Skip to content Skip to left sidebar Skip to right sidebar Skip to footer

Tag: GSA

Prohibited telcom equipment may cost you

The General Services Administration’s (GSA) Office of the Inspector General (OIG) published a new report highlighting GSA’s failure to address prohibited telecom items on its Multiple Award Schedule (MAS) contracts. The report states that this puts customers at risk of unauthorized surveillance by foreign adversaries. In 2017 and 2018, Congress passed laws prohibiting the procurement of certain telecom and video surveillance services from specific entities, with FAS responsible for ensuring compliance. However, the OIG report reveals that FAS’s reliance on contractor self-certifications and the Prohibited Products Robomod process is inadequate in preventing the inclusion of prohibited items on MAS contract price lists. (MerriTalk July 11,2023)

The report also identifies FAS’s shortcomings in taking sufficient action against contractors violating Federal Acquisition Regulation (FAR) restrictions, as well as the lack of a process to notify customer agencies about purchases of prohibited telecom items. Furthermore, FAS initially failed to comply with FAR requirements by not including subsidiaries and affiliates of named entities in their efforts to identify prohibited items on MAS contracts. To address these issues, the OIG has made five recommendations to FAS Commissioner Sonny Hashmi, including strengthening controls and implementing more stringent consequences for non-compliant contractors. (ibid)

This report from the GSA’s OIG follows the release of the Federal Communications Commission’s (FCC) “Covered List,” which prohibits the sale of telecom network equipment and services from certain China-based providers due to national security concerns. The FCC’s ban aims to safeguard the nation’s communications networks and enhance the security and resilience of the domestic supply chain. These efforts reflect the commitment of both agencies to protect national security and mitigate risks associated with unauthorized telecommunications equipment and services. (ibid)

Questions about prohibited telcom items? give us a call.

Green is the new kid in town

Last week the General Services Administration (GSA) signed a memorandum of understanding (MOU) with the Department of Defense (DoD) to make sustainable technology products more easily available in the federal marketplace. (Washington Technology March 24, 2023)

Under the MOU, GSA will use DoD’s Sustainable Technology Evaluation and Demonstration (STED) Program information on product performance and pricing to simplify the acquisition process and make sustainable technology alternatives more readily available to federal agencies. (GSA.gov March 21, 2023)

“This partnership is an important step in strengthening our sustainable acquisition offerings, it’s so important that we help agencies more easily find and buy products that not only meet mission needs but are also better for the environment,” said Sonny Hashmi, Federal Acquisition Service commissioner. (ibid)

In accordance with the agreement, once a sustainable product that meets or exceeds DOD requirements is identified by STED, GSA will work with vendors in obtaining a new Federal Supply Schedule. (Washington Technology March 24, 2023)

Officials at GSA said they would help vendors obtain National Stock Numbers, allowing agencies to obtain sustainable products directly from GSA through the GSA Global Supply requisition process. The GSA Global Supply requisition process is currently certified in the Federal Acquisition Regulation. (ibid)

In addition to the Global Supply requisition process, agencies can also buy through the GSA Advantage! Environmental Aisle to assist in meeting federally-mandated acquisition requirements. Products identified through STED will soon have access to GSA Advantage! providing an even larger market for vendors to market their products. (ibid)

Questions about the MOU or the STED program? Give us a call.

Not an employee, not an Entity Administrator in SAM.gov

Effective March 6, 2023, only employees, officers, or board members within a company, may hold the Entity Administrator position. By making this change, GSA hopes to increase the level of security while ensuring that companies are controlling who may update their registration in SAM.gov. Service providers and/or consultants may continue managing entity registration, however, specific actions will be required. (gsa.gov|interact March 6, 2023)

Company registration updates require the relationship status of individuals to the company. If you are not a company employee, officer, or board member you will have the Data Entry role, not the Entity Administrator role. The Data Entry role allows you to register new entities, manage updates, and renew entity registrations, however, you may no longer manage user roles. If a company used an Entity Administrator Appointment Letter (notarized letter process) in the past, this is no longer an option for non-employees. (ibid)

If your current Entity Administrator is outside of your company, there are two ways to change your Entity Administrator role to a company employee, officer, or board member:

  1. Send an Entity Administrator Appointment Letter to the Federal Service Desk (FSD) appointing an administrator, or
  2. Ask your outside Entity Administrator to assign the role to an individual within your company prior to the next registration date, within SAM.gov. (ibid)

Companies that currently have an employee, officer, or board member as their Entity Administrator for SAM.gov are not affected by this change. If you are not certain, you can view roles assigned to individuals within your company by logging into SAM.gov and selecting “My Roles.” (ibid)

Questions about your Entity Administrator or SAM.gov? Give us a call.

New GSA requirement – attest to software safety

According to a recent GSA memo, software vendors will be required to ensure that only approved software is acquired and used by GSA. GSA plans to use a Cybersecurity and Infrastructure Security Agency form to collect the letters. The forms will be available in early June. (FEDSCOOP February 1, 2023)

The Cybersecurity and Infrastructure Security Agency (CISA), Chief Jen Easterly recently urged industry to take responsibility to ensure the safety of its products. The CISA Chief also recommended shareholders make sure c-suite executives are viewing cyber risk as a board-level issue. (ibid)

GSA is collecting the letters of attestation in an effort to implement a memo signed by the White House. The memo requires all federal agencies to verify that all distributed third-party IT software adheres to the National Institute of Standards and Technology (NIST) supply chain security requirements. (ibid)

The Federal Acquisition Council has under consideration, embedding the requirement for software providers to attest to the security of their products within the Federal Acquisition Regulation (FAR). (ibid)

According to the memo, “GSA’s acquisition regulations (GSAM 511.170(d)) require GSA’s Information Technology (IT) Office to approve new software before its use at GSA. To comply with Executive Order 14028 and OMB Memorandum M-22-18, which require federal agencies to only use software that complies with Government-specified secure software development practices, GSA IT will update its processes to approve software including requiring vendor attestations. GSA IT anticipates issuing an updated attestation process by June 12, 2023.” (Memorandum for the GSA Acquisition Workforce 1/11/23)

The memo also states, “Contractors providing GSA with a cloud-based solution are encouraged to work with the Federal Risk and Authorization Management Program (FedRAMP). The FedRAMP approval process will streamline the GSA IT Standards Process allowing for a timely contract start. GSA also anticipates that leveraging FedRAMP will ensure and streamline compliance with the requirements of OMB Memo M-22-18 in the future.” (ibid)

Have questions or need some guidance with your letter of attestation? Give us a call.