31Mar2011 (UTC +8) In the corporate environment, a lot of executives and business owners are close-minded about open-source. They say that the Total Cost of Ownership (TCO) is higher for open-source application than for commercial proprietary software, it's hard to get technical support, and that they'd waste too much time on vulnerability mailing lists.
I argue that the same issues for both open-source and proprietary software are the *same.* But to talk in their language, you'd have to present open-source as part of the enterprise's investment portfolio, and manage IT just as they would for other types of assets. Here's a tool that I use to help organize my arguments for open-source: http://www.isaca.org/Journal/Past-Issues/2008/Volume-3/Documents/jpdf0803-using-cobiT-4.1.pdf Drexx Laggui -- CISA, CISSP, CFE Associate, ISO27001 LA, CCSI, CSA http://www.laggui.com ( Manila & California ) Computer forensics; Penetration testing; QMS & ISMS developers; K-Transfer PGP fingerprint = 0117 15C5 F3B1 6564 59EA 6013 1308 9A66 41A2 3F9B _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
