With that in mind, my eye was taken today by the publication of an open letter from a variety of G-Cloud supporting vendors to Tony Singleton, the current head of the G-Cloud programme within the UK's Government Digital Service team.
The letter offers a series of suggestions for how the Framework needs to evolve to meet growing demand as the public sector cloud market matures. Topics considered include:
- Clarity on Government Protective Marking Scheme (GPMS) changes and PGA accreditation
- Length of contract term
- Terms and conditions and safe contracting under the G-Cloud
- Opportunities and challenges brought about by the UK Government Cloud First policy.
While the letter relates directly to the UK G-Cloud programme, the lessons learned by the UK government to date are applicable to other countries and the signatories hope that the recommendations therein will be looked at beyond the UK's borders.
With an eye to Think Cloud for Government - and for the record - we're reproducing the letter in full for consideration. We'll return to the recommendations within in the coming days and weeks.
If you work in the public sector you should join us at Think Cloud for Government on 25th March where Tony Singleton will be among the keynote speakers along with Stephen Kelly, UK government Chief Operating Officer. Entry is free of charge for qualified public sector professionals. Register here.
Government Digital Service
125 Kingsway London WC2B 6SC
G-Cloud: An Open Letter in Support of G-Cloud
As we begin 2014, full credit must be given to GDS and CCS for having the courage and tenacity to implement and drive through G-Cloud, often in the face of scepticism and indifference. February 2014 will see the second anniversary of the G-Cloud Framework and CloudStore.
What started as an alpha CloudStore and an exploratory six month framework agreement has in a short time revolutionised the way the UK public sector can procure its ICT, catalysing change to the extent that it has even been cited as a potential global procurement model by a former US Government CIO.
We are passionate advocates of G-Cloud, and firmly believe in its principles of open competition within a diverse and transparent market. Collectively we have amassed considerable experience in both buying and selling through the CloudStore and the G-Cloud Framework, and a number of common themes are becoming apparent.
We have outlined these themes below and have included our recommendations for further improving the marketplace.
1. Complex Requirements and G-Cloud Literacy
We welcome the introduction of the government’s Cloud First policy and note that the growth of cloud service consumption has increased exponentially in the UK public sector since its introduction in May 2013. It is also evident that Cloud First, combined with the GDS’ ICT spend control process is driving increasingly complex requirements through the G-Cloud framework. Again, we welcome this development as it has given the G-Cloud supply community the opportunity to demonstrate that cloud computing can support complex delivery programmes, without any compromise to cost, to security or agility. Nevertheless this does bring its own challenges in terms of the current parameters of the G-Cloud Framework:
- The level of understanding around how to buy from the CloudStore remains variable. We see a wide range of practices and attitudes, and in frequent cases the G-Cloud buying guide does not appear to be followed. We all share a common interest in safeguarding the future of the framework, and thereby the emerging G-Cloud market. As opportunities through the framework become larger (and more valuable to suppliers), there is an increased risk of challenge from those suppliers who are losing revenues to G-Cloud. A successful challenge could potentially damage the integrity of the initiative, and all that it promises to deliver to the UK public sector. We recommend that a system be put in place to enable suppliers to report variances from the G-Cloud buying guide to the G-Cloud team and CCS to enable any common issues to be addressed.
- A number of government buyers have had a requirement to incorporate collaboration agreements into the call-off contract where they are sourcing multiple G-Cloud suppliers, or where they are introducing G-Cloud buyers into a multiple supplier environment. In some cases they have not known how to address this complexity as they fear making a material change to the contract. Whilst it is possible to put non-contractually binding agreements in place, buyers tend to want the re-assurance that a contract gives. We recommend that the framework is revised to incorporate a template collaboration agreement for G-Cloud 5. The G-Cloud framework is standardised and designed to remove complexity. In best case scenarios contracts can be completed within hours. Nonetheless, contractual standardisation generates challenges: for the buyer whose default is their own terms and conditions; and for suppliers whose own terms and conditions are at the bottom of a contractual hierarchy. Some buyers do not think the terms are either sufficiently robust and either avoid the framework or they architect additional clauses to bolster the contract. A particular grey area for some buyers is whether or not individual buying organisations can incorporate their own mandatory terms and conditions. We recognise that specific requirements may require, to the extent possible, some revision to the terms between particular buyers and suppliers, however the risks of buyers using order forms to change contract terms is widely recognised, particularly within the cloud legal/academic community. There is a clear need to engage with buyers to establish what the G-Cloud Framework terms need to cover, and incorporate into the standard terms to the extent possible. This - coupled with renewed emphasis on the G-Cloud buying guide on the extent that additional clauses can be used - will lead to improved adoption and safer contracting for all.
- We have seen numerous examples where buyers are coming to market with a complex requirement that cannot be met in full by any given service – which supports your desire for commoditisation and disaggregation. The net result is that additional requirements are sometimes added to the call-off contract, which bear little relation to the content of the service descriptions shown on CloudStore. Again, our concern would be this creates a potential procurement risk and, if changes are to be permitted at all (there is a strongly held view within the legal community that they shouldn’t), better central guidance and education is needed as to what constitutes a material change to service.
2. Call-off Contract Term
The two year call-off term is often cited by buyers as a reason for not using G-Cloud, as it would force them into a frequent procurement cycle. Whilst this argument does not hold true if a buyer is purchasing a genuine cloud service and using the G-Cloud framework correctly, there is a perception amongst many buyers that “procurement” is onerous and undesirable by default, and to be avoided wherever possible. Continued education (and an increase in case studies) will address this issue in the medium to long term. However, given that a “termination for no cause” clause now exists within the framework, we recommend that GPS increase the maximum contract term to three years. We believe this would encourage the immediate take up of cloud services, allowing buyers to get maximum benefit from the market, without locking them into any given supplier or technology.
3. Security Classification Changes
With the forthcoming changes to Government Security Classification Policy (GPMS) coming into play at the beginning of April, and G-Cloud 5 planned to be live at the end of April, there remains a high level of confusion about how the new GPMS will map onto any G-5 services which carry a PGA accreditation under the current system. Clear guidance is needed very soon: this will benefit the buyer, who may opt for an unnecessarily high (and costly) security wrap, and also the suppliers who have either invested or are investing heavily in PGA accreditation.
The G-Cloud framework agreement and the CloudStore operate to unprecedented principles of transparency. The “catalogue” principles behind CloudStore mean that it is normal for a supplier to be approached at shortlist stage without ever being aware that a long-listing exercise had taken place. There is little, if any, transparency of forthcoming opportunity to the supplier, which can in turn lead to negative speculation about how long-lists and shortlists are compiled. We recommend that transparency principles are applied to all areas of G-Cloud transacting:
- That an opportunity pipeline is published so that suppliers can see who is planning to buy and when (Contracts Finder would be the logical channel).
- That suppliers are informed if they have been long-listed – and that reasons for failing to make the shortlist are communicated to the supplier. Suppliers can then improve their products and pricing which will in turn benefit the market as a whole.
The CloudStore is, in our collective view, reforming public sector ICT procurement. UK public sector ICT buyers have never before had access to such a diverse range of services and suppliers which, coupled with the ability to compare, to select and to procure services rapidly, is transforming business and policy outcome. We recognise that the CloudStore is under continual review and improvement, and look forward to its next iteration. In the meantime, based on feedback from both G-Cloud consumers and suppliers, we think the following features would be of great benefit to G-Cloud users:
- Having the ability to show the relationships between solutions, showing which technologies, systems and services work together. This could be done through an honour based statement of conformity, and be policed by suppliers;
- In a similar manner to online retail sites, display related purchases (without identifying the suppliers) “When buying X people also bought Y”.
GDS has stated that there are over 13,000 services available via the CloudStore, provided by 1183 suppliers. We really welcome the scale and diversity of the competitive supplier community which is now tangibly disrupting the status quo of the conventional UK public sector ICT market. Nevertheless, it is doubtful that all or even many of the Lot 1, 2, 3 services available meet the NIST definition for Cloud Services – or that they demonstrate the essential characteristics required by the G-Cloud 4 procurement, namely truly on demand, measured service. We believe this oversight not only confuses the market making the challenge of education even harder but also conflicts with the goals of the framework. Whilst we recognise that GDS is taking assurance very seriously, we recommend that the assurance process is accelerated in order to protect the integrity of the CloudStore and remove services that do not qualify.
Collectively, we strongly believe that the G-Cloud Framework has been a tremendous success and continues to change the market for the better – reducing costs whilst increasing innovation, agility and choice. In sharing our collective experience, we would like to understand how to best engage with GDS and CCS in going forward in order to help continually improve future frameworks for the better of the UK public sector. We would be happy to meet to expand on the detail if you would find that helpful.
Simon Hansford, CTO, Skyscape Cloud Services Ltd
Richard Steel, General Manager UK, Azeus UK Ltd
Roger Bickerstaff, Partner, Bird and Bird
Tim Bennett, Managing Director, Datatank Ltd
Richard Clarke, Head of Public Sector EMEA, Huddle
Elizabeth Vega, CEO, Informed Solutions Ltd
Marek Baldy, Business Development Director, Konetic
Mark Cooper, IS&GS Civil UK Managing Director, Lockheed Martin UK Ltd
Karen Carlton, Head of Sales and Marketing, MDS Technologies Ltd
Mark Webber, Partner, Osborne Clarke
Sam Simpson, Commercial and Delivery Director, Roc Technologies
Peter Hornsby, COO, SFW Ltd
Martin Rice, CEO, The Agile Consultancy
Scot Paton, COO, Vysionics ITS Ltd
Andrew Curtois, Senior IT Category Manager, Westminster City Council
Copy: Sally Collier, Crown Commercial Service, Sarah Hurrell, Crown Commercial Service.