2020 Federal Contracts: A Busy Year for New Regulations and Initiatives

By Hollie Kapos, Corporate Counsel

With all that happened in 2020, it was easy to miss some of the new regulations and initiatives impacting government contractors. This blog summarizes the key updates immixGroup has been tracking that are particularly relevant to commercial item contracting.

January-Current

GSA MAS Consolidation. Twenty-four former GSA Schedules, each for different supplies and services, were consolidated into a single schedule. We started the year in Phase II of the GSA MAS Consolidation, which was the process of updating terms and conditions to reflect the new solicitation. Phase II was completed in July, with 99% of contractors signing the mass modification. Under Phase III, which began in August, multiple vendor contracts will be consolidated into single contracts. Read more of this post

CMMC Interim Rule Includes New Compliance Requirements

By Hollie Kapos, Corporate Counsel

You never know what surprises will pop up in the last few days of the government’s fiscal year, and this year there was a big one with the Interim Rule implementing DOD’s Cybersecurity Maturity Model Certification (CMMC).

The Interim Rule (“IR”), published on September 29, 2020 and effective as of November 30, 2020, adds the widely anticipated new DFARS clause for inclusion in DOD contracts implementing CMMC: 252.204-7021 (Contractor Compliance with the Cybersecurity Maturity Model Certification Level Requirement). No surprise there.

But, the IR unexpectedly came with two additional clauses, DFARS 252.204-7019 (Notice of NIST SP 800-171 DOD Assessment Requirements) and DFARS 252.204-7020 (NIST SP 800-171 DOD Assessment Requirements), which require the immediate attention of federal contractors and their subs.  Read more of this post

GSA’s VPP: Why You Should Care

By Tara Franzonello, GSA Programs Consultant

GSA is beginning Phase I of its Verified Products Portal (VPP), targeting OEMs and wholesalers, with a goal to have the portal up and running in 2021. Why should OEMs, distributors or resellers care? Simple: If you don’t do VPP right, you could cause problems both for you and your supply chain.

The VPP is intended to host authoritative product content — standardized manufacturer names and part numbers, for example – to improve GSA’s supply chain risk management, as well as the customer experience. This information ideally would be provided directly by OEMs, although resellers and distributors can also create VPP profiles.

Besides product specifications, the VPP will accommodate other information such as photos and pricing data. OEMs will be able to use the portal to authorize and deauthorize products and resellers in real-time, which could eliminate the need for resellers to provide letters of supply.  Read more of this post

CMMC – Will the COTS Exception Apply to Me?

By Jeff Ellinport, Division Counsel

CMMC, DOD’s Capability Maturity Model Certification, will require almost all government contractors doing business with the Department of Defense to be independently certified by a third party as meeting one of five cyber security standards. This requirement will apply to every link in the government’s supply chain – including OEMs, distributors and resellers.

To the relief of many contractors, DOD updated its CMMC FAQs a few months ago to provide this exception (the only one so far): CMMC certification will not be required for companies that only provide commercial off-the-shelf (COTS) items. 

Under NIST SP 800-161, COTS is defined as “Software and hardware that already exists and is available from commercial sources.” Under FAR 2.101, COTS means any item of supply, other than real property, that is: Read more of this post

Getting Started With OTAs (Part 2 of 2)

By Troy Fortune, VP and General Manager

In my previous blog I talked about how OTAs can offer real advantages to both government agencies and suppliers. This blog provides more information about the types of OTAs and when they should be used. We also provide tips on how to assist your potential customers in the process.

There are three categories of OTAs and it’s important for you to know how and when they’re used.

  1. Research OTAs (also known as “original” or science and technology OTAs) are for basic, applied and advanced research projects. These OTs are intended to spur dual-use research and development. Companies can take advantage of economies of scale without the burden of government regulatory overhead.
  2. Prototype OTAs are authorized for acquiring prototype capabilities and allowing those prototypes to transition into Production OTAs. Both dual-use and defense-specific projects are encouraged. Successful Prototype OTAs streamline the transition into follow-on production without competition. They also reduce the possibility of a future protest.
  3. Production OTAs are authorized as noncompetitive, follow-on OTAs to a Prototype OT agreement that was competitively awarded and successfully completed. Under this statute, advanced consideration is required, and notice is to be made of the potential for a project to go into production.

Read more of this post

Getting Started With OTAs (Part 1 of 2)

By Troy Fortune, VP and General Manager

An OTA (Other Transaction Authority) can be a powerful alternative to a traditional contract vehicle. OTAs have been in use for years but they have become more popular since Congress relaxed rules and restrictions. In fact, Bloomberg reports that government spending on OTAs increased almost eight-fold from FY15-FY19, from $1B to $7.8B. This includes all OTAs, not just for information technology solutions.

OTAs can provide a rapid way to deliver solutions the government needs. This can be an especially valuable tool for government to acquire technology from companies that may offer cutting edge or emerging technologies but are not set up to do business with the government.

The speed with which OTAs can be executed is a real benefit. On its website, DOD cited  the example of how the Air Mobility Command was able to “take a requirement and turn it into a product in just 95 days, when the process might normally take more than a year to complete.”

Many of our suppliers have asked for our help in understanding how OTAs work and how to navigate the process. Here is some basic information to get you thinking about whether or not this might be something your company should pursue. Read more of this post

DOD ESI BPAs: What CETA Is and Why It Is Important

By Derek Giarratana, Supplier Manager

Many of you are familiar with DOD ESI BPAs, but you’re probably not as familiar with the CETA designation and what it means.

Only one vendor has received the CETA designation thus far. Recently, the Navy PEO-EIS designated the Tanium DOD ESI BPA, held by immixGroup, as the first DOD Core Enterprise Technology Agreement (CETA). The CETA designation means that this purchasing vehicle is mandatory for all DOD customers who want to procure Tanium products and services.

DOD Enterprise Software Initiative

Before we dive into CETA and what it means for DOD procurement, let’s briefly talk about the DOD ESI program, managed by the PMW 290 Project Office. Read more of this post

If You Want to be Successful in SLED, the Right Contracts Are a Must

By Rachel Eckert, SLED Manager

State and local governments buy a wide variety of goods and services – from food stuffs and linens to police radios and technology. They also buy large volumes of goods and services, which could present a financial risk if they’re not purchased from a reputable source at a fair price. That’s why competitively bid contracts are essential to both government and vendors.

Government Benefits From Competitively Bid Contracts

To guarantee that the state or local government is getting the best value and a fair price, state and local governments leverage a competitive process to determine the vendor(s) who best meet this criteria. This competitive process results in one or more awarded contracts that specify what the government may purchase, from whom they can purchase and a guaranteed maximum price. This reduces the overall risk for the government – something extremely important to ensure their continued ability to serve their citizens. Read more of this post

GSA and Consumption-Based Cloud Pricing … Stay Tuned!

By Tara Franzonello, GSA Programs Consultant

The consumption-based approach is already widely used in the private sector and GSA hopes to leverage a similar model to recognize the same efficiencies, increase cyber security, foster competition and provide cost savings and transparency — benefits that are being realized today by commercial companies.

Cloud computing is offered in various models (i.e. consumption-based with not to exceed ceiling, subscription based, on-demand, per-use-based, tier-based) as well as pay-as-you go and fixed price combinations in the private sector. Each has its own advantages based on the customer’s specific needs (environment, consumption usage, usage term, etc.). The ideal procurement path for consumption-based cloud computing would provide agencies with a flexibility across both funding and consumption models that promotes cost efficiency and private sector best practices.  Read more of this post

If You Sell to DOD, Pay Attention to CMMC

By Troy Fortune, Vice President & General Manager

You’ve probably heard that the Department of Defense (DOD) recently released the official version 1.0 of its new Cybersecurity Maturity Model Certification (CMMC 1.0).

This is one of the hottest topics in government contracting right now and immixGroup is following developments very closely. And, it will affect everyone in our industry who sells to DOD – resellers, distributors and OEMs. 

As a quick refresher, this is a cybersecurity standard that all contractors must meet if they want to do business with DOD. As we’ve discussed before in a previous blog, the standards themselves are taken from existing ones. With CMMC 1.0, we now have more clarity on what the 5 levels of CMMC entail: Read more of this post

%d bloggers like this: