GSAmazon

GSA recently asked for feedback on proposed requirements for the upcoming e-commerce portals program. (Fedscoop, July 2, 2019)

The 2018 National Defense Authorization Act requires GSA put into place a multiple-award proof of concept site similar to those of Amazon and other large online commerce sites. This will update the way agencies purchase products outside of existing contracts. (ibid)

An estimated $6 billion is spent on open-market purchases through government-issued credit cards. The e-commerce portals program pilot will launch with hand-picked agencies and a spending limit of $10,000 on any one order. GSA is asking Congress to raise the threshold to $25,000 for the five-year pilot to better evaluate the program. (ibid)

“During the initial proof of concept, GSA will encourage robust competition through the implementation of multiple e-marketplace platforms,” said a deputy assistant commissioner at the Federal Acquisition Service within GSA. “We are looking to leverage business-to-business terms whenever practicable, to allow for streamlined buying while obtaining a more transparent and centralized view of the type of government-wide spend.” (ibid)

The goal of the Commercial Platforms Program is to start small and refine. The Commercial Platforms Initiative is just one of four Federal Marketplace Strategy projects. The draft solicitation was issued on July 2nd and is open for public comment for 30 days. (GSA interact July 2, 2019)

Interested in how you might fit into the e-commerce portals program? Give us a call.

GSA Schedules’ Summer Diet

GSA decided it’s high time that 24 multiple award schedules shrink all the way down to one.

To accomplish this, GSA is conducting an analysis across all Schedules, which include 10 million commercial products and services that bring in more than $31 billion in sales annually. Public feedback can be provided on the consolidation through a recently released request for information (RFI); it asks the public to weight in on the contents as well as clauses and provisions being considered. (Nextgov, June 2019)

According to Stephanie Shutt, director of the MAS Program Management Office, streamlining terms and conditions will make if it far easier for vendors to work with the government and vice versa. (ibid)

The current plan is a single schedule for services and products that are “mapped to the current government-wide category structure.” Special Item Numbers (which help identify products) are also falling under review. New SINs will follow shortly and as with the MAS, will be open for public comment. (ibid) We’ve also heard rumors that GSA will be dispensing with SINs all together, and will instead use NAICS codes.

Big changes! Give us a call with any questions about the RFI or how your current contract might be affected.

Modding the Mods

Sign of things to come? Who knows. But if your GSA Schedule falls under Region 2 (the Northeast and Caribbean), new required interactive modification templates have been released. Schedules affected include:

  • 00CORP
  • 738 X
  • 736
  • 67
  • 75
  • 76
  • 81 I B

With the new one-Schedule-fits-all release in less than three months, we’re betting this new method for submitting mods will take over all Schedules sooner rather than later.

Got questions? Give us a call!

Line Item: Cybersecurity

We knew it would eventually happen. DoD is finally looking to permit cybersecurity costs as “allowable” on certain types of government contracts. (Federal News Network, June 2019)

Katie Arrington, the special assistant to the Assistant Secretary of Defense for Acquisition for Cyber in the Office of the Under Secretary of Acquisition and Sustainment in DoD, recently spoke at the Professional Services Council (PSC) gathering in Virginia. Ms. Arrington is the lead for the DoD effort to develop and institutionalize the new Cybersecurity Maturity Model Certification (CMMC) standard for vendors. She told attendees that she wants to enact a legitimate standard for cybersecurity allowable costs. (ibid)

During a recent webinar, Arrington spoke about cyber attacks and the need for the defense industrial base to defend themselves against nation-state attacks. DoD is aiming at not just it’s 200,000 prime contractors but all vendors (approximately 300,000) that comprise the DoD supply chain. (ibid)

Arrington is working with the Johns Hopkins University Applied Physics Lab and Carnegie Mellon University’s Software Engineering Institute to generate initial requirements. The draft will require DoD vendors to be certified through third-party assessment organizations. The standard incorporates existing requirements from NIST, the Federal Risk Authorization Management Program (FedRAMP), and other models.  (ibid)

Arrington expects DoD to carry out 12 webinars across the country over the summer. She aims to receive feedback from industry experts with a draft standard by the end of summer and third-party assessors to start certifying vendors in January. (CMMC requirements will be added to requests for information by June of 2020 and become a standard in solicitations by September 2020.) (ibid)

According to Alan Chvotkin, senior vice president and general counsel for PSC, the certification of contractors will be a very competitive discriminator in the marketplace. His main concern is whether DoD will only certify the big six contractors and what is going to take place for the prime and a subcontractor. (ibid)

Congress recognizes that risks to the supply chain need to be reduced. The Senate version of the 2020 National Defense Authorization Act, includes a provision requiring DoD to move to a broader cybersecurity standard with its contractors. Currently, DoD mandates defense contractors meet the requirements of NIST Special Publication 800-171; however, there is no current audit for compliance. Oversight of subcontractors by prime contractors is also a reasonable concern as is the lack of information available on subcontractors. The committee feels prime contractors should be held responsible and accountable for securing DoD technology and sensitive information and ultimately delivering uncompromised products and capabilities. This is seen as a first step in securing the supply chain. (ibid)

The Senate Armed Services Committee (SASC) believes DoD should provide direct technical assistance to contractors, based on risk, and in such a way as to not harm the industrial base while at the same time providing incentives/penalties for non-compliance of vendors’ cyber performance. DoD is being asked to provide the SASC with a briefing by March of 2020 and quarterly briefings on how the standard is being implemented by both vendors and the DoD. (ibid)

Although security has always been an allowable overhead cost, it will now be used as an incentive to get vendors to more quickly align themselves to the CMMC standard. The incentive doesn’t force companies to trade off security for other expenses. It appears the government will offer some reimbursement for some share of the cost, hopefully bringing all vendors up to the same level. (Firm-fixed-price contracts do not fall under the allowable cost umbrella in the same manner, as cyber is counted as general overhead in the final cost to the government.) (ibid)

Eager to learn a little more about the cyber standard and how it might affect your current contract or an upcoming bid? Give us a call at 301-913-5000.

 

 

COMET Commeth!

The General Services Administration (GSA) has released the second and much sought after piece of the IT services procurement known as COMET. The solicitation aims to create a multiple-award blanket purchase agreement (BPA) on top of IT schedule 70.

GSA plans to make between 10 and 12 awards with a minimum of 25 percent set aside for small businesses. The BPA will require a host of IT services, including operations and maintenance, cloud and the continued development, and support of the acquisition systems portal beta.SAM.gov. GSA’s goal is a three-step evaluation approach, including an in-person technical challenge.

In April, GSA issued the RFP for the first and substantially smaller piece of COMET focused on architecture, engineering, and advisory support. (FedBizOpps)

Have questions about COMET and how your company fits in? Give us a call at 301-913-5000.