Setting Aside the Small Biz Set Asides

The National Background Investigations Bureau (NBIB) is moving from the Office of Personnel Management to the Department of Defense (DoD), merging with the Defense Counterintelligence and Security Agency (DCSA). Of interest to many of EZGSA clients, sources say the move anticipates plans to significantly diminish small business goals at the agency from 65 percent to 10 percent, according to Elizabeth Mudd, small business program manager. (Defense Systems, August 7, 2019)

Mudd believes that the whopping decline in small business goals intends to promote more subcontracting to supplement the four primes that oversee background investigation services. While this may be true, the bottom lines remains that in this fiscal year, NBIB is contributing about $804 million in small business eligible dollars compared to DCSA’s $73.4 million. (ibid)  Maybe the merger won’t actually change the dollar amount contracted with small businesses in the long run, but we’re not holding our breath.

Want to gripe or discuss strategy? We’re here.

HHS Did What?

The Department of Health and Human Services Program Support Center (PSC) has decided to end assisted acquisition services. Some agencies under the PSC umbrella include: the Office of Personnel Management, the Office of Special counsel, the Environmental Protection Agency, and the Defense Department (DoD).  (DoD accounts for roughly $1 billion of the $1.4 billion total contract amount under the PSC.) (Federal News Network, July 22, 2019)

It appears HHS stopped offering assisted acquisition services in mid June, just as agencies are preparing for fourth quarter acquisitions. This likely includes the $150 million multiple-award contract PSC was about to award for EPA along with a number of “in-process” contracts for DoD. Additionally, any award for the prior four years must be moved to other agencies or absorbed by the “home” agency by September 20, 2020. (ibid)

So why exactly did HHS decide to stop its assisted acquisition services? In a memo to the civilian agency customers, they said they do not have the internal controls, policies, or procedures necessary. DoD customers received a comparable memo. (ibid)

Why now? Possibly due to the manner in which PSC has handled classified information for DoD and other agencies’ procurements through the self-certification process. The self-certification process is achieved through the DD-254 form. However, a recent audit found that PSC does not actually perform classified work. (ibid)

Unfortunately, this abrupt change is putting a burden on many agencies. Since the decision was made and will affect the fourth-quarter spending, agencies must now scramble to get other assisted acquisition service provider help. The decision also affects vendors, who spend time and money to bid on solicitations that must restart. And the question remains: will vendors lose work from existing contract awards that they bid on and won?

Roughly one-third of all federal spending occurs in the fourth quarter, with one-quarter of the spending in September. Administrators plan to meet with member companies, DoD ,and the Office of Federal Procurement Policy to arrive at  a game plan going forward. (Federal News Network, July 22, 2019)

Will this affect a bid you are working on or a recent contract award? If so, give us a call.

FAR Changes

With the end of the Fiscal Year looming, the push is on to exhaust agency budgets. In an effort to make acquisitions move through the process more quickly and smoothly, DOD, GSA, and NASA have issued an amendment to the Federal Acquisition Regulation (FAR). The amendment fine-tunes the  FAR and eliminates a step in the acquisition process. (Fedscoop, July 15, 2019)

Per the FAR, agencies were required to justify the best procurement approach when using GSA’s IT Schedule 70, Governmentwide Acquisition Contracts, or assisted acquisition solutions. As of June 5, the new FAR amendment allows agencies to skip that step. Agencies are now able to quickly find GSA IT category contracts and acquisition solutions. (ibid)

According to Bill Zielinski, assistant commissioner of GSA’s Federal Acquisition services office, agencies “can now identify and quickly use GSA IT Category contracts and acquisition solutions, especially as they embark on their end-of-year IT spending and acquisition efforts.” Zielinski feels the new change to the FAR reduces the administrative burden for agencies procuring through GSA’s IT Schedule 70 or through GWACs such as 8(a) STARS 2 and Alliant 2, as well as through assisted acquisition programs. (Federal Computer Week, July 15, 2019)

Curious about the new FAR language and how it affects your GSA schedule? Give us a call and we can review it with you.

 

 

Line Item: Cybersecurity

We knew it would eventually happen. DoD is finally looking to permit cybersecurity costs as “allowable” on certain types of government contracts. (Federal News Network, June 2019)

Katie Arrington, the special assistant to the Assistant Secretary of Defense for Acquisition for Cyber in the Office of the Under Secretary of Acquisition and Sustainment in DoD, recently spoke at the Professional Services Council (PSC) gathering in Virginia. Ms. Arrington is the lead for the DoD effort to develop and institutionalize the new Cybersecurity Maturity Model Certification (CMMC) standard for vendors. She told attendees that she wants to enact a legitimate standard for cybersecurity allowable costs. (ibid)

During a recent webinar, Arrington spoke about cyber attacks and the need for the defense industrial base to defend themselves against nation-state attacks. DoD is aiming at not just it’s 200,000 prime contractors but all vendors (approximately 300,000) that comprise the DoD supply chain. (ibid)

Arrington is working with the Johns Hopkins University Applied Physics Lab and Carnegie Mellon University’s Software Engineering Institute to generate initial requirements. The draft will require DoD vendors to be certified through third-party assessment organizations. The standard incorporates existing requirements from NIST, the Federal Risk Authorization Management Program (FedRAMP), and other models.  (ibid)

Arrington expects DoD to carry out 12 webinars across the country over the summer. She aims to receive feedback from industry experts with a draft standard by the end of summer and third-party assessors to start certifying vendors in January. (CMMC requirements will be added to requests for information by June of 2020 and become a standard in solicitations by September 2020.) (ibid)

According to Alan Chvotkin, senior vice president and general counsel for PSC, the certification of contractors will be a very competitive discriminator in the marketplace. His main concern is whether DoD will only certify the big six contractors and what is going to take place for the prime and a subcontractor. (ibid)

Congress recognizes that risks to the supply chain need to be reduced. The Senate version of the 2020 National Defense Authorization Act, includes a provision requiring DoD to move to a broader cybersecurity standard with its contractors. Currently, DoD mandates defense contractors meet the requirements of NIST Special Publication 800-171; however, there is no current audit for compliance. Oversight of subcontractors by prime contractors is also a reasonable concern as is the lack of information available on subcontractors. The committee feels prime contractors should be held responsible and accountable for securing DoD technology and sensitive information and ultimately delivering uncompromised products and capabilities. This is seen as a first step in securing the supply chain. (ibid)

The Senate Armed Services Committee (SASC) believes DoD should provide direct technical assistance to contractors, based on risk, and in such a way as to not harm the industrial base while at the same time providing incentives/penalties for non-compliance of vendors’ cyber performance. DoD is being asked to provide the SASC with a briefing by March of 2020 and quarterly briefings on how the standard is being implemented by both vendors and the DoD. (ibid)

Although security has always been an allowable overhead cost, it will now be used as an incentive to get vendors to more quickly align themselves to the CMMC standard. The incentive doesn’t force companies to trade off security for other expenses. It appears the government will offer some reimbursement for some share of the cost, hopefully bringing all vendors up to the same level. (Firm-fixed-price contracts do not fall under the allowable cost umbrella in the same manner, as cyber is counted as general overhead in the final cost to the government.) (ibid)

Eager to learn a little more about the cyber standard and how it might affect your current contract or an upcoming bid? Give us a call at 301-913-5000.

 

 

Accelerating Money to Small Business

If the Accelerating Defense Innovation Act passes Congress, small businesses with more than 50 percent of venture capital funding will find it easier to obtain Small Business Innovation Research (SBIR) grant money from the Department of Defense (DoD). To date, legal hurdles have prevented DoD from utilizing these companies. (Fedscoop, May 21, 2019)

The SBIR, created in 1983, provides small businesses with grants to help them expedite product development, and offers follow-on funding and assistance to provide guidance meeting requirements during the government purchasing process. In 2003, courts ruled that companies owned (more than half) by venture capital firms were ineligible for SBIR grants. Then in 2011, a waiver was created by Congress for those small businesses that are majority-owned by venture investors. These waivers required congressional notification as well as Small Business Administration approval. (ibid)

Unfortunately, DoD has never used the waiver. Defense Contracting Officers continue to shy away from small businesses funded through venture capital. Rep. Mac Thornberry (R-Texas), the new legislation sponsor, cited a recent example of a small satellite technology startup that visited DoD’s Hacking 4 Defense program but did not receive an SBIR grant because of the majority capital investment in the firm, even though their technology is cutting edge. (ibid)

A new pilot program, on which the legislation is based, allows the Secretary of Defense and service acquisition executives for each arm of the military to make an SBIR award to a small business that is majority-owned by domestic venture investors. The bill will allow no more than 15 percent of DoD SBIR program funds to be awarded to these small businesses. Its end date of September 30, 2022. (ibid)

Aside from SBIR, small tech companies can look at other ways to work with the DoD. For instance, the Defense Innovation Unit currently handles commercial innovation pilot projects. Once testing is complete, any DoD branch may procure from a small business, generally within 90 days of the first contact with the company. (ibid)

Rep. Thornberry, the ranking Republican on the House Armed Services Committee, would like to include his legislation in the 2020 National Defense Authorization Act (NDAA).

EZGSA has information about this and other ways small businesses can obtain government contracting. Give us a call at 301-913-5000.