Thanks for the feedback guys. I guess the key factor is the level of validation required for a COTS vs an Open Source system and balancing the costs of purchase, validation and ongoing maintenance.
Thinking about this today it ocurred to me that the main potential issue with Open Source software is the future maintenance of the system, e.g. s/w patches and upgrades, and the support of these systems for Microsoft Operating System patches.
In the case of the COTS product, you will have these from the vendor as part of a maintenance agreement, but in the case of Open Source the onus will be mainly on the user and this adds to the maintenance overhead.
My clients are a small start up company developing a software based medical device product and won’t really have the manpower resources to dedicate to the initial validation and ongoing maintenance of an Open Source system, so I’m going to recommend that they go with a COTS product for configuration management and bug tracking that is appropriate to their needs and size, which will make the initial validation work more manageable.
Anyone have any opinions on SourceSafe or PVCS, or recommend any other Windows based CM product? ClearCase is excellent, but complicated.