Skip to content Skip to left sidebar Skip to right sidebar Skip to footer

Contract Awards

You Are an Unique Entity!

You’ve heard (ad nauseum, probably) about replacing your DUNS number with the unique entity identifier (UEI) by  December 2020. Contractors will request and be assigned the new identifiers through SAM.gov. (To learn more about the transition, click here.) (GSA Interact, December 10, 2019)

Contractor award data, including UEI data, interfaces with many systems outside of the government interface. To assist contractors as well as other agencies, GSA published a first and second set of UEI/EVS specifications. For instance, Group 1 includes:

  • beta.SAM Entity Management. APE has updated schemas for a second version of the API. The second version allows  systems to pull information automatically. Differences between versions are marked as v1 (current version) or v2 (future version). Specs may be found here.
  • New EVS and UEI changes will not be updated to SAM Entity Management Web Services. Users of this web service should migrate to beta.SAM Entity Management API to retrieve UEI and new EVS information. 
  • The SAM public RESTful API will not be updated to incorporate UEI or new EVS changes. Users of RESTful API should migrate to beta.SAM Entity Management API to retrieve new EVS and UEI information.

Group 2 includes:

  • The beta.SAM Exclusions. API has updated schemas for version 2, which allows interfacing systems to pull information about the exclusions automatically.  Differences between the versions are marked as v1 for the current version and v2 for the future version. Specs may be found here.
  • The SAM Exclusions Search Web Services will not be updated to incorporate UEI or new EVS changes. Users of this web service should move to the beta.SAM Exclusions API in order to retrieve UEI and new EVS information concerning exclusions via interface.

The public will continue to receive UEI/EVS specifications as they are updated. IAE will release its testing plan by 30 December 2019. Additionally, IAE will complete the issuance of updated technical specifications interfacing systems. Contractors should start developing plans to allow for the interface changes and begin development for testing with IAE. (ibid)

Users with questions specific to interface testing should contact ne***********@*sa.gov. Users with questions specific to the SAM-generated UEI or entity validation services should contact en**************@*sa.gov. (ibid)

Wanna Connect a Hybrid Cloud?

The Department of Defense (DoD) wants a hybrid cloud environment to serve as the cornerstone for department-wide use of artificial intelligence. The Joint Artificial Intelligence Center (JAIC) issued two sources sought notices from all business that can provide system engineering and integration “to support the procurement, implementation, and operation of a hybrid and multi-cloud deployable development and production platform for Artificial Intelligence and Machine Learning (AI/ML) solutions.” (Fedscoop, November 25, 2019)

This hybrid cloud environment will form the basis of the Joint Common Foundation (JCF), a DoD/Government  AI/ML development platform, containing Data, Tools, and Processes. JCF will include shared data, reusable tools, frameworks, and standards. Additionally, it will include cloud and edge services to develop, secure, test and evaluate, deliver, and sustain capabilities. “The JCF will incorporate the architecture and software artifacts of the Enterprise Development, Security and Operations (DevSecOps) initiative and evolve toward enabling the DoD Artificial Intelligence Strategy.” (ibid)

Proposed vendors answer specific questions about past experience integrating multiple cloud providers at scale with continuous development and integration while meeting security compliance standards. A solicitation conference will be held in early 2020, followed by a request for quotation, and award by the end of September 2020.

The award of JCF will move swiftly. Give us a call if we can answer any questions or assist with your proposal efforts.

Network Security Big and Small

As many companies have discovered, the Pentagon has increased network security requirements. Small companies are having a tough time with the new rules, as expected, but it appears larger companies are having issues as well. (Government Executive, December 3, 2019)

Some big companies are providing too much data to small subcontractors, which in turn leaves them at risk to foreign hackers. Foreign hackers look at fifth or sixth tier subs to find information — where the biggest “holes” are. (ibid)

In 2016, hackers stole sensitive data on the F-35 Joint Strike Fighter. This is just one of the many cases that prompted the Pentagon to issue new rules for handling sensitive information. By January 1, 2018, all companies doing business with the Pentagon were required to have a plan in place to meet the new standards. (ibid)

In the past, companies needed to only self-certify that they had a plan in place. Unfortunately, no one checked the plans, hence the hacking ensued.

Multi-factor authentication and FIPS-validated encryption seem to be two areas where companies are having a great deal of trouble. Without these working properly, it is much easier for unauthorized access into secure systems.

The Pentagon warned contractors that they will lose business if they and their subcontractors do not meet the updated rules. However, full compliance does not make a company safe from hackers. Individual companies must have an unobstructed view into their own networks as well as ongoing, updated security measures from their subcontractors in order to stay ahead of hackers.

Wondering if you are meeting the Pentagon’s new security rules? We can help you figure it out, give us a call.

Shared Service QSMOs

The big takeaway from last week’s Association of Government Accountants’ 2019 shared services summit: it will take a few years to standardize shared services, especially for grants management. (FedScoop, November 14, 2019)

In April, the Office of Management and Budget (OMB) chose four agencies as Quality Service Management Offices (QSMOs):

  • GSA – to oversee a human resources marketplace
  • Department of Treasury – for financial services
  • Department of Health and Human Services – for grants management
  • Cybersecurity and Infrastructure Security Agency – for cybersecurity (FedScoop, April 26, 2019)

QSMOs have started hiring and transitioning from the old payroll system to Software-as-a-Service. This NewPay Initiative tops the list in moving to shared services. GSA awarded a blanket purchase agreement for NewPay in September 2018 to reduce risks and costs and followed up with multi-million dollar task orders. (ibid)

According to Earl Pinto, deputy associate administrator of the Office of Shared Solutions and Performance Improvement within GSA, “these are not short term projects, and I would say that’s probably the biggest challenge because we know we’ve got a process. Standards first … and that has taken, for several mission-support functions, well over a year to get to standards – some over two years.” (ibid)

Some agencies, such as the Interior Business Center are not clear as to whether they will lean towards NewPay or work through current providers, GSA, or a separate appropriation. (ibid)

Some unknown pieces remain. Will agencies always pay for the services delivered or will it be streamlined in some manner? It may be quite some time before we know for sure.

Questions on QSMOs? Call us and we can explain it.