information technology | The Contracting Education Academy

March 24, 2021 By cs

10 of 15 of DoD’s major IT projects are behind schedule, GAO finds

The Defense Department’s software development approaches are helping to avoid cost increases and schedule delays for many major information technology systems, but uneven implementation of cybersecurity best practices may be introducing risk to these programs, according to a watchdog report.

In the first of a series of annual reviews of major Defense IT systems, the Government Accountability Office (GAO) examined 15 business and non-business DoD IT programs and found 10 programs had schedule delays, including one 5-year delay. Eleven had decreased cost estimates as of December 2019, according to the audit, which was released to the general public just before the holidays.

While GAO didn’t make any specific recommendations in the audit, DoD in its comments said the audit “highlight[s] opportunities for continued improvement to acquiring IT capabilities.”

The main challenge for DoD’s major IT systems is the agency’s mixed record on incorporating cybersecurity best practices.

While all 15 programs are using cybersecurity strategies, only eight conducted cybersecurity vulnerability assessments, which help determine whether security measures are strong enough. In addition, 11 of the 15 programs conducted operational cybersecurity testing, but only six conducted developmental cybersecurity testing.

Keep reading this article at: https://www.nextgov.com/it-modernization/2021/01/10-15-dods-major-it-projects-are-behind-schedule-gao-found/171155/

January 25, 2021 By cs

GSA introduces vendor risk assessment program in draft solicitation

The General Services Administration could soon start requiring on-site assessments of certain federal contractors under a new program to scrutinize risks to the supply chain.

Tucked into the draft of a new governmentwide acquisition vehicle for information technology services called Polaris is language describing a tool to “identify, assess and monitor supply chain risks of critical vendors.” It would use classified and unclassified sources.

GSA said once the tool it’s developing—referred to as the Vendor Risk Assessment Program — is complete, “the contractor agrees the government may, at its own discretion, perform audits of supply chain risk processes or events,” adding, “on site assessments may be required.”

The Vendor Risk Assessment Program first appeared online in a Sept. 2017 blogpost by GSA’s Shon Lyublanovits describing plans to address risks to the supply chain of the government’s information and communications technology. Around that time, agencies would have been busy working to remove Kaspersky software from their systems. And GSA was engaged in a series of pilots toward a service that would be shared across the government to uncover businesses’ due diligence, including for cybersecurity concerns.

Keep reading this article at: https://www.nextgov.com/cybersecurity/2021/01/gsa-introduces-vendor-risk-assessment-program-draft-solicitation/171289/

July 30, 2020 By cs

Verizon loses protest of use of LPTA

The Government Accountability Office has denied Verizon’s protest of the use of lowest price, technically acceptable (LPTA) source selection for telecommunications services under the $50 billion Enterprise Infrastructure Solutions (EIS) telecom and network modernization contract.

Verizon specifically protested requests for proposals by the Defense Information Systems Agency (DISA), arguing that the reliance on LPTA violated the 2017 National Defense Authorization Act, as well as the Defense Federal Acquisition Regulation Supplement, which both require the Department of Defense to try to avoid such source selection when acquiring information technology.

The telecom company suggested DISA instead use best value tradeoff (BVTO) source selection, which would see the task order awarded to the contractor offering the greatest value to the government — not the lowest-cost or highest technically rated offeror.

GAO rejected that idea.

Keep reading this article at: https://www.fedscoop.com/verizon-lpta-eis-protest-denied/

July 16, 2020 By cs

$12 billion intelligence IT contract out for bid

Proposals for the Defense Intelligence Agency’s SITE III contract are due Aug. 21.

The Defense Intelligence Agency bid out its $12.6 billion Solutions for the Information Technology Enterprise III, or SITE III, information technology services contract last week.

The multiple-award contract — a third iteration of the DIA’s SITE and E-SITE contract vehicles that date back to 2010 — will support the DIA and its sister intelligence agency, the National Geospatial-Intelligence Agency, for the next 10 years.

According to the solicitation, the contract will provide “managed services directed towards improving integration, information sharing, and information safeguarding through the use of a streamlined information technology approach.”

Keep reading this article at: https://www.nextgov.com/emerging-tech/2020/07/12-billion-intelligence-it-contract-out-bid/166731/

December 10, 2019 By cs

A new rule could allow Commerce secretary to ban certain tech buys

A proposed rule will allow a government department’s secretary to block the purchase of foreign technology that pose an “undue” risk to the U.S. information and communications infrastructure.

The rule, published by the Department of Commerce Nov. 26, establishes procedures for Commerce Secretary Wilbur Ross to “identify, assess, and address” information and communication technology (ICT) transactions he deems risky to national security.

The proposed rule stems from an executive order President Donald Trump signed on May 15, which gave the secretary the authority to prohibit or mitigate transactions that involve ICT technology developed or supplied by entities located in adversarial nations.

Transactions will be reviewed on a case-by-case basis, and the secretary will take a “fact-specific approach” to evaluation, according to the Commerce Department announcement.

Specifically, transactions will be blocked or mitigated if they are found to have an “an undue risk of sabotage or subversion ICTS in the United States; an undue risk of catastrophic effects on the security and resiliency of critical infrastructure or the digital economy in the United States; or an unacceptable risk to national security or to the security and safety of U.S. persons.”

Keep reading this article at: https://www.fifthdomain.com/civilian/2019/11/26/a-new-rule-could-allow-one-department-secretary-to-ban-certain-tech-buys/

The Defense Department’s software development approaches are helping to avoid cost increases and schedule delays for many major information technology systems, but uneven implementation of cybersecurity best practices may be introducing risk to these programs, according to a watchdog report.

The General Services Administration could soon start requiring on-site assessments of certain federal contractors under a new program to scrutinize risks to the supply chain.

The Government Accountability Office has denied Verizon’s protest of the use of lowest price, technically acceptable (LPTA) source selection for telecommunications services under the $50 billion Enterprise Infrastructure Solutions (EIS) telecom and network modernization contract.

Proposals for the Defense Intelligence Agency’s SITE III contract are due Aug. 21.

A proposed rule will allow a government department’s secretary to block the purchase of foreign technology that pose an “undue” risk to the U.S. information and communications infrastructure.

Search this Website