[Paper] Public Sector Open Source Program Offices - Archetypes for how to Grow (Common) Institutional Capabilities

Source: arXiv - 2603.04891v1

Overview

Open Source Programme Offices (OSPOs) are emerging as the “engine rooms” that help public‑sector organisations (PSOs) adopt, develop, and contribute to open‑source software (OSS). This paper surveys 18 OSPOs across the EU, Norway, Liechtenstein and Iceland, distilling six recurring “archetypes” that capture how governments can structure these offices to boost digital sovereignty, interoperability, and innovation.

Key Contributions

• Six OSPO archetypes identified, ranging from “Compliance‑focused” to “Innovation‑driven” models.
• Cross‑case taxonomy linking organisational structure, mandate, and maturity level.
• Policy‑level recommendations for designing OSPOs that align with national digital strategies.
• Empirical evidence (18 interviews + 2 focus groups) showing how OSPOs influence OSS adoption in the public sector.
• Practical checklist for PSOs to assess current capabilities and plan OSPO evolution.

Methodology

The authors used a qualitative, interview‑survey approach:

1. Participant selection – 18 OSPO representatives from 16 distinct public‑sector bodies were recruited.
2. Semi‑structured interviews – Topics covered governance, staffing, budget, metrics, and collaboration practices.
3. Cross‑analysis – Interview data were coded and clustered, revealing patterns that formed the six archetypes.
4. Validation – Two follow‑up focus groups (including original interviewees and external experts) refined the taxonomy and checked the robustness of the findings.

The approach is deliberately non‑technical, focusing on organisational behaviour rather than code‑level details, making the results easy to digest for developers, product managers, and policy makers alike.

Results & Findings

What this means:

• Most PSOs start with a narrow, compliance‑oriented office and gradually expand into broader strategic or innovation roles as they gain experience and resources.
• The archetype a PSO adopts is strongly linked to its policy goals (e.g., cost‑saving vs. digital sovereignty) and resource constraints (budget, staff expertise).
• Successful OSPOs consistently track metrics such as reused OSS components, contribution volume, and licensing risk reduction.

Practical Implications

• For developers: Knowing the OSPO archetype of your agency tells you whether you’ll be asked to contribute code (Innovation‑Hub) or simply follow a licensing checklist (Compliance‑Centric). Tailor your communication and tooling accordingly.
• For product owners: Leverage the OSPO’s “component catalogue” to reuse vetted OSS, cutting development time and avoiding legal pitfalls.
• For procurement teams: Use the compliance archetype’s templates to embed OSS licensing checks early in vendor contracts.
• For policymakers: The taxonomy offers a roadmap to scale OSPO capabilities—start with a lightweight compliance unit, then allocate budget for community engagement as the ecosystem matures.
• For ecosystem partners (e.g., foundations, NGOs): Identify the “Community‑Engagement” OSPOs as natural entry points for joint events, mentorship programs, and co‑development projects.

Limitations & Future Work

• Geographic scope: The study focuses on a handful of European countries; results may differ in larger, more diverse jurisdictions.
• Sample size: 18 OSPOs provide rich qualitative insight but may not capture every possible organisational nuance.
• Temporal dynamics: OSPOs are evolving rapidly; the archetypes could shift as new EU directives on digital sovereignty emerge.
• Future research directions: longitudinal studies to track OSPO maturation over time, quantitative impact analysis (cost savings, time‑to‑market), and extension of the taxonomy to non‑European public sectors.

Authors

• Johan Linåker
• Astor Nummelin Carlberg
• Ciaran O’Riordan

Paper Information

• arXiv ID: 2603.04891v1
• Categories: cs.SE
• Published: March 5, 2026
• PDF: Download PDF