Self-Assess No More

Cybersecurity for  Department of Defense (DoD) contractors is an ongoing issue. Now, DoD is issuing an interim rule to implement an Assessment Methodology and Cybersecurity Maturity Model Certification framework. This will assess contractor implementation of cybersecurity requirements and enhance the protection of unclassified information within the DoD supply chain. (Federal Register, DFARS Case 2019-D041 Action: Interim Rule)

The current self-attestation of NIST Special Publication (SP) 800-171 is not working due to a lack of DoD verification. Until the implementation of the interim rule, DoD did not have a mandate to verify contractor basic safeguarding or security requirements prior to contract award.  This regulation changes that. The interim rule adds a process for contractors to  implement cybersecurity requirements. This is to be accomplished while the DoD’s Cybersecurity Maturity Model Certification (CMMC) and the procedures with the Accreditation Body (AB) are solidified. (Meritalk, September 28, 2020)

Questions about how the new rule will affect your contract or upcoming bid and what you can expect? Give us a call.

Just the Facts FAS, Please

Earlier this week, a GSA watchdog discovered erroneous reporting of small business contracts by the Federal Acquisition Service (FAS). (Government Executive September 17, 2020)

The General Service Administration (GSA) inspector general (IG) recently provided a report that focused on the data entered into the Federal Procurement Data System – Next Generation, which is managed by GSA. The Small Business Administration (SBA) uses the system data provided to determine if the federal government is achieving its annual goal of awarding 23 percent of contracts to small businesses. An IG review of FAS procurements from fiscal 2016 and 2017 and shows that small business procurements have been grossly overstated.

“We found that FAS’s reporting of small business procurements contained significant inaccuracies. We identified $89 million in procurements erroneously recorded as small business in the Federal Procurement Data System – Next Generation. Additionally, FAS’ small business procurement reporting does not identify the extent of the work performed by large businesses. We found approximately $120 million of small business procurements in which large businesses performed a portion of the work.” (ibid)

After interviewing small business contractors and GSA officials as well as analyzing agency contracting data, the IG determined many of the issues to be out of GSA’s control. For instance, the IG found that classification codes  often “pre-populate” for task orders; due to the nature of the software, officers cannot override the system to update the task order codes. In addition, no mandate exists for FAS or small businesses to report how much of the work completed on a contract is subcontracted to large businesses. This leads to inaccuracies when assessing FAS’s small business procurements. Many believe the inaccuracies will never be fully fixed due to the competing policy issues and marketplace anomalies. (ibid)

The IG recommended the following:

  • Fix the limitations of the contracting system to enable accurate reporting
  • SBA and the commissioner discuss how subcontracting and reseller agreements are reported

How does this affect your contract or an upcoming proposal? Give us a call.

Price Inconsistencies on Schedule 70? Nah…

GSA’s IG audit of GSA schedules in 2016 found large price discrepancies between identical items. For instance, the cost of one of Sharp’s 70-inch LED Smart TVs showed prices ranging from $1,597 to $3,000. The audit also turned up prices much lower on commercial products. In addition, from August 2014 to July 2015, most IT schedule purchases were for top-selling items priced higher than the lowest IT schedule price, completely defeating the purpose of the Schedules program. (Nextgov, May 21, 2019)

Recommendations to correct the disparities include:

  • Verify prices for identical IT schedule items by price analysis
  • Improve price protection for IT schedule reseller contracts by setting controls
  • Ensure contracting officers receive accurate and complete information around manufacturers’ commercial sales practices (ibid)

Per the review by the IG, the Federal Acquisition Service has taken “appropriate corrective actions” to address these price inconsistencies.

Questions about IT Schedule or other GSA Schedule pricing? Give us a call at 301-913-5000.

DoE Bureaucracy Hard at Work

In fiscal year 2016, the General Accounting Office (GAO) conducted an audit of 28 entities to address issues with Department of Energy (DoE) contractor oversight. DoE, including it’s National Nuclear Security Administration, is the largest federal civilian contracting agency, spending about 90 percent of its appropriations on contracts with companies, universities, and others for federal research and development,  production, and engineering. (GAO, March 12, 2019)

After reviewing contracting and subcontracting data and documents, analyzing regulations, and interviewing federal officials and contractor representatives, GAO found: DoE awards about $23.6 billion in prime contracts with about 30 percent ($6.9 billion) of that total going to subcontractors in the form of universities, different companies, or entities; almost all 28 primes were also subs; subcontractors totaled nearly 3,000; and subcontractor complexity makes it difficult to figure out the relationship between the various parties. (ibid)

More than $3.4 billion in subcontract costs (over a ten year period) were never audited. Because the statute of limitations is six years (according to the Contract Disputes Act), many unallowable costs may not be recovered. (ibid)

GAO made six recommendations, including that DoE develop procedures requiring local offices to verify completion of subcontract audits and that DoE independently review subcontractor ownership information to identify potential conflicts of interest. DoE agreed with all recommendations except to independently review subcontractor ownership information. (ibid) Huh. Wonder why.

GSA Chief’s Wrath for Whistleblower

Denise Turner Roth Retaliated Against Whistleblower

The Inspector General found that Ms. Roth she retaliated against a whistleblower, threatening him with transfer to another position and limiting his job responsibilities.

Sources reveal that this whistleblower is outgoing FAS commissioner Tom Sharpe.

Sharpe apparently alerted several executives about the Technology Transformation Service’s use of the Acquisition Services Fund, which the IG calls “violations of the law, gross mismanagement, a gross waste of funds, and abuse of authority.”

Sharpe’s complaint detailed TTS’s use of the ASF money. The fund consists of fees agencies pay, governmentwide acquisition contract revenue, and sale of surplus properties. The TTS’s use of the money has met controversy, as many believe the service competes with work already provided to other agencies, and distracts from the mission of FAS. As such, some executives harbor concerns that these actions are counterproductive to FAS’s mission.

Roth denies any wrongdoing and calls the Inspector General’s findings “wrong and disappointing.” She maintains that “all actions I took were necessary and driven to modernize the federal government.”

The Inspector General has referred the case to the Office of Special Counsel.

For more information, visit Federal News Radio.