W2WP - Issues to be considered when assessing third party applications

Branding

• To what extend can we modify the look and feel of the application so that it looks like it belongs to OULS? e.g.
  • Can we use our own logo, banner?
  • Can we use our own CSS?
  • Do we have to pay to do this? If so, approximately how much?
  • Can the application be embedded within our web pages?
    • using the CMS?
    • other web pages?

Advertising

• Will advertisements appear alongside our content in the application?
• Is it possible to have them switched off?
• Are the advertisements appropriate to our content (e.g. contextual advertising)?

Copyright and intellectual property

• Does the application allow us to specify whether and how our materials can be reused by others?
  E.g. Creative Commons - All rights reserved, Attribution (others can copy but must acknowledge), Non commercial (can copy but only for non commercial purposes only), No derivative works (can copy but can not modify)
• Does the application have partial ownership of any materials that we upload?

Mitigating against loss of content (due to the application disappearing)

• Can the application be locally hosted? If so, please give the URL for further details so that we can pass this to Neil for consideration.
• Can we export content from the application?
  • If so, in what format?
  • Would exported content be easily usable? (please take a URL for further information)
• Any other relevant comments.

What key functionality does this application have?

(e.g. allows collaborative editing of content, roll back feature, password controlled access, tagging of posts, comments function)

Known local alternatives?

• Is there a local alternative to this application within Oxford? (e.g. OUCS applications)
• If so, how similar is its functionality to the application being considered?
• Are key functions missing from the local application and if so what are they?
• Are you aware of any local alternative which is currently being developed within Oxford (e.g. OUCS applications)?

University of Edinburgh's report on external web 2.0 apps and checklist

OUCS guidelines for assessing third party IT services (http://www.oucs.ox.ac.uk/internal/3rdparty/checklist.xml)

Availability and reliability

What guarantees are provided about support or level or service? Are they adequate for the intended use? For example, if the service is unavailable for an extended period of time, how seriously would this affect the Unit's activities?

Continuity of service

Is there any agreement concerning continuity of the service? How serious is the risk that the service might change its policies, or prices, or go out of business? For example, does the Unit care if a free service becomes a paying one, or one subsidized by advertising? Does the Unit have an alternative or exit strategy in such an eventuality?

Support issues

What level of support activity will be needed? Is the service widely used by comparable units outside Oxford? What is its public perception? Is there a strong community of existing users who can provide peer support, or will the Unit need to seek or provide specialist training? Does the service provide (e.g.) a hotline for academic or technical support issues beyond the run of the mill? Is it likely that existing IT support networks (e.g. OUCS Help desk) would be able to provide firstline support?

Migration issues

If the proposed service overlaps wholly or in part with a service already used by the Unit, what will the support costs be in moving existing users? is migration without loss of information simple, technically feasible, or impossible? Does the proposed new service have all the functionality of the existing one (for example, does it provide the same or enhanced levels of security, backup, etc.)?

Domino effects

Will introduction of the new service affect other existing services, for example by reducing or increasing their importance or requiring changes in them? Is there a risk that the service would increase for example network traffic or spam beyond currently acceptable thresholds?

Duplication effects

Is the service (or something analogous) already being used by some other Unit? If so, is there scope for co-operation e.g. in licensing or in pooling of support activities? Alternatively, is there a risk of confusion or lack of data integrity if the same service is provided under different brandings within the University?

Strategic and legal considerations

How well does the new service conform to established University strategic priorities or practice? For example, can it take advantage of current university-wide authentication and identification systems? is it equally usable in all hardware and software environments of importance to the Unit? Does the new service open the Unit to possible additional risk with respect to its legal obligations, e.g. privacy legislation, or contracts, e.g. Janet regulations? Is the service provided under terms specified by an enforceable contract between the service provider and the University?

Rights issues

Are the terms and conditions appropriate for the intended use? For example, if the service will store or manage material in which the Unit has rights, do the T & C adequately protect those rights?

Privacy and confidentiality

Are the terms and conditions adequate for the intended use? For example, who may access the Unit's data and in what circumstances? Is usage of the service auditable by the Unit (for example to track any alleged abuse)?

Cost implications

What are the cost-benefit implications of using the new service? what is the total cost (or saving), taking into account all the above considerations, of using this service as opposed to expanding (or continuing with) an existing internal service -- or doing without? how will that cost be met?