{"id":174,"date":"2013-02-21T16:08:39","date_gmt":"2013-02-21T21:08:39","guid":{"rendered":"https:\/\/risacher.org\/jfdi\/?p=174"},"modified":"2013-04-16T22:46:46","modified_gmt":"2013-04-17T02:46:46","slug":"case-study-casm","status":"publish","type":"post","link":"https:\/\/risacher.org\/jfdi\/2013\/02\/case-study-casm\/","title":{"rendered":"Case Study: cASM"},"content":{"rendered":"<p style=\"text-align: right;\"><em>[<a title=\"Mirrored post on Intelink-U\" href=\"https:\/\/blogs.intelink.gov\/blogs\/drisacher\/?p=153\">Mirrored on Intelink-U<\/a>]<\/em><\/p>\n<p>Here&#8217;s another story about <a title=\"Systems vs Services\" href=\"https:\/\/risacher.org\/jfdi\/2013\/02\/systems-vs-services\/\">buying systems<\/a> without a clear concept of who is going to operate it:<\/p>\n<p>I was at my neighborhood spaghetti dinner and I happened to sit across from some guy who &#8211; it turns out &#8211; also works for OSD.\u00a0 He&#8217;s a contractor working for OUSD(AT&amp;L) on a system that he was quite enthusiastic about called &#8220;Contingency Acquisition Support Model (cASM)&#8221;.\u00a0 (I have no idea why they capitalize it that way.)\u00a0 This system, cASM, is a web-based application designed to assist people responsible for initiating contracting requirements in an contingency or expeditionary environment.\u00a0 I understand it as workflow automation for contracting in a crisis.<\/p>\n<p>Since I&#8217;d been thinking about this a lot, I immediately asked him, &#8220;Who is going to run it?&#8221;\u00a0 and he said, &#8220;Oh, it&#8217;s hosted by DISA.&#8221;<\/p>\n<p>I tried not to choke, and said something like, &#8220;That&#8217;s not what I meant.\u00a0 Okay, DISA hosts it, but who is going to run it?&#8221;<\/p>\n<p><!--more-->He looked a little puzzled, but promised to send me <a title=\"cASM brief on Inteldocs\" href=\"https:\/\/inteldocs.intelink.gov\/inteldocs\/page\/document-details?nodeRef=workspace:\/\/SpacesStore\/43127963-daf1-4522-9742-fa0b8278e371\">the briefing<\/a>, saying that the brief would explain better than he could over a mouthful of spaghetti and a glass of wine.<\/p>\n<p>On Monday, I look at the brief, which makes a compelling business case for the existence of cASM.\u00a0 Statement Of Work (SOW) reviews take too long, docs are sometimes missing, SOW or diagrams are often in the wrong format for later parts of the process, etc.\u00a0 In a crisis situation, it&#8217;s doubly hard to get this right when you are understandably distracted by incoming fire (or tsunamis), and doubly important to get it right.\u00a0 cASM already interfaces with other DoD systems such as GEX, EDA and various ERPs.\u00a0 The backup slides have screenshots most of the UI.<\/p>\n<p>So, I&#8217;m convinced it&#8217;s a good idea.\u00a0 Unfortunately, nowhere in the brief is a hint of who is responsible for running this service.\u00a0 This troubles me.<\/p>\n<p>I write back:<\/p>\n<blockquote><p>Charles,<\/p>\n<p>Thanks.\u00a0\u00a0 I have some (unsolicited and possibly misguided) concerns.\u00a0 (Brace yourself; I&#8217;m about to call your baby ugly.)<\/p>\n<p>I believe we doom ourselves to failure whenever we think about buying a &#8216;system&#8217; or a &#8216;tool&#8217; without clear understanding of whose mission is to\u00a0<strong>operate<\/strong> that system as a service.<\/p>\n<p>Who is supposed to run cASM?\u00a0 I.e. Who has the responsibility to provide contingency contracting automation?<\/p>\n<p>Hint #1: It&#8217;s not DISA.\u00a0 DISA might know how to run a server or a data center, but they wouldn&#8217;t know a contingency contract if it bit them.\u00a0 They can host your system, but they can&#8217;t really operate it.\u00a0 They do not have the expertise to know which way to turn the knobs.<\/p>\n<p>Hint #2: It&#8217;s not AT&amp;L.\u00a0 AT&amp;L is responsible for policy and oversight of a lot of things, but operating a business system is not in your charter.\u00a0 (I just re-read <a title=\"AT&amp;L charter\" href=\"http:\/\/www.dtic.mil\/whs\/directives\/corres\/pdf\/513401p.pdf\">DoDD 5134.01<\/a> and <a title=\"ASD(L&amp;MR) charter\" href=\"http:\/\/www.dtic.mil\/whs\/directives\/corres\/pdf\/513412p.pdf\">DoDD 5134.12<\/a> to make sure.)<\/p>\n<p>It might be DLA or DCAA &#8211; I don&#8217;t know.\u00a0 If anything, AT&amp;L almost certainly <strong>is<\/strong> responsible for figuring that out and tasking them to do it.<\/p>\n<p>It is a common mistake to underestimate the difficulty and importance of the\u00a0<strong>operation<\/strong> of information systems.\u00a0 Consider Wikipedia, for example: the software is &#8220;free&#8221;, and the content &#8220;free&#8221;.\u00a0 But it still takes 147 full-time people to run it &#8211; not including the datacenter operations.<\/p>\n<p>I would recommend that you think hard about who owns the mission of cASM in the long term, if you haven&#8217;t already.<\/p>\n<p>V\/r,<br \/>\nDan<\/p><\/blockquote>\n<p>To his great credit, he responded:<\/p>\n<blockquote><p>That&#8217;s precisely whats going on now with Joint Staff, OSD, Army and AF. Agreed!\u00a0 Vr Charlie<\/p><\/blockquote>\n<p>Which I think is a very mature response, given that I just said &#8220;the thing you&#8217;ve been working on for the past year is poorly thought out.&#8221;<\/p>\n<p>That said, I&#8217;m still astonished:\u00a0 How, in the name of history, did we get to the point that AT&amp;L (of all people!) is funding development of a system without a clear understanding of who is going to run the damn thing?!?\u00a0 I can only understand in the context of: <em>&#8220;We do not know what it means to be a service provider in the DoD.&#8221;<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[Mirrored on Intelink-U] Here&#8217;s another story about buying systems without a clear concept of who is going to operate it: I was at my neighborhood spaghetti dinner and I happened to sit across from some guy who &#8211; it turns out &#8211; also works for OSD.\u00a0 He&#8217;s a contractor working for OUSD(AT&amp;L) on a system [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,8,12],"tags":[],"class_list":["post-174","post","type-post","status-publish","format-standard","hentry","category-it","category-system-vs-service","category-work"],"_links":{"self":[{"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/posts\/174","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/comments?post=174"}],"version-history":[{"count":21,"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/posts\/174\/revisions"}],"predecessor-version":[{"id":568,"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/posts\/174\/revisions\/568"}],"wp:attachment":[{"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/media?parent=174"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/categories?post=174"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/tags?post=174"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}