Don’t eliminate yourself from procurement awards by making these mistakes

By Kevin P. Young, Principal Market Intelligence Analyst

As I mentioned in my last blog, “Growing your FY23 pipeline,” the new fiscal year, which kicked off on October 1, offers a myriad of contacting opportunities for GovCons of all shapes, sizes and disciplines. From the standard federal budget programs to existing and new procurement vehicles, such as Blanket Purchase Agreements (BPAs), Governmentwide Acquisition Contracts (GWACs), and Indefinite Delivery / Indefinite Quantity (IDIQ) contracts, there is plenty of opportunity out there.

New programs earlier announced by the Administration provide substantial funding, including the $1.2 trillion Infrastructure Investment and Jobs Act and the $860 billion Inflation Reduction Act (IRA).

Here are a few key, albeit sobering, facts about – and recommendations for – effective federal government procurement:

Read more of this post

Commerciality: Establishing pricing to the federal government

By Skyler Handl, Corporate Counsel, Public Sector

Selling to public sector customers is different from selling to the commercial market. For example, how much do you know about the government acquisition concept of “commerciality”? To preserve margins in government sales, you need to know how to comply with this concept.

Public sector customers typically require vendors to disclose cost data and then negotiate a profit, or “fee.” This flows through the entire government acquisition supply chain.

Commerciality was introduced as an exception to the general rule of cost disclosure to streamline government acquisition of commercial technology through requirements aligned to commercial market practices. Commercial technology is vetted by the open market, which mitigates risk, and reduces the expense of government acquisitions as development costs are spread across the commercial market. You wouldn’t expect to pay a one-time non-recurring engineering fee for the latest cellphone; it is baked into the price.

Read more of this post

New Requirement for Software Deliverables to Comply with NIST 800-218

By Skyler Handl, Corporate Counsel, Public Sector

On September 14, 2022, OMB took a substantial step forward in implementing EO 14028 Improving the Nation’s Cybersecurity by issuing memorandum M-22-18. This memorandum requires agency leaders to comply with NIST Secure Software Development Framework (SSDF), SP 800- 218,3 and the NIST Software Supply Chain Security Guidance with regards to third-party software in agency information systems. This applies to software developed or modified by major changes after September 14, 2022, regardless of whether the software is a commercial product or COTS item.

How does this impact your business?

Read more of this post

Four SLED contracts to build out your sales toolbox

By Jessica Wilhelm, SLED Contracts Specialist

If your company is selling IT products or services to the state, local and education (SLED) market, it is extremely important to maintain and expand the statewide contracts and cooperative agreements that form the foundation of procurement at this level.

Why build out this SLED contracts toolbox?  Simply put: Ease of use. Using a SLED contract vehicle with competitive pricing and negotiated terms and conditions equals a shorter procurement process for you!

If you’re new to the SLED space, you need to know that not all contracts are a one-size-fits-all solution. Here are a few types of SLED contracts that you should have in your toolbox. Three are SLED-specific; one allows SLED organizations to make use of federal vehicles. Here’s what you need to know.

Read more of this post

Turn year-end disappointments into successful pursuits

By Kevin P. Young, Principal Market Intelligence Analyst

As we come into the last six weeks of the fiscal year, there are high expectations that the deals in your pipeline will come in before the clock strikes midnight on September 30. While many deals will undoubtedly come in – including an occasional bluebird or two — there will be some disappointments as well.

For the deals that did not come in, there’s also going to be a lot of after-the-fact analysis of why you did not win. Here are some of the most common reasons deals DO NOT come in:

  • You did not have a clear understanding of the client’s requirements and issues
  • Your technical solution was not a good fit
  • Your pricing was not competitive
  • You did not have strong relationships with the (1) key decision maker and/or influencer, (2) program office and/or (3) contracting officer
  • You assumed your potential client’s stakeholders were predisposed to YOU as “neutral” or “positive

What can you do better in the next fiscal year – besides righting the obvious alluded to above?

Read more of this post

Small businesses make headway in government: Are you properly registered?

By Kevin P. Young, Consulting Market Analyst

There’s good news for small business federal government contractors in the recent announcement from the U.S. Small Business Administration (SBA) that the Biden-Harris Administration exceeded its small business federal contracting goal in 2021. According to the SBA, the administration awarded 27.2 percent, or $154.2 billion, in new contract dollars to small businesses – an increase of $8 billion increase from 2020.

The SBA has a goal of 23 percent to 26 percent of all System for Award Management (SAM)-registered federal procurements be targeted for small businesses – direct, via prime contractors and via procurement vehicles/channels.

Although the news is good and, despite the overall increase in the dollar value of small business awards, the absolute number of small businesses receiving prime contracts with the federal government decreased again in FY21.

Read more of this post

New to federal sales? What you need to know about our GSA MAS contract extension

By Gina Brown, Federal Contracts Manager

EC America was recently awarded a GSA contract extension for GS-35F-0511T. The award grants five additional years on this extremely valuable procurement contract, which now expires June 26, 2027.

The GSA MAS contract is one of the largest and most widely used government procurement vehicles, generating over $19 billion for the Information Technology “large” category every year. The contract is open to all federal agencies as well as to state and local government agencies.

What is GSA MAS?

The GSA MAS is an IDIQ (Indefinite Delivery Indefinite Quality) government-wide, 20-year-long contract that provides government buyers access to commercial products, services and solutions at pre-negotiated pricing. Many state and local agencies look to GSA MAS as their vehicle of choice or as a base contract to govern their own vehicles. Federal agencies may also use the GSA MAS as a foundation to establish Blanket Purchase Agreements (BPAs) for repetitive requirements for supplies or services.

Why is this important to our channel partners and suppliers?

Read more of this post

The Fed’s EDR focus will unlock opportunities in cyber defense

By Amanda Mull, Contract Specialist

The cybersecurity of the federal government is constantly under attack.  A recent FISMA report from the Office of Management and Budget noted that in FY2020, agencies reported 30,819 cybersecurity incidents to the U.S. Computer Emergency Readiness Team. The variety of attack vectors continues to evolve, creating a dynamic threat landscape.

The government is addressing this challenge by mandating Endpoint Detection and Response (EDR) tools. Companies that can offer these tools and capabilities will be well-positioned to build their federal customer portfolio.

EDR is an integrated security solution that detects threats by combining real-time continuous monitoring and collection of endpoint data with rules-based automated responses and analysis capabilities. The data collected helps determine system security. Evaluation and machine analysis of the data provides coordinated detection of threats and conditions that elicit programmed responses, including follow up via human notifications and further actions to mitigate any potential or actual threats. 

EDR initiatives and Approved Product listing

On January 10, the Cybersecurity and Infrastructure Security Agency announced an expanded and revised EDR technical capability definition and new requirements for adding EDR items to the Department of Homeland Security’s Continuous Diagnostics and Mitigation Program’s Approved Product List.

The federal EDR initiative includes a CISA dashboard to record data collected from all federal executive agency and department information systems. The dashboard metrics are intended to provide an overall federal cyber threat analysis. OMB and other federal actors plan to use the dashboard metrics to evaluate vulnerabilities and make budgetary decisions to fund cybersecurity improvements.

Agency EDR responsibilities and FISMA updating

Expectations for agency engagement are high. EDR implementation is mandated, and agencies must continue to develop and mature their EDR solutions – along with continued reporting of endpoint data to the coordinated CISA federal dashboard.

Read more of this post

GSA planning government-wide cloud BPA: What you need to know

By Adam Hyman, Director, Government Programs

Over the past couple years, immixGroup has tracked discussion about the General Services Administration putting together yet a new acquisition vehicle — this time around for cloud solutions. That initial chatter may now become reality.

In 2019, GSA released an RFI seeking industry input on providing cloud products and services in creative solution bundles, to better help customers with their business/technology needs and to save the government money.

This past October, GSA released another RFI related to cloud, making its intent clearer: GSA intends to establish a government-wide, Multiple Award Blanket Purchase Agreement using the following Special Item Numbers (SINs):

Read more of this post

CMMC 2.0 streamlines requirements for contractors

By Hollie Kapos, Corporate Counsel

In September 2020, DoD published an interim rule to implement CMMC, which became effective November 30, 2020. The DoD received over 850 public comments in response, citing concerns with cost, trust in the assessment ecosystem, and alignment to other federal requirements.

Accordingly, it began an internal assessment of CMMC policy and implementation and, as a result, DoD has just announced CMMC 2.0, which makes several substantial changes from the original model.

Levels streamlined in CMMC 2.0

Levels 2 and 4 have been removed, so there are now only three instead of five levels of compliance as follows:

  • CMMC Level 1, Foundational – Requires implementation of the 17 controls from NIST SP 800-171 enumerated in FAR 52.204-21 and submission of an annual self-assessment to the DoD through the Supplier Performance Risk System (SPRS).  
  • CMMC Level 2, Advanced – Requires implementation of the 110 controls in NIST SP 800-171 and submission of an annual self-assessment or, if required to handle “critical national security information” (currently undefined), a triennial independent assessment performed by a CMMC Third Party Assessment Organization (C3PAO). 
  • CMMC Level 3, Expert – Requires implementation of the 110 controls in NIST SP 800-171 and a subset of controls from NIST SP 800-172 and a triennial government-led assessment. Requirements for level 3 are still being developed.
Read more of this post
%d bloggers like this: