My limited understanding is that these orgs compete with each other for budget allocation and would never allow access into each others systems, but I could be wrong.
It's less about budget and more about we're not the DoD and can do whatever we please, stay the hell off our lawn.
Even if it was a "hey, could you look at this and tell us what you think" with no obligation to address issues, it is undesirable to establish a precedence.
They do use standards and recommendations from NSA/OMB for enterprise systems. But even the US Courts went that route, just with a lot of renaming of things so it can't be seen as being subservient to the Executive branch. There are some good frameworks and standards that you shouldn't waste time re-implementing.
Plus there is a reason you secure and compartmentalize information. The NSA may be comprised in some way, and giving them access means that deliberately or accidentally leak something vital.
Same idea in reverse with the CIA -- maybe someone in the CIA is a bad actor and now knows the secret 0-days the NSA is using -- because they're busy locking them down -- and those get leaked.
This is true to an extent. The other half of the equation is just a cultural thing with the CIA. There’s a lot of intelligence groups in the US, but the CIA considers themselves the top tier. They’ve been around the longest and even other agencies recognize them as kind of the eldest when it comes to intel.
The NSA does some seriously insane stuff, but I don’t think even they take themselves as seriously as the CIA does.
Even if it was a "hey, could you look at this and tell us what you think" with no obligation to address issues, it is undesirable to establish a precedence.
They do use standards and recommendations from NSA/OMB for enterprise systems. But even the US Courts went that route, just with a lot of renaming of things so it can't be seen as being subservient to the Executive branch. There are some good frameworks and standards that you shouldn't waste time re-implementing.