Honestly, it should not have come as a surprise to me when the guy responded immediately by asking if I could forward the security assessment results to him. Again, just to clarify the situation here: the guy from the IT department informed me that my application needs a security review, I point out to him that the review has already been done by his department fairly recently, and rather than use his own departmental resources to access those review results, he asks me to provide the results. I know he, personally, did not perform the assessment but still, this seems like the worst kind of left hand not knowing what the right is doing, and I get to be the weird middle/third hand.
You guys, this is what I’m talking about when I say my current job has certain shortcomings. I grow wearier and wearier of being the tech person on a contract where the overarching tech support is more like a kind of institutionalized tech denial. I think on some primal monolithic level the DoD wishes that computers had never entered the office space at all and everything was still done via phonecalls and typewritten carbon copies. Since that’s not going to happen, they simply devote huge reserves of technical resources to making the internal computer networks, and all the business processes that come in contact with them, as cumbersome and limited as possible. If it gets to the point where IT performs security assessments and the results are either immediately discarded or tracked in such an impenetrably arcane way that it’s actually easier to ask the customer for their copy than to backtrack to the source, then everything wobbles on the precipice of madness.
I would really like to work someplace where everyone is reading from the same playbook and playing the same game for the same team. I understand there are some places out there which match that description! Now I just need to go out and find them and make an appealing pitch for myself and my services.