GSA renames $48B IT contract

The General Services Administration’s professional services contract Integrations is now named OASIS, officials said March 28.

OASIS stands for One Acquisition Solution for Integrated Services.

The contract is still in the pre-request for proposals stage and is expected to have a ceiling of $48 billion.

“Selecting a name for a solution is no small task; a name must not only be recognizable, but it must also convey the solution’s purpose and value,” Jim Ghiloni, the recently named program executive officer of OASIS, wrote March 28 in a post on GSA Interact.

OASIS is an integrated professional services contract with a support IT component. The principle services include management and consulting, professional engineering, and logistics and financial services. Officials have said it will be a hybrid contract with commercial and non-commercial items available through it. It will also allow for all types of contracts at the task order level.

OASIS will be a multiple-award, multi-agency task and delivery order contract. GSA officials say it will be more like a multiple-award contract or a governmentwide acquisition contract than a Multiple Award Schedule.

With the name-change, officials are focusing on the next stage. They are coming together from FAS’ Office of General Supplies and Services, Office of Information Technology Services, Office of Assisted Acquisition Services, and others to work on arranging the contract to suit agencies’ needs.

FAS also needs to finalize and post the contract in the Office of Management and Budget’s MAX Federal website. By posting it there, the government can see if another contract is already selling these same services. The Office of Federal Procurement Policy has tried to avoid duplicative contracts.

They plan on establishing a customer working group and continue to use GSA’s Interact website to gather input and share updates.

“We believe the name OASIS, generated with input from industry members, is representative of the true value this vehicle will bring to the federal government,” said Steve Kempf, commissioner of the Federal Acquisition Service at GSA.

About the Author: Matthew Weigelt is a senior writer covering acquisition and procurement for Federal Computer Week.  This article was published on Mar. 28, 2012 at http://washingtontechnology.com/articles/2012/03/28/integrations-oasis-gsa.aspx?s=wtdaily_290312.

Government contracting landscape shifts as task orders rise

Government contractors need to prepare not only for a more austere future for government spending, but also adapt to a shifting landscape that is favoring task orders over traditional acquisition contracts, a leading government forecasting group said today.

Among the forces reshaping that landscape are agency efforts to accelerate the delivery of technology and other projects. One way they’re doing that is by breaking projects into smaller, more modular chunks. That has resulted in a growing use of task orders, said  

Kevin Plexico, senior vice president for research and analysis services at Deltek, speaking at Deltek’s FedFocus 2012 forum today.

Multiple award task order based contracts permit agencies to establish a limited set of companies, typically with specific skills, to compete for individual projects under a pre-negotiated set of terms and conditions. They also help deal with the fact that though government contract spending has increased by 50% over the past five years, the size of the acquisition workforce has remained flat.

Consequently the volume of multiple award task orders has more than doubled over the past five years (in light blue bars in chart above), while spending through GSA Schedule 70 and other contract vehicles has remained relatively flat.

Plexico outlined these and other facets of the 2012 federal budget that are likely to impact the government contracting community.At the heart of Deltek’s outlook is the administration decision to lower discretionary government spending to $1.043 trillion, from $1.211 trillion in fiscal 2011. (See full slide presentation here.)

“We’re not talking about that the federal budget is falling precipitously,” he said, trying to put the expected budget cuts in perspective. “Put in commercial terms, you see much more fluctuation in commercial markets than you see in the government market.”

But contracting firms which have benefited from ongoing government projects of the past can expect to see fewer contracts and fewer players getting those contracts in the coming fiscal years, he said.

“The (federal) budget environment is leading to a much more competitive landscape for contractors,” he said. “We’ll see companies protecting the work they’re doing,” and having to look at other opportunities to grow, including acquiring other companies, other skill sets, or realign with companies which have existing contracts, he said.

“Companies must adapt to an accelerated proposal environment brought on by task order contracting,” he said.

That point was brought home by Homeland Security Department CIO Richard Spires and Dave Wennergren, assistant deputy chief management officer for the Department of Defense, who spoke at the forum. Both stressed how new budget pressures were forcing the adoption of agile – or rapid cycle, smaller increment-development in a growing number of projects, and with that trend, the need to accelerate IT acquisition.

“We’re at a tipping point,” Spires said, referring to expectations of “real cuts in IT” at DHS heading into the next fiscal year, and the need to find lower price points for s across DHS, at lower price points and develop them more quickly.

Spires acknowledged that DHS is still coming to grips with how to consolidate 132 human resource information systems and nine learning management systems down to a much smaller number. The only way to get that done, he said, involved getting all the right players in a room and hammer out what those shared solutions needed to be and established which existing platforms were the most capable of supporting them.

Wennergren added that an essential element to making agile development work is a foundation of enterprise architecture that ensures projects and shared solutions are properly aligned with the underlying mission and business needs of agencies.

For contractors, especially those working on Defense Department projects, the new fiscal austerity will mean not only more fixed priced and task order contracts, but also more risk, said Brian Haney, Deltek vice president, client services. He reiterated “If you’re not a modular development shop and you’re looking to get into DoD, you might consider developing strategic relations” with contractors who are.

– by Wyatt Kash – Published by Aol Government - November 3, 2011 – http://gov.aol.com/2011/11/03/government-contracting-landscape-shifts-as-task-orders-rise/

Programmer, procurement staff failings contribute to software attacks

When hackers take advantage of a software flaw in a federal financial system to steal credit card numbers, procurement officers and program developers are both to blame for the intrusion, some information security specialists say.

“We were at fault because we allowed that common weakness that let them into the system,” Joe Jarzombek, director of software assurance at the Homeland Security Department, told Nextgov after speaking at an Orlando, Fla., cybersecurity workshop.

Vulnerabilities stem from the inadequate training of software engineers, as well as inadequate requirements from acquisition officers. In the old days, when software operated in an isolated system, developers thought threats would be limited to that computer’s physical area. In today’s networked world, however, software is operating in environments that the developer may not have had in mind when building a program.

This week, Homeland Security held a software assurance workshop during a conference hosted by (ISC)2, a trade association for cybersecurity professionals, to press upon information security specialists the importance of eliminating vulnerabilities during the design phase.

The most high-profile system intrusions — from data theft to industrial sabotage — all are the result of interlopers exploiting a previously undetected weakness. The Stuxnet worm apparently derailed machinery running Iran’s nuclear program by taking advantage of an error that the system’s software developers had not noticed. In that instance, the system wasn’t even hooked up to the Internet. A thumb drive delivered the malicious program.

“Nowhere in my own training or in the guidance I’ve ever been given did people talk about how hostile of an environment your software may be in,” Bob Martin, principle engineer for Mitre Corp., said during an interview after speaking at the workshop.

But software makers and consumers — including federal agencies — are not helpless in this challenge.

“We have to get away from this victim mentality of ‘I can’t do anything about it . . . It’s too expensive,’” Jarzombek said. “Those who are saying that are those who have not baked in security to the system.”

Michele Moss, lead associate at Booz Allen Hamilton who also gave a presentation at the conference, said greater communication between software makers and agency buyers would help both parties spot potential defects earlier.

“Everyone involved in the development or the acquisition of software should have awareness of the threats that are out there today so they can make decisions based on the environment that is out there,” she said in an interview. “Historically, the communities have been segregated.”

Vendors and federal managers typically only collaborate to meet cost, schedule and system performance goals, not to sleuth out software vulnerabilities. So, defects often are caught after installation and fixed by releasing a patch, usually included in updates that users are prompted to download every few days.

The current patch management approach opens up networks to attack if not regularly applied but, conversely, is expensive to regularly apply.

Procuring trustworthy software may involve additional up front expenses, but experts estimate that the initial purchase costs about a third less than the price of continuously patching vulnerabilities.

To change agency buying habits, DHS, in cooperation with the software industry, has developed downloadable handbooks on various software assurance subjects.

A contracting handbook published in 2009 provides sample software provisions tailored to government task orders that address personnel, security training, background checks of developers, threats, penetration testing and application development. A due diligence guide, also released in 2009, offers questionnaires to help purchasing divisions gather software supply chain information from potential contractors.

The due diligence document contains a separate, smaller set of questions geared toward cloud service providers, or data center operators that provide organizations with on-demand access to software that is stored on the companies’ servers. The items include: “What are the procedures and policies used to approve, grant, monitor and revoke access to the servers? Are audit logs maintained? What type of firewalls (or application gateways) are used? How are they monitored/managed?”

In time, procurement officers may have another tool — nutrition labels for software, so to speak. “Labeling would be something that would let you understand what kind of testing and examinations the software went through,” Martin said.

But Jarzombek said he does not believe labels, surveys or specific contract language should be mandatory. “Everybody has to make choices for their own enterprise,” he said. “Hacking is going to change behavior more than anything. I think that has a bigger impact than saying let’s legislate this.”

Some in the programming industry have criticized software labeling as useless to the average consumer because the nature of software testing does not lend itself to plain English.

Labeling backers say the food and beverage industry encountered the same problem, but grocery shoppers, restaurant patrons and now health regulators have learned to translate the descriptions.

“Food labels have been out for a decade but it’s only been recent that government has been regulating things based on what’s on the label,” Jarzombek said.

“This is about making better informed decisions,” he added. “Right now consumers do not have enough information to specify what they want.”

– by Aliya Sternstein – NextGov - 09/22/11 – at http://www.nextgov.com/nextgov/ng_20110922_9166.php?oref=rss?zone=NGtoday

Bidders bite back

High above the Potomac and Anacostia rivers in Southeast Washington, construction crews have begun the largest federal construction job since the Pentagon, transforming St. Elizabeths Hospital into the new consolidated campus of the Homeland Security Department. The $3.4 billion project encompasses 4.5 million square feet and eventually will house 22 government agencies.

But the project hit a snag in October 2010 when four losing bidders for a $2.6 billion information technology contract filed protests with the Government Accountability Office. They challenged the selection of Northrop Grumman Corp. to run a massive data network at the site and argued their own bids were unfairly evaluated. Recognizing that mistakes might have been made, the General Services Administration opted to cancel the contract and begin anew.

Northrop Grumman has since filed its own protest of GSA’s decision, further delaying issuance of a new solicitation.

Such is the new reality in federal procurement. Key contracts – whether it’s $500 million to create an IT infrastructure for the Transportation Security Agency, or $40 billion for a fleet of Air Force aerial refueling tankers – can grind to a halt because of a bid protest. Until the past decade, Ralph White, who heads the bid protest division at GAO, would stop and take notice when contracts protested reached nine figures. “I considered it a big deal,” White says. “Now a $100 million contract is a fairly routine thing. We did not used to see that, and certainly not at this level.”

Protest filings are on the rise at GAO, reaching a 15-year high in fiscal 2010. Some analysts note few protests are ultimately sustained, and many are dismissed in a matter of weeks. But the delays come at a cost to the government, contractors and the taxpayer. “At the end of the day, it really slows down the process of getting hardware and services to the warfighter,” says Daniel Beck, spokesman for the Chicago-based Boeing Co.

More Protests

GAO bid protests, in some form or another, have been part of federal procurement for nearly a century (the first protest was filed in 1926). But it was not until passage of the 1984 Competition in Contracting Act that the practice became formally structured and regulated by Congress. Companies that believe they were not treated fairly during source selection also can challenge the decision with the U.S. Court of Federal Claims, or directly with the contracting agency, though GAO overwhelmingly is the preferred option.

During the 1980s and early ’90s, contractors filed an average of nearly 3,000 protests per year – an astounding figure given the relatively low number of government contract actions at the time. Surprisingly, the rise in protests during the past decade pales in comparison to the sharp increase in contract spending. For example, between fiscal 2001 and 2008, procurement actions increased almost 600 percent and their value rose more than 100 percent, according to the Congressional Research Service. But the number of protests filed during that period went up only 37 percent, indicating that despite popular perception, the proportion of contracts that were protested actually shrank.

“Each year, our contracting agencies take hundreds of thousands of contract actions that could be protested, but more than 99 percent of them don’t get protested,” says Daniel Gordon, administrator of the Office of Federal Procurement Policy and the Obama administration’s top acquisition official. As the government continues to slow its acquisition spending, Gordon expects protest figures to decline as well.

But recent data suggest otherwise. During the past three years, GAO protest filings have skyrocketed 39 percent, reaching 2,220 in fiscal 2010, the highest point since 1995. There are several explanations for the increase, most notably the agency’s expanded jurisdiction to task-and-delivery order protests of more than $10 million. In 2010, 189 task order contracts were protested. In 2008, Congress also authorized contractors to protest TSA acquisitions and public-private competition decisions made under circular A-76.

Analysts also see the influx of lucrative, multiyear, indefinite delivery-indefinite quantity contracts – which have the potential to lock a contractor out of agency work for up to 10 years – as a contributing factor. “Larger companies, which were historically more reluctant to file protests because of customer relations concerns, are a little less reluctant,” says Thomas C. Papson, a partner at McKenna Long & Aldridge in Washington. “It’s almost a circle. As you see your competitors filing protest after protest, it almost legitimizes it from that standpoint.”

While protest filings are on the rise, the percentage of cases GAO sustained has remained flat at roughly 20 percent. Most cases never get to that point as contractors find other ways to settle disputes in their favor. Agencies often will eliminate the middleman and renegotiate directly with the contractor.

The 2010 effectiveness rate – based on a contractor receiving “some form of relief from the agency,” frequently the reopening of the contract – was 42 percent, according to GAO data. “Protests give agencies and their counsels an opportunity to have a sanity effect on what they have just done,” Papson says. “It allows them to go back, take a fresh look with the benefit of the protest issues put on the table and correct the mistakes.”

The parties also can agree to use alternative dispute resolution, an increasingly popular “outcome prediction” process in which GAO attorneys inform the parties early in the process about how they will likely rule if forced to draft a decision. The technique typically leads to protests being resolved without further GAO intervention.

The high rate of agency interventions in bid protests could signal that contracting officers are making too many mistakes in following the terms of the solicitation. “The ones that get pulled back without a decision usually have some really basic mistakes in them,” White says. “You can’t say that you will evaluate [a proposal] one way and then evaluate it another way.”

Abusing the System?

A GAO protest generally triggers an automatic stay of the contract award or performance while the protest is pending, though the agency is allowed to move forward under urgent and compelling circumstances. GAO has up to 100 days to issue a decision, a deadline it has never missed.

But critics suggest companies have abused the process either by looking to extend the life of an existing contract by a few months, or by grasping at straws in an effort to uncover some minor error that could lead to a reversal. “We feel protests are being used as a standard business practice, and that disturbs us,” Beck says. “We feel that protests are appropriate if there is strong evidence of a problem in the acquisition process but we don’t think it’s appropriate as a post-award strategy for those contractors that were defeated by bids that were simply deemed superior in a fair and open process.”

James E. Cuff, executive vice president of business development, strategy, and mergers and acquisitions at SAIC in McLean, Va., suggests some protests are little more than fishing expeditions. By filing a protest, a company can gain access to far more information than it would typically be entitled to during a post-award debriefing. “It would be healthier for industry, and clearly healthier for the customer, if protests were an extraordinary event,” Cuff says. He’d recommend a system in which “people can’t protest simply because they don’t like the answer and they are hoping to find some flaw, even if they don’t know of any flaw, when they file the protest.”

SAIC and Boeing have reputations for filing fewer bid protests than do other large contractors. “We treat protests like extraordinary events,” Cuff says. “We set a high bar when protesting. There must be a significant mistake in the process.”

Boeing, however, was responsible for arguably the most significant protest in recent memory: its successful challenge in 2008 of the Air Force’s aerial refueling tanker contract awarded to EADS North America and Northrop Grumman. “It’s a costly exercise to go through for us,” Beck says. “We also need to be thinking about our relationship with our military and government customers. But with the tanker, we felt there was strong ground for a protest, and GAO validated our concerns.” The Air Force has yet to issue a new contract for the tankers.

Pentagon contracts are particularly vulnerable to bid protests. From fiscal 2001 to 2008, Defense Department protests increased 39 percent, the Congressional Research Service notes. “Protests are extremely detrimental to the warfighter and the taxpayer,” wrote then-acting Undersecretary of Defense for Acquisition, Technology and Logistics John Young Jr. in an August 2007 memo. “These protest actions consume vast amounts of time for acquisition, legal and requirements team members; delay program initiation and the delivery of capability; strain relations with our industry partners and stakeholders; and create misperceptions among American citizens.”

But Gordon suggests its focus on transparency and timeliness makes the U.S. protest system a model for other nations. “I don’t think that protests affect agencies’ ability to rapidly award contracts, except for the few dozen each year where GAO finds the agency violated procurement law,” he says. “And in these cases, it’s important for us to stop and get things right.”

Tip of the Iceberg

With contract spending expected to decline in the coming years, particularly at Defense, and the larger economy still in slow recovery, some analysts believe the incentives for filing protests will only grow stronger. “Companies are concerned about being locked out of the market and may think it makes more sense to protest,” says Rich Rector, chairman of the government contracts practice and partner at the Washington law firm DLA Piper. “With the decline in spending, these are tough economic times, and they are getting tighter in the government space. It could drive people not to be as sanguine when they lose a contract.”

It’s unclear, however, what, if anything, can be done to stem the tide. Some industry officials want to see a financial penalty levied on losing protesters as a disincentive to filing frivolous challenges. While the topic has been batted around at Defense, the plan does not yet appear to have the administration’s support. Some have speculated that fining protesters could deter many firms, including small businesses, from filing legitimate protests.

Others argue that protests will decline only if the government provides additional resources and training to an overburdened and overworked acquisition workforce. “We need to ensure that competition is done right the first time so that the kind of obvious errors you see in some major procurements get made less frequently,” Papson says. “Some mistakes leave you shaking your head and asking how they missed that. The answer may be that they are inadequately staffed, or they were under pressure to get it done in an unreasonable amount of time.”

Some agencies, however, might be going overboard to protect against protests. Too often, contracting officers issue awards based on initial proposals without conducting further dialogue with bidders for fear that discussions are a “protest-rich area,” Gordon says. The result, he says, is the government might be missing out on better or less expensive proposals. In recent months, OFPP has begun meeting with contracting officers in an attempt to “myth bust” the idea that talking with vendors will lead to protests.  

“We need to talk with vendors early and often in our acquisitions,” Gordon says. “And not talking with them to avoid protests only hurts the government, particularly when more communication could help the agency better figure out what it needs and how to buy it.”

While the bid protest system is undeniably imperfect, most agree it’s one of the success stories of the American federal procurement structure. GAO works through its cases rapidly and judiciously, often with little complaint from industry. All the while, the bid protest staff at GAO has remained static at roughly 30 employees for the past decade. “What you get is a lot more transparency, integrity, or accountability than in other places,” White says. “It’s a system I would hate to walk away from and think about what it would mean to provide no opportunity for a redress when people think that something was unfair.”

 – by Robert Brodsky – Government Executive – February 1, 2011

FEMA didn’t award contracts on merit, report says

The Federal Emergency Management Agency may have violated federal law by trying to distribute contract dollars equally among three firms, rather than selecting the most qualified candidate, according to a new report commissioned by the Department of Homeland Security.

In the report dated October but released earlier this month, independent public accounting firm Foxx & Co. found that FEMA may not be complying with the Brooks Act, which requires that the government select engineering and architectural firms based on competency, qualifications and experience. Additionally, the report said that FEMA neither established performance standards for its contractors nor evaluated their performance.

The agency in 2006 awarded contracts to three companies to provide technical assistance, such as engineering services or environmental expertise, to government or nonprofit groups that had received disaster response funding. Irving, Tex.-based Fluor, Arlington-based Emergency Response Program Management Consultants and Gaithersburg-based Nationwide Infrastructure Support Technical Assistance Consultants were all selected to receive future task orders over a five-year period.

Auditors reviewed nine different task orders awarded to the contractors for services provided in response to hurricanes Gustav and Ike in Texas and Louisiana and flooding in Iowa, all in 2008. The contractors received more than $165 million for their work on the disasters, according to the report.

Though the base contract awards complied with the Brooks Act, the audit found no documentation to indicate FEMA had discussions with the three firms before awarding a given task order.

“Without an evaluation of qualifications, questions arise whether FEMA may be using a less qualified contractor to do the work,” the report said. “In addition, a contractor may have already been in place at a disaster location, been more qualified and familiar with the community and issues, and thus could have been a better resource and responded more quickly.”

Auditors recommended the agency seek the Justice Department’s opinion, but FEMA said it is working with the Homeland Security general counsel’s office, which will go to the Justice Department if necessary.

The report also called for FEMA to establish performance expectations and assess contractor performance. FEMA is now developing an evaluation worksheet, a draft of which was distributed to regional divisions in August for their review.

“Without performance expectations or adequate monitoring or evaluations, there is no assurance that the federal government and the state and local entities are receiving the expected . . . contractor services,” auditors added.

Indeed, the report finds that in three task orders it examined, FEMA employees reported having trouble getting the needed technical assistance from the contractor. The report contends that the lack of established expectations and evaluations means the government cannot determine whether it received a fair return on its investment.

– By Marjorie Censer – The Washington Post – Monday, November 22, 2010; page 10

DOD considers distributing task, delivery orders electronically

Defense Department officials want to make the electronic distribution of task and delivery orders a routine part of life at the Pentagon, according to a rule proposed today.

DOD currently has the capability to distribute orders electronically, and can post those orders to a website contractors can access. The new proposal would standardize the process. Officials believe the rule would help small firms.

The proposal would add language to the Defense Federal Acquisition Regulation Supplement to establish a method for sending out orders electronically, according to a notice in today’s Federal Register.

“This change will ultimately help improve the management and promotion of electronic government services and processes,” the notice states. It also would establish a framework to improve public access to government information and services, an electronic government initiative.

Officials are taking comments on their proposal until Nov. 30.

– by Matthew Weigelt – Oct. 1, 2010 – Federal Computer Week