
18F Wants to Change the Rules, Not Break Them, Leader Says - rbc
http://www.nextgov.com/cio-briefing/2017/02/18f-wants-change-rules-not-break-them-leader-says/135628/
======
metaphor
Thank you 18F for blazing a path towards sensibility in this ever so nonsense
charade we call our federal government.

~~~
tssva
They ignored mandated financial controls and issued 10s of millions worth of
contracts without following agency policy and FAR regulations. In a private
corporation​ doing something like that would get you fired and it should in
this case too.

They claim that their security mechanisms were adequate but they just didn't
follow the compliance process. How can we be sure if the processes and
mechanisms provided adequate security if they weren't properly audited as
required? It is like your card processor claiming they are PCI compliant but
not bothering to actually go through a compliance audit.

If they want to affect change in how IT is done in the federal government they
need to create models that can be followed by other agencies without violating
legally mandated financial and security controls. If those controls need to be
changed than they can point out why and in what manner, but until they are
changed ignoring them makes their work throw away efforts which can't be truly
used by other agencies.

