Skip to content Skip to left sidebar Skip to right sidebar Skip to footer

Tag: DOD

Don’t be caught non-compliant

With each new year comes a new set of sub and prime contract goals each non-small business contractor and government agency must adhere to. Agencies achieve their goals by awarding prime contracts to small businesses. Non-small business contractors who compete for contracts worth $750,000 or more ($1.5 million for construction contracts) are required to submit a small business subcontracting plan. The plan must include how a contractor will attract small businesses and ensure that those businesses actually have an opportunity to subcontract (FAR 19.702). The plan must show separate dollar and percentage goals for small businesses, those services/supplies to be subcontracted, and an explanation of how small business contracts will be secured. (JDSupra April 23, 2020)

To keep contracts in check, the federal government may intermittently audit contractors. The audits verify small business subcontracting plan s are being fulfilled. The Small Business Administration (SBA) is the lead for the evaluations, the SBA may delegate this authority to other federal agencies. Department of Defense contracts are generally evaluated by the Defense Contract Management Agency (DCMA). (ibid)

Compliance reviews are random and any contractor with a subcontracting plan can be selected for review. The government considers the following factors during compliance reviews:

  • Number and size of the contractor’s government contracts
  • Date of last compliance review
  • Most recent compliance review results
  • Importance/sensitivity of the project
  • Reporting compliance in the electronic subcontracting reporting system (ibid)

The following may be reviewed during an audit:

  • Contract files/correspondence related to the contract
  • IT systems
  • Documentation on subcontracting methods and procedures (ibid)

Once the audit is complete, a contractor can expect to receive a report on non-compliant items found and a rating based on the review. A rating can range from unsatisfactory to outstanding. No further action is necessary if a contractor receives an outstanding rating. When the rating is below satisfactory, the contractor must create a corrective action plan (CAP) within 30 days, explaining the steps they will take to become compliant. (ibid)

It is a good idea for contractors to have the required documents on hand, should they receive notice of an upcoming audit. They may include the following:

  • Small business certification paperwork
  • Subcontracting program policies
  • Any prior compliance reviews
  • Organizational charts
  • Policy letters from the company CEO verifying subcontracting program
  • Historical subcontracting reports
  • Listing of any small business conferences or trade shows attended
  • Documentation of success stories – showing contracts awarded
  • A letter identifying small business liaison officer (ibid)

Companies that are well prepared for audits and have a subcontracting plan in place will undoubtedly move through a review smoothly and quickly.

Do you have all of your ducks in a row for a possible upcoming audit? Give us a call.

 

Three DoD DFARS will soon become permanent rules

According to a recent statement by Katie Arrington, the Pentagon’s CISO for acquisition and sustainment, three Defense Federal Acquisition Regulation Supplements (DFARS) for the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) will soon be permanent rules. (MeriTalk April 15, 2021)

The CMMC program enforces cybersecurity standards in the Defense Industrial Base (DIB) supply chain. The certification requirements will be part of all DoD contract requirements by 2026. (ibid)

The soon-to-be-permanent rules are:

  • DFARS Provision 252.204.7019 requires contractors to complete self-assessments and upload them into the DoD’s Supplier Risk Performance System (SPRS)
  • DFARS Clause 252.204.7020 takes place upon contract completion, allows DoD access to systems, facility, and personnel if DoD assesses the necessity due to risk
  • DFARS Clause 252.204.7012 requires all contractors to maintain adequate security of defense information that is “processed, stored or transmitted” on their network (ibid)

According to Arrington, 300,000 contractors need to get CMMC certified within the next five years. She said, “we have thought carefully about this, and making cybersecurity foundational to acquisition wasn’t something that we just thought “Let’s do it one time.” It has to be an enduring capability.” (ibid)

Questions concerning CMMC certification? Give us a call.

 

Security Clearance Due Process Streamlining

The Defense Department is streamlining process procedures for individual security clearances. (Defense Systems, January 27, 2021). On 19 January, the Under Secretary of Defense issued a memorandum to “simplify, centralize and unify the established administrative process for unfavorable security clearance eligibility hearings and appeals. The memo directs DoD unit heads to allow applicants to: “cross-examine” those who made negative statements about them, and receive documentation on the administrative due process. However, all unit heads retain the ability to “deny or suspend” access to classified information or Special Access Programs if an individual is found to be “inconsistent with protecting the national security.” (ibid)

“The policy is effective upon DoD General Counsel (GC) certification to USD (I&S) that DOHA has prepared, but no later than September 30, 2022.” (ibid)

Was your application for a security clearance revoked and you are not sure what to do next? Give us a call.

Born in the USA

Last week DOD set in motion the Trusted Capital Digital Marketplace, the goal of which is to give companies an alternative to foreign investors. Often, using foreign investors prohibits contracting with the Department of Defense (DoD). The marketplace originally piloted last year with the official launch last month.

Both companies and investors apply to join the marketplace and are screened by DoD. Those accepted are listed in the digital marketplace as trusted receivers or sources of funds and may connect with each other. As of this writing, 128 companies and 30 investors have logged into the marketplace.

Tax cuts and the Jobs Act of 2017, creating new designations for special national security-related companies in the tax code, are crucial components of the marketplace. Additionally, the fiscal 2021 National Defense Authorization Act references the marketplace program. Combined, these will increase use of the program; as users report on the program efforts, it expands. The goal is to help start-ups obtain funding without looking to foreign investors who may have adversarial ties.

Are you looking to work with the Department of Defense and trying to figure out how to get funding? Give us a call.

DoD and Software

The Department of Defense is updating its purchasing policies for software acquisition, moving toward an  Adaptive Acquisition Framework. (fedscoop, October 7, 2020)

DoD’s new software purchasing policy includes some big changes: its focus will be on updating software on an “as needed” basis instead of custom coding. In the old model DoD purchased software in the same manner as it bought tanks, which often took years. The new policy, titled 5000.87, allows contracting officers to have the tools they need to buy code while giving them the flexibility to focus on the development and maintenance of programs. (ibid)

According to a DoD spokesperson, “as more parts of the military use similar technology-development stacks, achieving Authorities to Operate (ATOs) will happen much faster.” The goal is to improve cycle time which should now be achieved with the new framework in place.

Are you looking to work with DoD to provide software or code and have questions about how to get started under the new purchasing policy? Give us a call.