Alliant2 Be or Not to Be

Alliant2 Small Business, the largest contract in over a decade for government-wide IT services, was recently rescinded by GSA.  (Nextgov, March 2019)

Over a year ago, GSA announced the Alliant2 award to 81 small businesses. Protests immediately ensued. One company, Citizant, Inc., protested to the GAO, who dismissed the file, so Citizant took their complaints to court and won, resulting in the rescission of the awards and GSA revisiting their scoring methodology. (ibid)

Evaluation of bidders differed from the last iteration of Alliant, with rumors of contracting officer bias and arbitrary bid pricing scores bubbling under. Many believe GSA’s self-scoring system allowed companies that should have been eliminated early on to continue through the process. Time will tell if each submission will be rescored or just those below the cutoff, although the judge requires GSA to rescore all. (Federal News Network, April 1)

If only a handful of submissions are rescored, the protest floodgates are likely to open again, possibly forcing a re-compete. Making awards to multiple companies have proven time and again that it is nearly impossible to compare apples to apples during the evaluation process. The process raises a lot of questions. Stay tuned.

We are always available to talk to you about this or other contracting problems. Give us a call at 301-913-5000.

It’s Mass Mod Time Everyone!

You knew this was coming. All GSA schedule holders are looking at refreshes this month, the last one before all 24 MAS solicitations are rolled into a single Schedule. Expect the mass modifications to accomplish the following:

  • Update proposal instructions to require order status on GSA Advantage! orders;
  • Update proposal instructions related to Section 508 Standards;
  • Incorporate new Service Contract Act (SCA) Wage Determinations;
  • Update AbilityOne “Essentially the Same” Proposal Instructions;
  • Incorporate minor updates from FAC 2019-01 as applicable (GSA Interact March 26, 2019)

Note: Individual schedules may update additional clauses or provisions to make clarifications, administrative corrections, and other required changes. (ibid)

You will have 90 days to accept the mod once GSA FAS issues them. (ibid)

GSA is hosting a listen-in only webinar on Wednesday, April 10 at 1:00 PM EST to discuss the refreshes. You can register on this link.

Nervous and shaky about this latest mass mod? Give us a call at 301-913-5000.

Oh 72a, We Hardly Knew Ya

You’re used to it, right? So it’s time to change! As of July 2019, the FAS Sales Reporting Portal (SRP) replaces our familiar  72A reporting system for GSA Schedule sales and Industrial Funding Fees (IFF) remission. Terms and conditions remain the same. And if you have an active claim, your contract will be held in the 72A system for now. (GSA Interact, March 18, 2019)

A three-step process directly impacts when and where a company reports sales over the next two reporting periods as well as the migration of historical data. The three steps are as follows:

Step 1: Reporting April 2019 sales and remittance of any IFF in the 72A System

  • When: April 1, 2019, through April 30, 2019
  • Contractor Action: Companies are now in the reporting period that covers January 2019 through March 2019. This is the last time companies will report sales and remit IFF, in the legacy 72A System. After this cycle, all reporting will take place in the FAS Sales Reporting Portal.
  • Change: None. There is no change to the current reporting process for FY19 Q2 reporting.
  • Impact: This will be the final time companies report in 72A and all future reporting will be in the FAS SRP. (ibid)

Step 2: Transition to the FAS Sales Reporting Portal

  • When: Starting May 1, 2019
  • Contractor Action: Contracts will be visible in the new system as of May 1, 2019. At that time, go to the FAS SRP website and register for the required multi-factor authentication process. Anyone listed on a contract as an IFF POC, Contract Administrator, or Authorized Negotiator can register for access into FAS SRP. (Access to the portal does not require digital certification.) Registration to the portal begins May 1, 2019, and runs through the first time a company reports sales in the FAS SRP.
  • Change: Contracts will be moved to the FAS Sales Reporting Portal (SRP).
  • Impact: Effective July 2019, companies will report all sales and remit any owed IFF in the FAS SRP, covering the reporting period from April 2019 through June 2019. (ibid)

Step 3: migration of Historical Data from 72A to the FAS SRP System

  • Contractor Action: None
  • Change: Once April 2019 sales and IFF are reported into the 72A System, GSA is migrating all historical sales and payment record into the FAS SRP.
  • Impact: All historical records will be held in the FAS SRP. This will be maintained for the life of the contract. (ibid)

Note: Sales adjustments will no longer be allowed in 72A after April 1, 2019. (ibid)

Not so onerous, really, but we understand you may have questions. Please feel free to call us at 301-913-5000.

Are you practicing “safe cybersecurity”?

The Department of Defense (DoD) is working to extend its own cybersecurity expertise and infrastructure to small and medium-sized businesses. Their current plan is to build a “secure cloud” for company data instead of leaving it to the responsibility of the contractor. (Federal News Network, March 25, 2019)

DoD plans to use their 2020 research and development budget for the Defense Industrial Base (DIB) Secure Cloud Managed Services Pilot. The project will start by making the cloud service available to a specified number of small and medium companies that support prioritized, critical DoD missions/programs. (ibid)

Ellen Lord, the undersecretary for acquisition and sustainment said, “In contract terms, the Department would treat the secure cloud as Government Furnished Equipment (GFE).” She believes larger companies are already quite savvy and have the funds to create a hardened environment. Ms. Lord is most concerned with small, innovative companies. She said, “we sit down and talk to them about cybersecurity, and sometimes we hear – no kidding, ‘my nephew does my cybersecurity.’ That gets us a little bit worried. And we know that we will either put these small companies out of business, or we will drive them away from the Department of Defense if we give them very, very onerous regulations to meet.” (ibid)

In 2017 DoD began inserting clauses into contracts that require firms to implement the security controls in NIST Special Publication 800-171. Prime contractors are required to impose the same requirements on their subcontractors as they are expected to meet when coming in contact with sensitive, unclassified information. (ibid)

It does not appear as though verification of a company’s compliance with the standards has been accomplished, thus far. However, going forward, spot checks are likely to take place with the hope of getting to a point where DoD certifies third-party cybersecurity examiners to help verify contractors systems meet the existing requirements and that their systems are adequately protected. Currently, about 800,000 systems should be regularly audited. (ibid)

We do know that information is being stolen; but classification levels make it hard to investigate in a reasonable time frame. The details of any individual data theft are classified, making specifics about nature and volume difficult to determine. We also know that sufficient cybersecurity capabilities to protect information must be in place sooner rather than later in order for small and medium-sized businesses to remain contractors to DoD.

Call us with any questions regarding this project at 301-913-5000.