The Office of Personnel Management inspector general again found flaws in the agency’s contracting for the credit monitoring and ID theft services it provides to the more than 21.5 million current, former and prospective federal employees affected by the 2015 data breaches.
OPM has gone through two different contracts for post-breach protections. The IG found “significant deficiencies” in the contracting process of the first one, a $20 million contract to Winvale Group and subcontractor CSID. When that contract expired, OPM opted for a contract with ID Experts to provide services for three years with a potential value of $330 million.
In a report released Tuesday, auditors found the agency’s Office of Procurement Operations bypassed some of the Federal Acquisition Regulation and the agencies’ purchasing rules for the ID Experts contract.
The IG found 15 areas of noncompliance, such as designating the contracting officer representative after the award, failing to check the System for Award Management and data-entry errors. Auditors also found incomplete or unapproved contractual documents, including the acquisition plan, market research plan and technical evaluation plan.
Keep reading this article at: http://www.nextgov.com/cybersecurity/2018/03/opms-post-breach-contracting-efforts-fall-short-again-ig-says/146475/