Doug Hadden, VP Products
Horrors of horrors! The failure of a government IT project – the highly politicized healtcare.gov in the United States. This has leaped into public consciousness (despite the rather open secret that IT projects tend to fail more in the public sector than the private.) It's somewhat difficult in hyper partisan "inside the beltway" Washington DC to have a balanced or nuanced view. Far more opinions than facts are emerging. Many from "outside the beltway" with pet technology fix ideas like open source or cloud computing.
Technology "solutioning" without fully understanding the problem is a recipe for disaster.
Many tech observers point out that the approach taken by Health and Human Services (HHS) increased operational risk. These observers do not understand the political risk involved in large IT projects. Any solution to systemic IT procurement problems need to address both risk elements.
Political Risk with Proposed Solutions
Many methods that could reduce the risk of operational failure increases the perceived political risk:
- Cloud computing, particularly public cloud, that reduces the risk of infrastructure failure like scalability and reliability: Cloud computing presents perceived privacy and security risks. Woe be it to any public servant running a healthcare IT project where someone hacks in to get health information.
- Open source that achieves economies of scale: Open source has huge perceived risk (despite that fact that it is used deeply by the intelligence and military community). Large vendors with proprietary technology regularly drum up fear of open source in government with the notion that it isn't secure because everyone can read the code.
- Agile development methods that enables changing course quickly, identifying root causes of problems and adjusting: Policy is not an agile process. Agile concepts sound, to many public servants, like the wild west of software development. Of madness rather than method. Of a lack of planning by vendors.
- Smaller vendors with smaller teams that have domain expertise and less coordination overhead: Governments view smaller vendors as significantly risk. The loss of a single team member can put projects in jeopardy. Most government IT procurement demands that projects represent no more than a few percentages of the company's overhead. It is thought that strong balance sheets and many customers reduces perceived risk – even though large vendors tend to fail far more than smaller.
- Revise government procurement rules to make a more level playing field: Governments operate using laws that can appear to be Byzantine. Government procurement processes are highly compliance-oriented to reduce the perception of arbitrary political decisions or the influence of large vendors.
Political risk also computes with personal risk. Career public servants take on significant risk when advocating that large IT projects ought to use the public cloud or use open source. Many senior IT professionals have significant private sector experience in large government contractors. CIOs and CTOs often leave government to high profile private sector positions. This is not to say that there is collusion here. It's the context of experience. These IT professionals often have little experience with emerging technology. And, great suspicion of untested ideas.
How can this be fixed?
Any successful change in a large organization requires root cause analysis. There is no quick fix. The context of political risk needs to be addressed on one hand. Government IT procurement and implementation must learn more about operational risk management. Risk tools are needed and risk management plans need to be developed. Then the fixes need to be evaluated based on risk tolerance.