The Pentagon’s procurement cycle is frequently criticized for being slow and adding cost and complexity. We in the Defense IT community know that many of our procurement wounds are self-inflicted. We continually fall victim to trying to deliver the “perfect” solution: We embark on long, drawn-out programs that miss the mark once deployed, we get tied up in proprietary solutions, and then we can’t build the trust we need to share capabilities across multiple user communities. At the end of a cycle, we frequently realize that the “perfect” solution costs more, with fewer benefits, because of long-term spending without the ability to assess the solution’s utility.
It is time for the government to adopt the “good enough” approach to IT, rather than waiting to achieve perfection. Our military forces are facing an enemy that finds ways to exploit commercial technology faster than we can develop perfect solutions to combat those weapons. A “good enough” solution that can quickly provide agile, incremental capability to warfighters is frequently valuable, delivering some benefit while enabling users to help developers improve on the solution.
But in IT, whether in Defense or civilian agencies, what is “good enough”? Clearly, there is no single correct answer. In each case, users must engage with the development community to agree on a definition. We must structure our IT acquisition programs to consist of short spirals that deliver incremental capability. Each increment should enable feedback from the users to ensure that subsequent increments reflect their priorities. The IT community can gain the confidence of our warfighters by structuring consistent delivery of some capabilities rather than forcing them to wait for a perfect solution.
How will these incremental capabilities be developed? DOD has adopted two instrumental policy frameworks to guide the development and delivery of future IT capabilities — the Net-Centric Data Strategy and the Net-Centric Services Strategy. The cornerstones of these strategies are:
• to separate data from the application so the data can be exploited by others without requiring the client application, which is proprietary in most cases;
• to deliver both data and applications as web-based services to increase the potential for others to access the data and reuse the application functionality that is provided by the service.
At DOD, we have embedded these strategies in policy, but successful adoption of these practices — here or anywhere — requires more than mandates from the CIO. An agency must craft the right incentives to motivate program offices and managers to propel IT to implement these policies.
IT managers in government must begin to think and act more like their counterparts in businesses: How do we provide a service to our customers — whether warfighters, border inspectors or revenue collectors — that can be exploited and expanded to generate new capabilities, with the goal of increasing “market share” for our services?
Current funding and acquisition structures in government agencies discourage IT executives from pursuing incremental capability delivery to capture such “market share.”
Finally, lack of trust may be the largest impediment to adopting incremental approaches for service-based capability delivery. A key trust enabler — certification and accreditation of services — must be addressed quickly. More important, this must be governed at the enterprise level to maximize trust in services across different parts of the enterprise. When potentially conflicting approaches and rules are used, we create barriers that prevent programs from sharing capabilities. Governing C&A at the enterprise level means that “good enough” can also be applied to trust enablers.
It is time for the IT community to ensure that perfection does not become the enemy of “good enough.”