All news stories

Is PSN Compliance Creating an Uneven Playing Field?

ComplianceI have spent some time in the last month talking to a number of service providers who are targeting public sector business.  A recurring complaint has been the cost and time required to obtain and maintain PSN compliance.

The Public Sector Network has been labelled a ‘network of networks’ setting the standards and codes that both suppliers and users adhere to within the public sector, with the aim of reducing costs for both government and suppliers.

PSN compliance is, in theory, a way of levelling the competitive playing field, by setting a series of technical and process standards against which a provider is assessed before being deemed fit to sell a particular product or service.  Any authority who wants to buy, for example, a hosted voice solution for its staff, can specify PSN compliance to a particular security standard.  Bidders who meet the standard can then be compared on a like for like basis, and the authority has assurance that the product itself will meet a consistent standard.  The process is outlined in the diagram below.

[caption id="attachment_554" align="aligncenter" width="600"]PSN Compliance Process for Suppliers. PSN Compliance Process for Suppliers.[/caption]

However, in practice the system doesn’t work (or at least, only works for large, incumbent suppliers).  The reasons for this are simple:

  • the cost of achieving compliance is very high, often running into hundreds of thousands or even millions of pounds.  SMEs simply could not afford to bear this level of investment, and consequently are forced to operate as subcontractors to the larger suppliers who can.
  • using PSN an compliance as a pre-requisite for selection or award favours the incumbent, as they have an existing revenue stream and team to cover the costs of compliance.  A market entrant has to bear these costs before they have received a penny in revenue.
  • requests for accreditation are supported through a queueing system, with no firm SLA’s for assigning resources or conducing the required assessments.
  • all public sectors involved in applying the standards are not obliged to consider either it’s cost, or the need to maintain a competitive market, in doing so.  As a result, standards may be set too high, or in ways that inadvertently increase the cost of entry to the market.

Ultimately, minimum standards, especially for security, do have to be set and maintained in order to protect public information assets.  However, the PSN Authority should have an obligation to consider (and report on) the cost of PSN compliance if the public sector market is to remain competitive.

Reviewing your approach to selling in the public sector?  Kelvin has advised some of the most successful companies in public sector IT on market strategy, tender submission, bid presentation and pricing.  Why not contact Kelvin for a one hour presentation on the strategic opportunities that exist to transform your business results in the public sector.