation include:
- Simplify, automate core processes, make them real-time.
- Enable fast responses to competitive changes.
- Take advantage of Artificial intelligence and big data.
### Opportunity Assessment
Digital transformation could be managed by:
- Segments of the IT: Production IT, Business Support IT (CRM, billing, procurement…), Support IT (HR, Finance, accounting...), Big Data.
- Type of technology or process supporting the IT: Infrastructure (cloud), Artificial Intelligence, Processes (Make-or-Buy, DevSecOps, SaaS).
Injecting open source in a particular segment or technology of your IT reveals that you want to get hands on in this segment or technology, because you assessed that this particular segment or technology of your IT is important for the competitiveness of your company.
It is important to assess the position of your company compared not only with your competitors, but also with other industries, and key players in terms of customer experience and market solutions.
### Progress Assessment
1. Level 1: Situation assessment
- I have identified:
- the segments of IT that are important for the competitiveness of my company, and
- the open source technologies required to develop applications in these segments.
- And I have thus decided:
- on which segments I want to manage in-house the development of projects, and
- on which open source technologies I need to build in-house expertise.
2. Level 2: Engagement
- On some selected open source technologies used within the company, several developers have been trained and are recognized as valuable contributors by the open source community.
In some selected segments, projects based upon open source technologies have been launched.
3. Level 3: Generalisation
- For all projects, an open source alternative is systematically being investigated during the inception stage of the project. To make it easier for the project team to study such open source alternative, a central budget, and a central team of architects, hosted in the IT Department, is dedicated to providing assistance to the projects.
**KPIs**:
- KPI 1. Ratio for which an open source alternative was investigated: (Number of projects / Total number of projects).
- KPI 2. Ratio for which the open source alternative was chosen: (Number of projects / Total number of projects).
### Recommendations
Beyond the headline, Digital Transformation is a mindset that involves some fundamental changes, and this should also (or even mainly) come from the top-level layers of the organisation. Management shall promote initiatives, new ideas, manage risks, and potentially update existing procedures to make them fit new concepts.
Passion is a huge factor of success. One of the means developed by key players in the field is to set up open spaces for new ideas, where people can submit, and freely work on, their ideas about digital transformation. Management should encourage such initiatives.
### Resources
- [Eclipse Foundation: Enabling Digital Transformation in Europe Through Global Open Source Collaboration](https://outreach.eclipse.foundation/hubfs/EuropeanOpenSourceWhitePaper-June2021.pdf).
- [Europe: Open source software strategy](https://ec.europa.eu/info/departments/informatics/open-source-software-strategy_en#opensourcesoftwarestrategy).
- [Europe: Open source software strategy 2020-2023](https://ec.europa.eu/info/sites/default/files/en_ec_open_source_strategy_2020-2023.pdf).https://gitlab.ow2.org/ggi/my-ggi-board-test/-/issues/226Open source enabling innovation2023-11-16T16:36:46ZGhost UserOpen source enabling innovationActivity ID: [GGI-A-36](https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/51_activity_36.md).
----
### Scorecard
<details><summary>Click to expand</summary>
#### Customized description
Scope of what has to be done.
####...Activity ID: [GGI-A-36](https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/51_activity_36.md).
----
### Scorecard
<details><summary>Click to expand</summary>
#### Customized description
Scope of what has to be done.
#### Opportunity assessment
Why is this activity relevant?
#### Objectives
What we aim to achieve in this iteration.
#### Tools
Technologies, tools and products used in the Activity.
#### Operational Notes
Approach, method to progress in the Activity
</details>
----
### Description
> "Innovation is the practical implementation of ideas that result in the introduction of new goods or services or improvement in offering goods or services."
>
> — <cite>Schumpeter, Joseph A.</cite>
Open source can be a key factor for innovation through diversity, collaboration and a fluent exchange of ideas. People from different backgrounds and domains may have different perspectives and provide new, improved or even disruptive answers to known problems. One can enable innovation by listening to different views and actively promoting open collaboration on projects and topics.
Similarly, participating in the elaboration and implementation of open standards is a great promoter of good practices and ideas to improve the company's daily work. It also allows the entity to drive and influence innovation to where and what it needs, and enhances its global visibility and reputation.
Through innovation, open source makes it possible not only to transform the goods or services that your company markets, but also to create or modify the whole ecosystem in which your company wants to thrive.
As an example, by releasing Android as open source, Google is inviting hundreds of thousands of companies to build up their own services based upon this open source technology. Google is thus creating a whole ecosystem from which all participants could benefit. Of course, very few companies are powerful enough to create an ecosystem by their own decision. But there are many examples of alliances between companies to create such an ecosystem.
### Opportunity Assessment
It is important to assess the position of your company compared with its competitors and its partners and customers because it would often be risky for a company to drift too far away from the standards and technologies used by its customers, partners and competitors. Innovation obviously means being different, but what differs should not represent too large a scope; otherwise, your company would not benefit from the software developments made by the other companies of the ecosystem and from the business momentum the ecosystem provides.
### Progress Assessment
The following **verification points** demonstrate progress in this activity:
- [ ] The technologies -- and open source communities that develop them -- that have an impact on the business have been identified.
- [ ] The progress and publications of these open source communities are monitored -- I am even aware of their strategy before the releases are made public.
- [ ] Employees of the organisation are members of (some of) these open source communities and influence their roadmaps and technical choices by contributing lines of codes and participating in the governance bodies of these communities.
### Recommendations
Out of all the technologies that are necessary to run your business, you should identify:
- the technologies that could be the same as your competitors,
- the technologies that should be specific to your company.
Stay up-to-date on emerging technologies. Open source has been driving innovation for the last decade, and many day-to-day powerful tools come from there (think of Docker, Kubernetes, Apache Big Data projects, or Linux). No need to know everything about everything, but one should know enough of the state of the art to identify interesting new trends.
Allow, and encourage, people to submit innovative ideas, and to bring them forward. If possible, spend resources on these initiatives and make them grow. Rely on people's passion and will to create and foster emerging ideas and trends.
### Resources
- [4 innovations we owe to open source](https://www.techrepublic.com/article/4-innovations-we-owe-to-open-source/).
- [The Innovations of Open Source](https://dirkriehle.com/publications/2019-selected/the-innovations-of-open-source/), from Professor Dirk Riehle.
- [Open source technology, enabling innovation](https://www.raconteur.net/technology/cloud/open-source-technology/).
- [Can Open Source Innovation Work in the Enterprise?](https://www.threefivetwo.com/blog/can-open-source-innovation-work-in-the-enterprise).
- [Europe: Open source software strategy](https://ec.europa.eu/info/departments/informatics/open-source-software-strategy_en#opensourcesoftwarestrategy).
- [Europe: Open source software strategy 2020-2023](https://ec.europa.eu/info/sites/default/files/en_ec_open_source_strategy_2020-2023.pdf).https://gitlab.ow2.org/ggi/my-ggi-board-test/-/issues/225Open source and digital sovereignty2023-11-16T16:36:45ZGhost UserOpen source and digital sovereigntyActivity ID: [GGI-A-35](https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/51_activity_35.md).
----
### Scorecard
<details><summary>Click to expand</summary>
#### Customized description
Scope of what has to be done.
####...Activity ID: [GGI-A-35](https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/51_activity_35.md).
----
### Scorecard
<details><summary>Click to expand</summary>
#### Customized description
Scope of what has to be done.
#### Opportunity assessment
Why is this activity relevant?
#### Objectives
What we aim to achieve in this iteration.
#### Tools
Technologies, tools and products used in the Activity.
#### Operational Notes
Approach, method to progress in the Activity
</details>
----
### Description
Digital sovereignty can be defined as the
> “Ability and opportunity of individuals and institutions to execute their role(s) in the digital world independently, intentionally and safely.”
> — Competence Centre for Public IT, Germany
In order to properly conduct its business, any entity has to rely on some other partners, services, products and tools. Reviewing the ties and constraints of these dependencies enable the organisation to assess and control its dependence towards external factors, thus improving its autonomy and resilience.
As an example, vendor lock-in is a strong factor of dependence that may impede the organisation's processes and added value and as such, it should be avoided. Open source is one of the ways out of this lock. Open source plays a significant role in digital sovereignty, allowing a greater choice between solutions, providers and integrators, and greater control over IT roadmaps.
It should be noted that digital sovereignty is not a trust issue: we obviously need to trust our partners and providers, but the relationship gets even better when it's based on mutual consent and recognition, rather than forced contracts and strains.
Here are some advantages of a better digital sovereignty:
- Improve the ability of the organisation to make its own choices without constraints.
- Improve the resilience of the company regarding external actors and factors.
- Improve negotiating position when dealing with partners and service providers.
### Opportunity Assessment
- How difficult/expensive is it to move away from a solution?
- Could the solution providers impose unwanted conditions on their service (e.g. licence change, contracts updates)?
- Could the solution providers unilaterally increase their prices, simply because we do not have a choice?
### Progress Assessment
The following **verification points** demonstrate progress in this Activity:
- [ ] There is an assessment of critical dependencies for the organisation's providers and partners.
- [ ] There is a backup plan for these identified dependencies.
- [ ] There is a stated requirement for digital sovereignty when new solutions are investigated.
### Recommendations
- Identify key dependency risks from service providers and 3rd party entities.
- Maintain a list of open-source alternatives to critical services.
- Add a requirement when selecting new tools and services used within the entity, stating the need for digital sovereignty.
### Resources
- [A Primer on Digital Sovereignty & Open Source: part I](https://www.opensourcerers.org/2021/08/09/a-promer-on-digital-sovereignty/) and [A Primer on Digital Sovereignty & Open Source: part II](https://www.opensourcerers.org/2021/08/16/a-primer-on-digital-sovereignty-open-source/), from the Open-Sourcerers website.
- An excellent superuser.openstack.org article on [The Role of Open Source in Digital Sovereignty](https://superuser.openstack.org/articles/the-role-of-open-source-in-digital-sovereignty-openinfra-live-recap/). Here is a short extract:
> Digital Sovereignty is a key concern for the 21st century, especially for Europe. Open source has a major role to play in enabling digital sovereignty, by allowing everyone to access the necessary technology, but also by providing the governance transparency and interoperability necessary for those solutions to succeed.
- The European Union's take on digital sovereignty, from the [Open Source Observatory (OSOR)](https://joinup.ec.europa.eu/collection/open-source-observatory-osor): Open Source, digital sovereignty and interoperability: The Berlin Declaration.
- The UNICEF's position on [Open Source for Digital Sovereignty](https://www.unicef.org/innovation/stories/open-source-digital-sovereignty).https://gitlab.ow2.org/ggi/my-ggi-board-test/-/issues/224C-Level awareness2023-11-16T16:36:45ZGhost UserC-Level awarenessActivity ID: [GGI-A-34](https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/51_activity_34.md).
----
### Scorecard
<details><summary>Click to expand</summary>
#### Customized description
Scope of what has to be done.
####...Activity ID: [GGI-A-34](https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/51_activity_34.md).
----
### Scorecard
<details><summary>Click to expand</summary>
#### Customized description
Scope of what has to be done.
#### Opportunity assessment
Why is this activity relevant?
#### Objectives
What we aim to achieve in this iteration.
#### Tools
Technologies, tools and products used in the Activity.
#### Operational Notes
Approach, method to progress in the Activity
</details>
----
### Description
The open source initiative of the organisation will yield its strategic benefits only if it is enforced at its highest levels by integrating the open source DNA into the company's strategy and internal working. Such commitment cannot happen if higher-level executives and top management are not themselves a part of it. The training and open source mindset must also be extended to those who shape the policies, decisions and overall strategy, both inside and outside the company.
This commitment ensures that practical improvements, mindset changes and new initiatives are met with consistent, benevolent and sustainable support from the hierarchy, bringing in more fervent participation from workers. It shapes how external actors see the organisation, bringing in reputational and ecosystem benefits. It is also a means to establish the initiative and its benefits in the mid and long term.
### Opportunity Assessment
This activity becomes essential if/when:
- The organisation has set global goals relevant to open source management, but struggles to achieve them. It is unlikely that the initiative can achieve anything without good knowledge and a clear commitment from higher-level executives.
- The initiative has already started and is making progress, but the higher levels of the hierarchy do not follow it up properly.
Hopefully, it should become evident that anything but ad hoc usage of open source requires a consistent and well-thought approach, given the range of teams and cultural change it can bring.
### Progress Assessment
The following **verification points** demonstrate progress in this Activity:
- [ ] There is a mandated governance office/officer empowered to set a uniform open source strategy across the company and ensure that the scope is clear.
- [ ] There is a clear, binding commitment from the hierarchy to the OSS strategy.
- [ ] There is transparent communication by the hierarchy about its commitment to the program.
- [ ] The hierarchy is available to discuss open source software. It can be solicited and challenged on its promises.
- [ ] There is an appropriate budget and funding for the initiative.
### Recommendations
Examples of actions associated with this activity include:
- Conduct training to demystify OSS to C-level management.
- Obtain explicit, practical endorsement for OSS usage and strategy.
- Explicitly mention and endorse the OSS program in internal communications.
- Explicitly mention and endorse the OSS program in public communications.
Open source is a _strategic enabler_ that embarks _enterprise culture_. What does this mean?
- Open source can be leveraged as a mechanism to disrupt suppliers and reduce software acquisition costs.
- Should open source come under the purview of _Software Asset Managers_ or _purchasing departments_?
- Open source licences enshrine the freedoms that deliver the benefits of open source, but they also carry _obligations_. If not met appropriately, responsibilities can create legal, commercial and image risks to an organisation.
- Will licence conditions grant visibility into areas of code that should remain confidential?
- Will it impact my organisation's patent portfolio?
- How should project teams be trained and supported on this subject?
- Contributing back to external open source projects is where the biggest value of open source lies.
- How should my company encourage (and track) this?
- How should developers use GitHub, GitLab, Slack, Discord, Telegram, or any of the other tools open source projects habitually use?
- Can open source impact the company's HR policies?
- Of course, it's not all about contributing back, what about my own open source projects?
- Am I ready to do _open_ innovation?
- How will my projects manage _incoming_ contributions?
- Should I spend the effort to nurture a community for a given project?
- How should I lead the community, what role should community members have?
- Am I ready to cede roadmap decisions to a community?
- Can open source be a valuable tool to reduce silo-isation between company teams?
- Do I need to handle open source transfer from one company entity to another?https://gitlab.ow2.org/ggi/my-ggi-board-test/-/issues/223Setup a strategy for corporate open source governance2023-11-16T16:36:44ZGhost UserSetup a strategy for corporate open source governanceActivity ID: [GGI-A-16](https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/51_activity_16.md).
----
### Scorecard
<details><summary>Click to expand</summary>
#### Customized description
Scope of what has to be done.
####...Activity ID: [GGI-A-16](https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/51_activity_16.md).
----
### Scorecard
<details><summary>Click to expand</summary>
#### Customized description
Scope of what has to be done.
#### Opportunity assessment
Why is this activity relevant?
#### Objectives
What we aim to achieve in this iteration.
#### Tools
Technologies, tools and products used in the Activity.
#### Operational Notes
Approach, method to progress in the Activity
</details>
----
### Description
Defining a high-level strategy for open source governance within the company ensures the consistency and visibility of approaches towards both in-house usage and external contributions and involvement. It makes the company's communication more effective by offering a clear and established vision and leadership.
The shift towards open source brings with it numerous benefits, as well as some duties and a change in the company's culture. It can impact business models and influence the manner in which an organisation presents its value and offer, and in its position towards its customers and competitors.
This activity includes the following tasks:
- Set up an OSS Officer, with (top) management sponsoring and backing.
- Set up and publish a clear roadmap for open source, with stated objectives and expected benefits.
- Make sure that all top-level management knows about it and acts in accordance with it.
- Promote OSS inside the company: encourage people to use it, foster in-house initiatives and level of knowledge.
- Promote OSS outside the company: through official statements and communication, and visible involvement in OSS initiatives.
Defining, publishing and enforcing a clear and consistent strategy also helps buy-in from all people within the company and eases further initiatives from teams.
### Opportunity Assessment
It's a good time to work on this activity if:
- There is no coordinated effort from management, and open source is still seen as an ad-hoc solution.
- There are already in-house initiatives, but they don't penetrate up to the upper levels of management.
- The initiative was started some time ago but faces many obstacles, and still doesn't yield the expected results.
### Progress Assessment
The following **verification points** demonstrate progress in this Activity:
- [ ] There is a clear open source governance charter for the company.
The charter should contain:
- what to achieve,
- who we do this for,
- what the power of the strategist(s) is and what not.
- [ ] An open source roadmap is widely available and accepted throughout the company.
### Recommendations
- Set up a group of people and processes to define and monitor open source governance within the company.
Ensure there is a clear commitment from the top-level management to the open source initiatives.
- Communicate about the open source strategy within the organisation, make it a major concern and a true corporate commitment.
- Ensure that the roadmap and strategy is well understood by everybody, from development teams to management and infrastructure staff.
- Communicate on its progress, so people know where the organisation is regarding its commitment. Publish regular updates and indicators.
### Resources
- [Checklist and references for Open Governance](https://opengovernance.dev/).
- [L'open source comme enjeu de souveraineté numérique, by Cédric Thomas, OW2 CEO, Workshop at Orange Labs, Paris, January 28, 2020](https://www.ow2.org/download/OSS_Governance/Level_5/2001-OSSetSouveraineteNumerique-RC3.pdf) (french only).
- [A series of guides to manage open source within the enterprise, by the Linux Foundation](https://todogroup.org/guides/).
- [A fine example of open source strategy document, by the LF Energy group](https://www.lfenergy.org/wp-content/uploads/sites/67/2019/07/Open-Source-Strategy-V1.0.pdf)https://gitlab.ow2.org/ggi/my-ggi-board-test/-/issues/222Open source procurement policy2023-11-16T16:36:44ZGhost UserOpen source procurement policyActivity ID: [GGI-A-43](https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/51_activity_43.md).
----
### Scorecard
<details><summary>Click to expand</summary>
#### Customized description
Scope of what has to be done.
####...Activity ID: [GGI-A-43](https://gitlab.ow2.org/ggi/ggi/-/blob/main/handbook/content/51_activity_43.md).
----
### Scorecard
<details><summary>Click to expand</summary>
#### Customized description
Scope of what has to be done.
#### Opportunity assessment
Why is this activity relevant?
#### Objectives
What we aim to achieve in this iteration.
#### Tools
Technologies, tools and products used in the Activity.
#### Operational Notes
Approach, method to progress in the Activity
</details>
----
### Description
This activity is about implementing a process to select, acquire, purchase open source software and services. It is also about considering the actual cost of open source software and provisioning for it. OSS may be "free" at first sight, but it is not without internal and external costs such as integration, training, maintenance and support.
Such policy requires that both open source and proprietary solutions are symmetrically considered when evaluating value for money as the optimum combination of the total cost of ownership and quality. Therefore, the IT Procurement department should actively and fairly consider open source options, while at the same time ensuring proprietary solutions are considered on an equal footing in purchasing decisions.
Open source preference can be explicitly stated based on the intrinsic flexibility of the open source option when there is no significant overall cost difference between proprietary and open source solutions.
Procurement departments must understand that companies offering support for OSS typically lack the commercial resources to participate in procurement competitions, and adapt their open source procurement policies and processes accordingly.
### Opportunity Assessment
Several reasons justify the efforts to set up specific open source procurement policies:
- Supply of commercial open source software and services is growing and cannot be ignored, and requires the implementation of dedicated procurement policies and processes.
- There is a growing supply of highly competitive commercial open source business solutions for corporate information systems.
- Even after adopting a free-of-charge OSS component and integrating it into an application, internal or external resources must be provided to maintain that source code.
- Total Cost of Ownership (TCO) is often (although not necessarily) lower for FOSS solutions: no licence fees to pay when purchasing/upgrading, open market for service providers, option to provide some or all of the solution yourself.
### Progress Assessment
The following **verification points** demonstrate progress in this activity:
- [ ] New call for proposals proactively request open source submissions.
- [ ] Procurement department has a way to evaluate open source vs proprietary solutions.
- [ ] A simplified procurement process for open source software and services has been implemented and documented.
- [ ] An approval process drawing from cross-functional expertise has been defined and documented.
### Recommendations
- "Be sure to tap into the expertise of your IT, DevOps, cybersecurity, risk management, and procurement teams when creating the process." (from [5 Open Source Procurement Best Practices](https://anchore.com/blog/5-open-source-procurement-best-practices/)).
- Competition law may require that "open source" not be specifically mentioned.
- Select technology upfront then go to RFP for customisation and support services.
### Resources
- [Decision factors for open source software procurement](http://oss-watch.ac.uk/resources/procurement-infopack): not new, but still a great read by our colleagues at OSS-watch in the UK. Check out the [slides](http://oss-watch.ac.uk/files/procurement.odp).
- [5 Open Source Procurement Best Practices](https://anchore.com/blog/5-open-source-procurement-best-practices/): a recent piece on open source procurement with useful hints.