Enabling internal government tech shops to quickly stand up applications in a secure testing environment is fundamental to quick prototyping, and 18F’s new Cloud.gov is a major step in realizing ultimate IT flexibility.
I reached out to GovReady founder Greg Elin who is working on “making FISMA a platform instead of paperwork,” and he replied with the following comments that are better than anything I could say on the subject:
For most of the past 20 years, the CIO Council, NIST, and most agency IT shops have focused on policies and procedures to provide contractual requirements for vendors doing the work. That’s not criticizing anyone, it’s how the system was set up. The CIO Council’s authority is to provide recommendations–not write code. NIST’s mission is to advance measurement science and standards development–not build platforms.
Take the CIO Council’s enterprise architecture efforts or NIST’s Risk Management Framework as examples. They provide incredibly rich, comprehensive expert guidance distributed in documents. Unfortunately, contracts, contractors and projects implement the guidance differently enough that interoperability and reusability rarely occurs between bureaus or across agencies. In contrast, over the past decade in the private sector and on the Internet, knowledge has become immediately actionable via open source, APIs and GitHub repos. It’s a golden era of shared solutions powered by StackOverflows and code snippets, package managers and Docker containers.
If 18F’s Cloud.gov succeeds at encompassing official policies and regulations into loosely coupled running code, then contracts are easier to write, vendors aren’t constantly reinventing things, and projects happen faster.