How to blow $3 million in taxpayer funds (UPDATED)

You read things like this and it makes you wonder why IT departments continue to throw away money on proprietary licenses why you bother paying taxes at all [See note below]. In this case, the Public Company Accounting Oversight Board (PCAOB) spent $3 million on a document management system from Documentum, and it has been a complete waste of money.

The PCAOB tries to blame itself for the waste, but the reality is that it's a combination of overpriced and overly complex software wrapped in a proprietary license, and an effort to force-feed square-peg technology onto round-peg people.

Open source could have dramatically reduced the PCAOB's risk:

The PCAOB has not sufficiently defined its business and technology requirements for document management. Evaluation of options for document management began in 2003. However, as of September 2006, Documentum (the selected technology), was only being used in a limited capacity. This occurred, in part, because the PCAOB did not fully implement certain best practices for document management projects. As a result, the PCAOB has spent about $3 million on a document management system that is not fully utilized, and the benefits of a robust records and information management program are not being gained.

While much effort by the PCAOB's Office of Information Technology (OIT) has been put into documenting requirements for enterprise and inspections versions of a document management system, the majority of PCAOB employees are still not using the system, and the project lacks overall strategic direction. Some potential users of the system do not view the document management system as fulfilling their business needs.

Unfortunately, I'm guessing this scenario feels painfully familiar to many IT people reading this. As mentioned, in part this is because the software in question is cumbersome to use and forces people to fit the way they work to the way the software requires them to work. There are significantly easier products to use. This, however, is not a function of proprietary versus open-source licensing. It's just a a matter of a poorly designed product.

No, the biggest problem, and yet also the easiest to solve, is the $3 million license fee. Any open-source solution would have allowed the PCAOB to spend nothing upfront and simply pay for support, thereby "amortizing" its risk. (Related to this, though not analogous, is the fact that smaller IT projects succeed much more often than large ones do, according to research from The Standish Group.)

Here are the PCAOB's two options:

1. Proprietary. Watch a few demos (hopefully representative of the product's actual capabilities (because you have no real way of knowing)), then fork out a huge pile of cash. Assume the cash has been incinerated the moment you give it away, because it won't buy you implementation or an actual solution to your problem. That costs extra, and it may never work.


2. Open source. Use the product for as long as you'd like. See if it works. If it does, and if you then want support (or, in some models, extra functionality), pay a fraction of what you'd pay to a proprietary software company. One hundred percent of that money is for support, such that the vendor has every incentive to ensure your continued happiness and to continue to invest in the innovation of its product and services. Pay extra for implementation, but often from a third party (and almost always much less) that doesn't have the same conflict of interest that in-house professional services might have. If the product doesn't work out, for whatever reason, you're out tens of thousands instead of millions.

Is there a real choice to be made here? Why would you ever take that proprietary software model over open source, assuming there is a roughly comparable open-source competitor to the proprietary product you'd normally choose?

Open source lowers IT risks in many ways, but in no way is this clearer than in how it dramatically lowers the cost of failure. It's common knowledge that many IT projects fail. As such, why not minimize the cost of failure as much as possible? It's much easier to try an open-source solution for $40K and discover that it's not a good fit for your enterprise than to spend 10 times that...only to discover the exact same thing.

This has nothing to do with the nature of the code itself. It has everything to do with the more customer-friendly business models that open-source companies use. Open source shifts the risk to the vendor, whereas proprietary software forces nearly all risk onto the shoulders of the IT buyer. (You don't get the product/code until you pay, and then you pay upfront.)

Open source is a better way of doing business. Maybe the PCAOB should try it.

NOTE: Someone has pointed out that the Public Company Accounting Oversight Board (PCAOB) is not a publicly funded organization. This is true. As the website says, "The PCAOB is a private-sector, nonprofit corporation, created by the Sarbanes-Oxley Act of 2002, to oversee the auditors of public companies in order to protect the interests of investors and further the public interest in the preparation of informative, fair, and independent audit reports." The central thesis of the entry holds, however: open source is a better way for IT buyers to do business. Whether it's someone's tax dollars or shareholder dollars, they shouldn't be wasted on proprietary licenses.

Disclosure: My employer, Alfresco competes with Documentum. But substitute Documentum with the proprietary company of your choice in the post above, and the story remains the same.