Every government department for which I worked also used Windows – how many security holes in that have been fixed in just this year, let alone the last several?  So much for proprietary products being secure…

 

Many of the projects on which I worked also used open source products – including for a large department that is involved every time you travel by air.

 

On that same project, I was responsible for QA – but it was not my only job.  The agency had 18 people on their QA staff (don't ask me why) and every one of those people felt that they HAD to find something to write up.  After a half dozen iterations, the company I worked for (a very large services organization) had to tell their management to stop that nonsense.

 

The agency's management can get around virtually any policy if they want.  However, I never found an agency that cared about the taxpayer's money – even though they are also taxpayers.

 

I would encourage you to visit with NIST.  My guess is that there is a simple misunderstanding, quite possibly arising from not having to pay for open source products (they can, however, make a donation if they really want to spend money).

 

 

Nancy E. Wichmann, PMP