zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-07-23 19:20:47 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #23 from cisagov/colin/projectREADME

Browse source 
add product documentation
This commit is contained in:
Colin Murphy 2022-08-08 13:01:36 -04:00 committed by GitHub
commit 3fbced1f62
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 95 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

41
docs/product/phase_one.md Normal file
View file

@ -0,0 +1,41 @@
# A new .gov system: Phase 1
Purpose: Summarize the priorities for 18F and CISA in pursuing an initial build of a new .gov registrar.
**The below was agreed upon on 08/04/2022**
## Goals for Phase 1
**Primary Goal:** Recreate the necessary core functionality in a new system
**Secondary Goal:** Reduce the CISA admin burden while maintaining high security standards
Deprioritized for later:
* Make getting a .gov domain as easy as getting a .com or .us
* Help more government entities set up and maintain their .gov site and infrastructure
* Build awareness and credibility of .gov domains
## Milestones
_To be prioritized and posted_
## Considerations and Tradeoffs
### Success for Phase 1 is...
* A new system that
* Can respond to user needs for all long term goals
* Can reduce the number of actors or decisions in a successful flow
* Upholds a security review process for getting a .gov domain
* Meets code and accessibility standards + open source policy
* Lays the foundation for a “a simple and secure registration process that works to ensure that domains are registered and maintained only by authorized individuals (Dotgov Act)”
* Supporting 1-2 registrant and admin flows with limited improvement and automation, based on value and complexity
* Has or is ready for an ATO
* Coordinating and navigating with procurement processes (RFPs and current vendor agreement)
### Risks
* App may be supported by a combination of manual work and automation, not fully automated
* Scope creep we build a system that cant be ATOd prior to June or Nov 2023
* We build out a narrow slice of the system, which may be insufficient for all registrant and administrative use cases
* We wouldnt be intentionally and directly focused on or prioritizing improving the registrant / admin experience
### Example User Stories (to be prioritized)
* As a potential registrant, I want to learn what I should know about .gov so I can build support inside my organization to get a .gov domain.
* As a registrant, I need the registrar to have strong user authentication so that sensitive domain- or account-impacting actions take place post-authentication.
* As a program lead, I need to ensure that issued domains are from authentic, eligible organizations and requested by someone with authority so that domains are only given to bona fide US-based government organizations.
* As a program lead, I need to run queries on .gov data to ensure alignment with program, agency, and Congressional reporting requirements.
* As a program lead, I want to be able to send messages to individuals, groups, or all registrants so they are aware of important information: status emails (system downtime, etc.) to updates to status of an application. (PENDING, APPROVED, etc.).

54
docs/product/product_strategy.md Normal file
View file

@ -0,0 +1,54 @@
# .gov Product Strategy
Purpose: Clarify our focus for developing a new .gov TLD system and align it to the needs of its users, CISA's mission and standards, and the vision for the .gov program.
## Product Vision
_TBD - once we synthesize initial research and align as a product team_
## Primary, Secondary, Tertiary Users
### Primary:
* US-based government organizations and publicly-controlled entities who use or should use the registrar
* _NOTE: Segmenting our audience is a separate conversation and so this intentionally broad as placeholder_
* CISA .gov administrators
## Problem Statements
_TBD - once we synthesize initial research and prioritize areas of need_
## Short-term Success for .gov
### Primary:
* A production-ready, modern .gov registrar that can replace the current system with improved user experience and operational efficiency
* Built in the open
* Meeting accessibility and testing standards
* A plan for developing capacity within the CISA organization going forward
### Secondary
* Having a clear understanding and definition of current state
* A plan for new product
* A product plan that coordinates with other RFP actions
## Long-term Success for .gov
### Primary:
* Increase the number of governments, currently on non-.gov TLDs, to .gov
* Develop services to support “the security, privacy, reliability, accessibility, and speed of registered .gov internet domains” (DOTGOV ACT)
* Sustainable long-term skills and capacity to scale up the program
### Secondary
* Increase number of domain registrations
* Reduce time to get an application approved from 20 days to 1-2 business days
* Increase the percentage of domains which resolve to content
* Reduce time to ship changes to production
* Enable the discoverability of government services to the public and to domain registrants (DOTGOV ACT)
* A “simple and secure” registration process that works to “ensure that domains are registered and maintained only by authorized individuals” (DOTGOV ACT)
* Active .gov community of practice where members ask and answer questions, provide feedback, and where CISA can communicate with all .gov domain managers
* Demonstrated commitment to working in the open
* A clear role for humans or a call center to support registrant use cases
## Problems .gov registrar needs to solve (now)
_TBD - once we synthesize initial research and align as a product team_
## Problems NextGen doesnt need to solve (next or later)
_TBD - once we synthesize initial research and align as a product team_
## Risks
_To be prioritized and posted_