Clear guidance and visibility

[gcharest]

Examples of times where we could have used an OSS alternative

[gcharest]

Ashley Casovan

Policy will help clarify direction on use, contribution, create OSS.

Need to make sure that existing policies are known and are realigned towards the direction of the GC

Digital Standards will lead to Digital Policy (upcoming) as a reference point: coming from Minister and states that we need to work in the open, use open standards and open source software.

[KingBain]

Would this become a TBS ITPIN ? I'd say TBS needs to push this down as a policy.

[swill]

Ideally, the end users who wants to use an open source tool would be able to link the source repo they want to use (github). This tool would scan the repo, determine the license, potentially do security scanning, etc... The result would be a report card which would act as a litmus test of risk. It would be ideal if there was an auto-approval for low risk projects. If something comes back with some flags, the report card could be used to escalate to the people who need to review for approval.

Automate as much as possible...