Rolling Down the FedRAMP

GSA recently announced the launch of the FedRAMP Tailored Baseline for Cloud Service Providers with Low Impact Software-as-a-Service systems. FedRAMP Tailored aims to support solutions that have low risk and low costs for agencies. This means a streamlined process for a variety of applications. Tailored also standardizes an approach to determine risks associated with cloud applications and provides the government with the freedom to use the cloud while maintaining security.

FedRAMP tailored was open for comment in January and July of 2017. The program provides base security control requirements for industry to meet. Agency authorizing officials are responsible for adding controls where necessary for compliance. GSA believes “The FedRAMP program, including our goals for Tailored, is a key part of issuing an informed, risk-based authority to operate.”

For more information, see the FedRAMP Tailored website. 

Keep it Under Lock and Data Key

GSA officials announced plans to rebrand Special Item Number 520-20 on September 20th. The SIN will act as the official Data Breach Response and Identity Protection Services offering on the Professional Services Schedule. GSA hopes that this move will offer industries and agencies more flexibility and responsiveness.

Ordering offices will “now have the ability to obtain specifically what is needed for their immediate situation,” explained Stephanie Kenitzer, professional services category community manager.

The new SIN offers “identity monitoring and notification of Personally Identifiable Information and Protected Health Information, identity theft insurance and identity restoration services, and protect (safeguard) the confidentiality of PII and PHI.”

The changes will occur with the next solicitation refresh, projected for mid-October.

When a competitive number of vendors are on schedule, GSA plans to swap identity protection services from the current blanket agreements to the SIN.

For more information see the official statement.

Uh EEO-1! The Due Date Changed!

The Employer Information Report EEO-1 deadline shifted

Instead of a fiscal end-of-year due date, organizations now have until March 31, 2018 to submit and certify the EEO-1 report. The 2017 report will collect race, ethnicity, and gender data by job category. It will not collect the hours worked and pay data.

Employers may use payroll data from October, November, or December in the report. Make a note in your calendars,  and be prepared to get a mail reminder two months before the due date.

Nervous about TDR? Drop Out or Don’t Even Join the Pilot!

Transactional Data Reporting now voluntary for contractors

Any contractor that has received multiple-award schedule contracts and special item numbers can now opt out of participating in the TDR pilot. To remind you, the TDR rule allows the agency to collect transactional-level data, which informs buying strategies and purchases.

Mary Davie, acting deputy commissioner of FAS explains that “GSA is altering TDR’s implementation to give new offerers and contractors approaching an option period the choice to adopt TDR….” For those contractors who were previously required to accept TDR, GSA is extending them the option to execute a one-time reverse modification to undo this action and work with their contracting officer to revert back to operating under the structure and tracking requirements of the price reduction clause.

Jack St. John, GSA chief of staff, said the modification of the TDR rule supports agency efforts to transition the current administration’s priorities into acquisition policies.

GSA Interact published the full announcement and further information. If you’d like assistance in reversing your TDR option, contact us at 301-913-5000 or mbotello@ezgsa.com.

GSA System Delays

We wanted to let you all know that GSA is experiencing a few delays, specifically with all e-filing and some modifications.

At this point, our contract management team is reporting that all Schedule 70 mods are being reviewed between 45 and 60 days after receipt, much longer than usual. We assume that this is due to the typical summer slow down (vacations) as well as trainings and technical issues.

Technical issues are affecting the VSC website, as well as eMod, eOffer, and mass mods. We have had reports of PINs not working, the database not finding contractors, incorrect DUNs numbers being returned, etc.

So if you’re experiencing either of the above — it’s not you, it’s GSA (!).