This week some of the UK and US government’s top tech policy thinkers descended on chilly Canberra to exchange ideas and experiences with their peers in the Australian public service.
In the spirit of collaboration and cross-pollination, iTnews has pulled together five of the best ideas shared at the Technology in Government conference for Aussies bureaucrats to ponder.
No more bundled contracts
When the UK government set out to discover what its agencies were spending on hosting services, it soon found out they had no idea what the answer was.
The problem, the UK Cabinet Office’s network guru James Duncan suspected, was that vendors were bundling extra services into their contracts to obscure the true unit price of commodity services.
“They didn’t want us to know how much we were actually paying,s o when we signed those contracts they bundled other things into them like application development, printing - all sorts of things," he said.
“If you cannot understand what is in the contract then you are not going to have any chance of getting value for it."
By splitting simple government services out from more complex services - and buying both from different vendors - the UK was able to find a single private sector partner to deliver those same services at about a third of the cost.
“We just had to focus on what those agencies needed,” he said. “We kept the simple things simple.”
Prizes not procurement
Former White House CTO Aneesh Chopra described government procurement rules as located “on the corner of evil and awful”.
“You pretty much need to have a PhD in procurement physics in the US to even have access to these opportunities,” he said.
“It crowds out the one-off innovator or entrepreneur that may not want to be a government contractor in general, but might be inspired to solve a specific problem that could be useful for the task at hand.”
One of the ways the US government is currently getting around the procurement conundrum is by offering competitions instead of RFPs - challenging the whole community to come up with solutions rather than paying the same old suppliers to deliver pre-defined work orders.
The US government currently has legal authority to offer prizes up to US$50 million for these competitions “in lieu of procurement”, Chopra said.
It currently has US$10 million up for grabs for the NGO, researcher, vendor or agency that can come up with a way to get solar panels installed ‘from permit to plug-in’ in seven days or under.
The 20-week limit
The Australian government’s newest tech recruit Paul Shetler, an American who has been poached from the UK to take over Canberra’s new Digital Transformation Office, has brought the experience of the Ministry of Justice (MoJ) and the UK Government Digital Service (GDS) to the Australian situation.
Only time will tell if he will impose the same 20-week timeframe for building new digital products that he introduced while he was chief digital officer of the MoJ.
The cap on delivery times was Shetler’s way of “making things small” in the face of a seemingly insurmountable digital workload at the UK department.
It was applied to 20 different projects, which were trimmed down to the key pain points likely deliver the biggest impact to make it inside the 20-week limit.
“The only way we were going to make any headway was by realising we can’t do it all at once,” Shetler said.
With three “gruelling” GDS gateway assessments included, the limit effectively meant code needed to live and in use the public within eight weeks of inception.
“That is relatively unheard of in government IT,” Shetler said.
FedRAMP: Finding a ‘Goldilocks scenario’
Chopra also talked up the US government’s federal risk authorisation and management program (FedRAMP) - a standard “do it once” system of uniform security assessments for cloud products that can certify cloud vendors for entrance into the government’s security envelope.
Basically, he said, the US locked the cloud vendors up in a room and asked them to lift the bar when it came to their security practices. In exchange, the government would buy from them rather than building their own secure hosting.
He described this as the ‘Goldilocks scenario’: “Better than the commercial cloud. Less onerous than the government internal cloud. Maybe there in the middle was a layer that was priced just right.”
For example, he said, “when we wanted to introduce secure email for doctors and patients in hospitals, we didn't want to download the privacy regulation to say regular email was good enough.
“So we said ‘hey can you help develop a higher order email but at commercial scale’? And they came up with a technical standard that authenticated the sender and the receiver and encrypted the file. That became the direct protocol.”
He said finding a middle point not only allowed the government to reduce costs without compromising on security, it also raised the standard of best practice in the commercial sector.
The innovation register
It wasn’t only the visitors that had ideas to share.
AUSTRAC’s new CIO Maria Milosavljevic has already laid the foundations of an agency-wide innovation register at the anti-money laundering authority, just over a month into the role.
Using Atlassian’s JIRA tool, staff will be able to lodge their ideas into the register and check back to see whether they have been picked up for deployment, and if so, track their ongoing development. Milosavljevic is also weighing up ways to incentivise sharing and voting on ideas. It is due to be delivered to staff at the end of the month.