Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The decision by the Department of Health and Human Services to shut down the Program Support Center’s assisted acquisition services isn’t just hurting agency customers during one of the busiest fourth quarters in recent memory. HHS now says it cannot transfer existing contracts back to customer agencies and that decision will reverberate over the next year. It will cause agencies to  waste money and resources, and in the best of circumstances, the inability to transfer contracts is inconvenient, and in the worst case scenario, it will cause mission degradation.

What’s maybe worse than PSC’s untimely decision is its lack of communication, and some will say honesty, about the current situation.

Industry and agency sources said PSC has all but shut down communication with its customers.

If you email Melissa McAbee, PSC’s acting head of contracting activity, you receive an automatic response detailing the current situation.

“Due to the volume of calls/emails from non-DoD and DoD customers, PSC is currently unable to respond to individual requests for information. PSC is prioritizing communication by date of expiration of the current contract period of performance for each affected agency. PSC assisted acquisition contracting officers are not authorized to schedule calls or release documents from contract files,” the email states.

So as agencies enter the last six weeks of fiscal year 2019 and the pressure mounts to spend annual money before Sept. 30, PSC, which helps agencies spent more than $1 billion a year for agencies including the Defense Department, the Environmental Protection Agency and many others, has basically gone silent.

HHS announced in June PSC would immediately cease providing any assisted acquisition services because it didn’t have the policies, procedures and internal controls to continue to provide these functions.

One source in an agency that is a customer of PSC said they haven’t heard from anyone since June despite having active procurements with the organization.

The source, who requested anonymity in order to talk to the press, said they tried to reach out by email and phone, but received no response.

Existing contracts will expire

Agencies and vendors alike are in limbo about the status of current awarded contracts and those that are far along in the procurement process.

“We’ve had additional conversations with our member companies and we are doing what we can to help them navigate the situation,” said Alan Chvotkin, executive vice president and senior counsel for the Professional Services Council, an industry association. “Agencies themselves are not getting great feedback or support from PSC. There are some stonewalls there too. Maybe people are on vacation or unavailable, but there is still a lot of unknown information and I’m concerned. The area that is most concerning is the evaluations that are underway within PSC which have not been completed in a timely manner before end of the fiscal year. That is the most immediate impact vendors are worried about.”

McAbee’s email also says, “Existing PSC contracts/orders will expire by their terms at the end of the current period of performance.”

A HHS spokesperson said PSC is in touch with its customers.

“PSC is working with customer agencies independently to support their mission needs,” the spokesperson said. “PSC has taken the position that it is in the best interest of all parties to conduct an orderly phase out of this line of business.”

A source familiar with PSC said the idea that HHS is performing an orderly phase out is ridiculous.

“This is the very definition of a disorderly phase out. This Orwellian rhetoric would be entertaining, if the impact wasn’t so devastating to PSC’s government customers and their missions,” the source said.

And it seems McAbee’s email supports growing concerns about just how “orderly” this phase out is.

McAbee said PSC determined that it doesn’t “have the policies, procedures, and internal controls in place to support the transfer of PSC contracts to non-HHS agencies.”

This means any current procurement will end, no matter how many option years are left. So if PSC awarded a contract in March on behalf of a customer agency that is for one year with four one-year options, the customer agency now has to recompete that contract that they just spent 9-12 months working to get it awarded.

Sources say transferring existing contracts from one warranted contracting officer to another is normally not that difficult. It’s just a matter of re-delegating authorities.

“The bigger challenge is the option period because administrative contracting officer doesn’t have the authority to exercise an option, which is essentially a new contract,” Chvotkin said. “So if PSC goes out of business and I don’t know if another contracting officer outside of HHS could exercise that option. It’s a wrinkle I’ve not run across.”

HHS doesn’t have transfer authority

At the same time, the HHS spokesperson continues to push an alternate narrative. When asked to further explain McAbee’s email, the spokesperson said in an email, “Many but not all of the PSC customers have acquisition offices within their respective agencies. PSC is providing contact information for other acquisition shared service providers when appropriate.”

When asked how HHS’ claim that it’s working with agency customer contracting offices matches up with McAbee’s email that they can’t transfer contracts, the spokesperson said, “Ms. McAbee’s email corresponds appropriately as PSC is working with customers that have acquisition offices to transfer contracts and is providing contact information for other acquisition shared services providers when appropriate.”

Sources said the HHS General Counsel determined that PSC didn’t have the authority to accept assisted acquisition work and/or accept funds associated with those contracts in the first place and that is the reason it can’t transfer contracts back to other agencies. Again, this ruling comes despite nearly 25 years of providing shared services in one form or another, and decades of clean audits.

The HHS spokesperson offered no insight into the General Counsel’s decision, saying only, “PSC’s review is ongoing. All appropriate divisions are involved. PSC’s review is focused on improving compliance, accountability and customer satisfaction.”

Part of the issue with HHS’s  determination is not that PSC will no longer offer assisted acquisition services, it’s been the poor communication and the lack of understanding of how to carry the decision out in a way that doesn’t overtly effect agency missions and contractors.

Source said HHS built its decision around several potential problems that so far have turned out to be untrue.

The internal controls around the form DD-254 required to perform classified work, for example, became hallow when internal auditors found PSC didn’t do any classified work.

Another potential issue was a “missing” $40 million from the acquisition supply fund, which is the revolving bank account PSC uses to accept agency fees and pay for its people and activities.

That reason also fell part and initially was the reason HHS placed the leadership of PSC — Al Sample, Bill McCabe and Patrick Joy — on paid administrative leave.

House and Senate appropriations committees’ spokespeople said they had not heard from HHS about the “missing” $40 million.

Sources said the “missing” funds had to do with the new leadership — Scott Rowell, the assistant secretary for administration, and former principal deputy assistant secretary Catherine Bird — lacking the understanding of how the acquisition supply fund works.

Sources said once the Office of Management and Budget got involved and explained how the fund works and therefore $40 million was not missing, HHS management “drummed up” this national security concern.

The HHS spokesperson said the agency is conducting a review of its financial systems and processes to improve operations and strengthen transparency.

“This is part of a larger process improvement effort across PSC and we have reached no conclusion that government funds are missing or have been misused,” the spokesperson said.

Review of HHS processes complete?

The HHS spokesperson also wouldn’t offer any details on what Federal Acquisition Regulations or Defense FAR rules they violated that led them to the decision to stop offering services because of national security concerns.

“PSC’s review is ongoing,” the spokesperson said.

But the source familiar with PSC said that is untrue and the review has been complete for more than a month, and found no violations.

The continued narrative from the spokesperson and in internal emails from James Simpson, the acting deputy assistant secretary for acquisitions in the Office of The Assistant Secretary of Administration, which Federal News Network obtained, show a serious lack of disregard for agency customers and employees.

“So while it may appear that there are a lot of changes and unknowns, there is one constant. We need to continue to provide great service to our customers. Through your leadership, we can make this happen,” Simpson wrote in an Aug. 8 email to PSC staff. “As we approach the end of the fiscal year, I encourage you to stay focused on taking care of our people and continue to provide great customer service. We must continue to properly assign work, provide detailed work analysis, and produce quality contract/procurement documents. We can make AMS a great organization by working together. It’s all about communication and teamwork. I encourage all of you to work as a team and continue to leverage each other’s skills, as we shift work around. Do not be afraid to bring issues to me; I want to solve problems and help make things better.”

One way to do that, honestly communicate with your customers and employees because the lack of transparency is startling and causing widespread harm.

“Customer Satisfaction was at an all-time high prior to the removal of Al Sample and Bill McCabe, the realignment of PSC under the assistant secretary for administration and their subsequent derelict decision to close down PSC’s Assisted Acquisition and then attempt to try and find a reason to justify it,” said the source familiar with PSC. “Note that neither in the HHS press reply nor in the PSC head of contracting activity auto-reply do they talk about classified work being performed or the DD-254.  They are intentionally vague because they have no basis and no reason to back this derelict decision and justify all of the harm they have done to the warfighter — 500 DoD contracts worth $1billion.”

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

A little over two weeks ago at an event hosted by AFFIRM, Alan Thomas, the commissioner of the Federal Acquisition Service at the General Services Administration, promised to have the acquisition strategy for a new contract writing system completed in a week or so.

Thomas’ group delivered on that promise, but the decision to move the Contract Acquisition Life-Cycle Management (CALM) system under the yet-to-be awarded IT services procurement vehicle known as COMET may have been a bit surprising.

Industry sources, who all requested anonymity in order to talk about a procurement they may be bidding on, say while in many ways it makes sense to move CALM under COMET, it’s also a decision that should’ve come more than a month ago and is a little frustrating.

Industry sources say some companies were planning on bidding on the contract writing system that could be a proof-of-concept for one that is eventually offered governmentwide. But those same companies may not have bid on the CIO Modernization and Enterprise Transformation (COMET) vehicle, but would’ve if they had known about GSA’s plan to not issue CALM as a standalone procurement or through another existing vehicle like Alliant 2.

Thomas confirmed the possibility that if successful, CALM could be expanded to other agencies during the AFFIRM event.

“I had this conversation with friends at the Office of Management and Budget. They said, ‘let’s do something for the whole government.’ I said, ‘that’d be great, but we don’t even use one thing for ourselves, and what we use is kind of old and all our folks are grumbling about it so I don’t want to sell that to somebody else,’” Thomas said. “My thought was let’s use ourselves and our 1,000 1102s [contracting officers] as the place to show how to do it and do it right, and from there, if it has applicability beyond that, great, we can talk about it. But we are not a credible provider until we are doing it ourselves.”

But GSA’s decision to compete the contract writing system on COMET makes it impossible for some vendors to bid on CALM now as a prime because the due date for proposals for COMET was early July.

GSA released the solicitation for COMET on June 18 with a goal of creating a multiple award blanket purchase agreement on top of IT schedule 70. GSA says it plans to make between 10 and 12 awards with at least 25% of them being set aside for small businesses. The BPA will ask vendors to provide a host of IT services, including operations and maintenance, cloud and the continued development and support of the acquisition systems portal called beta.SAM.gov. GSA plans to take a three-step approach to the evaluation of contractors, including an in-person technical challenge. In April, GSA issued the RFP for the first and much smaller part of COMET focused on architecture, engineering and advisory support.

GSA released a draft request for quotes for CALM on July 8, and held an industry day webinar Aug. 6 to announce its acquisition strategy.

The decision to use COMET for the contracting writing system seemed to come from the feedback GSA received on the draft request for quotes (RFQ). Responses also highlighted everything from the length of CALM — 10 years — to the need to clarify the cloud security requirements, to incorporating standards from the Unified Shared Services Management office.

Contract writing system timeline delayed

A summary of the themes that came out in the responses, which the agency gave to vendors at the webinar, said contractors were concerned about whether bidding on COMET would’ve precluded them from bidding on CALM.

“GSA stated that a shift toward utilizing the new COMET vehicle for the CALM procurement provides them the time to re-engage with industry and enable a more robust procurement,” said one industry source. “This is a great example of government taking a more holistic approach in order to more effectively plan for long-term needs.”

In the industry presentation, which Federal News Network obtained, GSA says “using COMET would reduce industry organization conflict-of-interest concerns; enable the purchase of a total solution (product and service); give CALM team more time to refine requirements and re-engage with industry on a revised draft CALM; and gives CALM a permanent home.”

GSA says CALM timeline will take 3-to-6 months longer, in part because GSA has to change the procurement to an agile task order from a blanket purchase agreement.

During the industry day webinar, GSA says it expects to award COMET in October and award CALM by winter 2020 with the first set of capabilities coming in spring 2020.

“I think it is the right move considering this is an effort to modernize their existing portfolio that is in scope for COMET. It also makes it easier for integration and also reduces overhead for GSA,” said a second industry source.

Thomas said CALM will replace the 35 to 45 different applications contracting officers use today to write and manage procurements.

“We have to have a similar core system that stores all our data and has a set of common business processes. We are working on that and it will be a big improvement for the workforce,” he said. “My tag line is there are only a few kinds of investments we can make in our people and one of them is we can put great tools in their hands. If we put great tools in their hands, they will go out and do a good job serving customers and the results will follow from there.”

CALM is expected to be one of those great tools that Thomas is referring to.

Over the next few months, GSA will send a second draft solicitation out for comment and feedback, and then finalize CALM’s acquisition strategy once it awards COMET.

Let’s hope GSA works closely with the other agencies who recently awarded contracts for contract writing systems, specifically the Navy and the Army. It’s less about using the same system and more about ensuring data and technology standards can be easily shared and integrated no matter the back-end systems.

When Judge Eric Bruggink handed down his decision on Oracle’s protest of the Defense Department’s JEDI cloud contract on July 12, many legal experts were more than mildly surprised.

And when the US Court of Federal Claims released the judge’s mostly unredacted decision 14 days later, the rationale behind the ruling in favor of the Defense Department strategy and against Oracle’s claims of conflicts of interest and arbitrary decisions didn’t quite put the case to rest.

The biggest question that still remains is what will Oracle do next, if anything? Will the Redwood City, California company file an appeal with the federal court or will they just say enough is enough?

At the same time, new Defense Secretary Mark Esper promised to take a “hard look” at the Joint Enterprise Defense Infrastructure (JEDI) program. Last Friday, DoD Chief Information Officer Dana Deasy provided more details of what those “education sessions” would look like and said the Pentagon would not award the contract until Esper completed his review.

On top of all of this, the DoD inspector general continues its review of the JEDI program, and it’s unclear if the FBI’s investigation is continuing or has ended.

With the JEDI drama far from over, Federal News Network asked legal experts to weigh in on Bruggink’s decision. Similar to our reporting when Oracle filed its initial protest with the Government Accountability Office, we asked Steve Schooner, Nash & Cibinic professor of Government Procurement Law and co-director of the Government Procurement Law Program at the George Washington University, Antonio Franco, a partner with PilieroMazza PLLC, and Charles Tiefer, a professor of government contracting at the University of Baltimore Law School, to provide some analysis.

What are your overall thoughts on the judge’s decision?

Tiefer: It’s typical of judges in the Court of Federal Claims that they don’t comment on issues that they consider moot. Standing is a high hurdle in that court. It’s problematic though that he’s not taking this as a mere challenge to the request for proposals. Instead, he seems to be rendering a final judgement even though on final judgement the judge has a relatively broad scope. He uses the narrow scope more typically found with a preliminary judgement on RFP than with a total judgement. So that is disappointing.

It does not sound like he will allow Oracle to appeal from the final award of either final bidders.

Schooner:  While there’s a certain appeal to the judge’s approach, which gives a fair amount of deference to the procuring agency and keep the wheels of government turning, it’s still a troubling read.  As someone who perceived the initial acquisition strategy as falling somewhere between flawed and risky, the opinion did little to obviate those concerns.

There’s an attractive logic — particularly for a judge — to the outcome here.  Oracle’s greatest challenge, throughout, was that it did not meet all of the solicitation’s stated requirements.  Once the judge concludes that Oracle didn’t have a realistic shot at being competitive, and thus couldn’t show prejudice and, accordingly, lacked standing, everything else in the decision is window dressing.

Given the rapid — and, let’s be frank, unpredictable — evolution of cloud computing technologies and approaches, a 10-year, sole-source relationship seems like a high-risk strategy. So, for example, it’s no surprise the judge rejected the sole source justification (even if he concluded that Oracle was in no position to gain a remedy as a result).  Moreover, the judge correctly identified the fallacy underlying a relationship based upon fixed prices for tasks that have not yet been identified. Throw the conflicts into the mix — and again, the judge did not find that the conflicts didn’t exist or the relevant players acted appropriately; he merely deferred to the contracting officer who is under enormous pressure to complete this procurement — and, well, it’s not a pretty picture.

For example, it’s not surprising that the judge found the determinations and findings inadequate. But that doesn’t matter because Oracle cannot demonstrate prejudice as a result of the flawed D&F. Some of the court’s language is eye-opening.

While DoD, no doubt, breathed a sigh of relief that the protest was denied, I can’t imagine they’re terribly happy with the decision. And I don’t expect that the folks at the Defense Acquisition University will find much to emulate in this procurement process. Among other things, as the judge explained: “The facts on which Oracle rests its conflicts of interest allegations are certainly sufficient to raise eyebrows. The contracting officer concluded that at least two DoD officials disregarded their ethical obligations by negotiating for Amazon Web Services employment while working on this procurement.” The opinion includes page-after-page detailing conflicts, which, if you didn’t know how the case came out, would lead most readers to assume that the protest would be granted. Among other things the court notes that, with regard to employment discussions during acquisition planning: “Mr. [Deap] Ubhi in fact hid relevant information and misdirected both DoD and AWS.”  Ouch. All of which is particularly frustrating because this is such a large, important, long-term, high-profile procurement.

I keep returning to this passage:

“The contracting officer is fundamentally correct: if there was a high speed train headed toward a single award decision, Mr. Ubhi was merely a passenger on that train, and certainly not the conductor. Moreover, he exited DoD prior to the substance of the evaluation factors being crafted. Although the CO correctly found the assurances in his affidavit to be untrustworthy, we ultimately agree with the substance of her conclusion that his self-promoting, fabulist and often profanity-laced descriptions of his own role were merely that.”

It’s not a pretty picture.

Franco: Overall, the Court of Federal Claim’s decision does not come as a complete surprise. The judge reasonably recognized that DoD’s justification for a single award was improper; however, Oracle’s concession that it could not satisfy minimum gate criteria 1.2, in order to be considered a viable competitor, put it at a severe disadvantage in demonstrating prejudicial error, a concession that the court could not overlook. To be successful in this protest, Oracle had to satisfy two legal standards. First, the court is to determine whether the procurement official’s decision lacked a rational basis or the procurement procedure involved a violation of a regulation or procedure. Second, if the answer is yes, then the court must determine whether or not the protester was prejudiced by said error. Because Oracle conceded on the record that it could not meet Federal Risk Authorization Management Program (FedRAMP) authorization (representing the DoD’s minimum security requirements for processing or storing DoD information) even with the court’s recognized procurement error, Oracle was not prejudiced by such error. As such, no further analysis from the court was really required, which is why this reasoning took center stage in the court’s initial two-page ruling.

If the gate criteria was not a factor in the procurement, would DoD’s failure to comply with statute requiring multiple awards be enough to have sustained the protest?

Franco: If the gate criteria were not a factor in the procurement, it is possible the court’s decision could have come down differently. Since the court found the D&F relied on an exception to 10 U.S.C. § 2304(a)(d)(3) that did not accurately reflect the structure of the JEDI cloud solicitation, the court could have also found that Oracle was prejudiced by such error. Under this scenario, Oracle’s concession to gate criteria 1.2 would be non-existent and Oracle would stand a better chance of being awarded the contract under a multiple-award scheme.

Tiefer: The outrageous single award is so contrary to the statutes on competition that it should have been enough to deceit this structure of single award contract. The agency’s rationale for single award was way off base. The agency giving a single award for 10 years of JEDI is as noxious as 10-year single award to Halliburton for $30 billion for the entire Iraq war.

Schooner: This is only conjecture at this point, but, in light of the judge’s decision, you might say it would have been more likely than not. Indeed, Judge Bruggink did a nice job articulating that all of the major players outside of DoD, other than AWS, were skeptical of the single-award approach. That’s telling.

What message does the judge’s decision on the gate criteria send about the ability to narrow protest rights using the gate approach?

Schooner: I’m hesitant to read too much into that aspect of the case. We have decades of precedent – as well as GAO bid protest regulations – that make clear that protests only provide remedies for interested parties.  I don’t think many readers will see this case as breaking new ground with regard to standing. Frankly, unless it unduly restricts competition — and, of course, the “unduly” qualifier is the critical aspect — agencies have every right to limit the competition to firms that they perceive as qualified and capable to meet their needs. Also, as a general rule, establishing pre-qualification criteria serves an important public interest, in that (generally) it discourages firms from wasting valuable bid and proposal costs pursuing business opportunities (or specific contracts) for which the government would not consider them.

Franco: The judge found the various gate criteria imposed by DoD to be enforceable, even though it was applied as part of the first step of the evaluation process. If an agency can plausibly demonstrate that its gate criteria is being used to ensure its evaluation was not wasted on offerers who could not meet the agency’s minimum needs, more agencies could begin to use such gate criteria in the first evaluation phase of future procurements.

Tiefer: For the judge to let the agency do whatever it likes with the requirements to shut out competition is like letting the agency get away with homicide with their name written on the weapon–homicide of the shut-out bidders with the agency fully taking responsibility and credit for the deed. I sure hope that other agencies don’t imitate this and usher in a dark period of awards without real competition by coming up with gate criteria that are extremely biased toward one particular bidder.

It seems like the agency in slanting the award toward Amazon looks like it’s headed for a train wreck with the White House interfering against Amazon.

Does Oracle have any next move? If so, what is it?

Franco: Oracle may have a leg to stand on as a result of the Court’s determination that the D&F relied on an exception that did not accurately reflect the structure of the JEDI cloud solicitation. Although the Court ultimately found Oracle could not demonstrate prejudice as a result of the flawed D&F, such a decision recognizing an inconsistency in the solicitation could form the basis for Oracle to appeal to the Court of Appeals for the Federal Circuit.

Schooner: Other than lobbying or, of course, getting President Donald Trump to intervene, it looks like Oracle’s protest has run its course. Frankly, I think that’s a shame. While I’m disinclined to suggest that Oracle was the right horse for DoD to ride on this endeavor, my sense is that Oracle’s relentless pressure, and their attorneys’ cogent and compelling advocacy, performed a public service in exposing what is, ultimately, a much messier procurement than we’d like to see.

The related question, of course, is whether the judge opened the door for a challenge from Microsoft [if they lose the contract to AWS], particularly on the single-award issue. We can’t know if he intended to do so, but I read the decision to all but beg Microsoft to enter the fray to force DoD’s hand to expand towards a multiple-award outcome, consistent with Congress’ clear preference.

While I’m deeply troubled by President Trump’s involvement in this procurement, given his long-term, fully transparent animus towards the apparent awardee and his demonstrated practice of acting on instinct rather than in-depth knowledge of relevant details, this may be a rare example of bad behavior leading to a positive result.

While DoD survived the protest, the judge’s lengthy decision made clear that the procurement process left much to be desired, both with regard to an inordinate number of conflicts of interest — I’ll stop there, but the judge’s deference to the contracting officer was as disappointing as it was unusual — and a highly controversial and, to my mind, deeply flawed, acquisition strategy.

Tiefer: This judgement is the death knell for Oracle’s protest at the trial court level. They can take it up to the federal circuit. It’s largely, if not completely, a question of law that is fit for appellate scrutiny. Oracle shouldn’t have to lie down on the ground in a coma waiting until the protest of the final award to Amazon or Microsoft. There have been appeals even in a less striking case. There are opportunities to appeal from an initial RFP that knocked out a potential bidder. I think the federal circuit would take this appellate responsibility and jurisdiction.

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The Defense Department tried to set the record straight about its controversial cloud computing initiative called JEDI. But Dana Deasy, DoD chief information officer, may have hit upon what could be another sticking point for the Joint Enterprise Defense Infrastructure (JEDI).

And with the review by Defense Sec. Mark Esper about to begin, the future of this program continues to be in question.

During an Aug. 9 press briefing at the Pentagon, Deasy reiterated and emphasized many of the same points he and other DoD officials have made over the last 18 months. DoD will continue to have multiple clouds as it’s already spending more than $500 million a year on this technology; JEDI is not guaranteed to be worth $10 billion, and could be worth as little as $1 million over two years; and JEDI is a “pathfinder” for DoD to build an integrated infrastructure of the future.

To that end, DoD released an updated enterprise cloud fact sheet to help dispel some of what they call the myths and false narratives

Deasy, however, may have caused more confusion about why JEDI matters. As mentioned before, he said having an enterprise cloud will make it easier to get warfighter capabilities and end the current disconnected, siloed approach.

“The enterprise cloud is trying to solve the fact that today we cannot give the warfighter the data they need on the battlefield in an integrated way [or give them] updated application capability in real time,” Deasy said during the briefing, which Federal News Network obtained a recording of after being excluded from the roundtable. “We have to learn how to do that. This is not going to be the only cloud we will have across the Department of Defense. We will always have a number of clouds, but to do enterprise cloud at scale, all the way out to the disconnected warfighter…we have to learn how to integrate that. Then, over time we will bring more and more cloud providers into that.”

At the same time, Deasy said the cloud is not the real benefit of JEDI.

“It’s what you put on top of a cloud that really matters. And the fact that we will be able to build applications in a more consistent way, we will now have a methodology and a roadmap by having an enterprise cloud to build it from,” he said. “The fact that you will build applications differently means we can secure them in very different way versus the multitude of ways we build applications today in a disparate number of clouds. I don’t want that to get lost in this narrative as well.”

Apps standards needed

And it’s those comments that may create more confusion across industry and DoD.

Experts say if it’s really all about the applications for DoD, then the infrastructure doesn’t matter. It’s a matter of using good software development practices like agile or DevOps and containers that can be easily moved across infrastructure platforms and connected through application programming interfaces (APIs) to ensure data is easily shared.

In a sense, it’s not about standardizing on the platform, but getting servicemen and women and contractors to standardize on their development methodologies and techniques.

Deasy, however, continued to highlight the importance of starting with the one cloud approach and then expanding over time.

“We will have a multitude of clouds. What we are trying to describe today….think about the complexity of what it will take when we bring in the first cloud provider to set up the unclassified, the classified, the top secret, the continental United States (CONUS), OCONUS, forward base disconnected warfighter. Think about the complexity of setting that up,” he said. “We’ve got to learn how to do that with somebody. It doesn’t end there. It doesn’t mean we are going to end up with a single cloud provider. That is why I have stressed a two-year break, with a three-year extension. That was done by intentional design. As we learn how to do this, then we can start to bring in additional cloud providers.”

Again, that concept may cause more consternation in industry. As one industry source said, the reason why the fight for JEDI is so heated is because DoD’s appetite for infrastructure-as-a-service always will increase. DoD will need more compute, more storage and want to put more applications on JEDI. So being a first mover is a huge advantage for the winning company.

In many ways, Deasy confirmed the benefit of first-mover status. He said the services and agencies are under a cloud-first mandate for all new development.

“It could be JEDI or it could be a unique environment based on the requirements of the warfighter,” he said.

He added that services and agencies should not just lift-and-shift legacy systems into the cloud but determine which current applications are the best candidates.

“We will look at things such as natural breakpoints in the technology, where you are doing to upgrades on the infrastructure. We will have a methodology of how you go through and select the appropriate applications to re-port to the cloud,” he said.

Educating Esper

The future of cloud is clear for DoD, but the future of JEDI remains murky.

Deasy said his office will lead the review effort for the secretary. He didn’t say how long it will take, but the JEDI award will not happen before the review is finished.

Deasy confirmed that while there is no delay in the source selection process and technical evaluation of the two finalists — Microsoft and Amazon Web Services — he said the award likely will not happen in August like DoD had initially hoped for.

“Our job right now is to educate the secretary as to why we need a cloud. In doing so, we will make it very clear as to what it means to the warfighter and what it means to say efficiencies across the Pentagon. In having that conversation, he will have a good understanding of what are the consequences honestly if we were to make a decision not to continue with JEDI,” Deasy said. “What we will do over the next several weeks is we are actually going to bring people in to these sessions. We will bring warfighters in. We will bring the military services in. We will bring combatant command participants in, for example, U.S. Cyber Command, and we will bring technical and legal experts in as well. Part of the education is to make it real world so we will be bringing people in who can talk about real work implications and the importance of cloud. That’s how we will bring it to life for him.”

Deasy said the education sessions will be iterative starting broad and getting more specific. He also expects Esper to ask questions and provide his office with action items based on the sessions.

“We will get into a deep conversation of what are the activities we are trying to solve for? What are the activities we are trying to solve for? What are the urgencies around this? How does this support the warfighter? What are the security implications? How does this help from a security standpoint? What are the securities from a commercial cloud standpoint, etc.?” he said. “Then we will have follow on sessions around how JEDI fits into a much larger overall DoD enterprise cloud strategy. We will explain to him what is the overall strategy for DoD when it comes to enterprise cloud. And where does JEDI fit into the much larger strategy?”

Deasy added another session will dive deeper into how DoD developed the JEDI program, including who was involved, considerations when developing the request for proposals and selection criteria, and other facets of the initiative.

“He needs this because he honestly has a role to weigh into the overall direction of this program and for him to be able to do that, he needs to first go through a series of deep education sessions,” he said. “At end of this process, he will obviously be at a point and in the position to weigh in with his thoughts and views on this. We will need to incorporate his thoughts and views at that time.”

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

Now that the Court of Federal Claims ruled against Oracle in its protest of the Defense Department’s cloud computing contract known as JEDI, the battle has moved to the legislative and executive branches of government.

Since the July 12 decision, we’ve seen President Donald Trump weigh in on the Joint Enterprise Defense Infrastructure cloud procurement that could be worth $10 billion over 10 years. Trump said July 18 that he was “getting tremendous complaints about the contract with the Pentagon and with Amazon.”

He also said when he was asked about the matter during an Oval Office appearance with the Dutch prime minister, “They’re saying it wasn’t competitively bid. We’re looking at it very seriously. It’s a very big contract, one of the biggest ever given having to do with the cloud and having to do with a lot of other things.”

We’ve seen the newly minted Defense Secretary Mark Esper answer a question during his first meeting with the press:

QUESTION: The president has said he’s thinking about asking the Pentagon to look into the JEDI Cloud competition. I know you’ve only been here for a few hours but has the Pentagon had any discussions with the White House about looking into that program? He’s said he’s received, you know, some complaints from several companies.

SEC. ESPER: I’ve heard from everybody about the — the JEDI contract and that’s one of the things I want to take a hard look at.

We’ve seen a rising debate on Capitol Hill with four members of the House Armed Services Committee writing to the President telling not to intervene, and then 12 other House lawmakers and at least one Senator writing to the White House telling them to step in.

And just to add more fuel to the JEDI fire, the IT Acquisition Advisory Council (IT-AAC) released a report signed by former DoD and civilian IT executives detailing for the first time the disconnect between the solicitation and the Pentagon’s cloud strategy, the Office of Management and Budget’s Cloud Smart strategy and commercial best practices.

Tony Scott, the former federal CIO, Steve Cooper, the former Commerce and FAA CIO, John Grimes, the former DoD CIO and several other retired executive say DoD should rescind and revive JEDI’s request for proposals or create significant risk to both military data and warfighters.

More complex than anyone imagined

Basically, welcome to Act 3 of the JEDI saga.

“Other than KC-46 tanker, when you think of perceived winner take all procurement, this is biggest one that I’ve seen that I can recall over last 20 years,” said Stan Soloway, a former DoD acquisition executive and now CEO of Celero Strategies, LLC. “I’m not surprised that there has been lot of drama because of the stakes involved, but I’m a bit surprised by nature of drama. I was never overly concerned about the conflict of interest issues. It was more about optics than actual violations. The optics are not good, but it didn’t appear they did anything wrong. As you get into technical requirements, there is more complexity to this story than many of us realized.”

Soloway called the entire procurement “messy,” to say the least.

The Defense Department is still scheduled to choose Amazon Web Services or Microsoft in mid-August as the winner of JEDI. But that will not end the drama either as another round of protests by the losing bidder is possible, and congressional scrutiny could increase through the 2020 defense authorization bill that includes provisions restricting how fast DoD can move out with JEDI.

Industry experts say there is a lot at stake for AWS and Microsoft because should JEDI get through all the remaining hurdles, the winner will have a contract that is expected to grow in terms of use year-over-year. The military services and Defense agencies will put more applications and need more storage on the infrastructure-or platform-as-a-service, and need more artificial intelligence and machine learning capabilities.

This is one major reason why JEDI has been subject to so much drama and scrutiny, experts say the value of being first in is huge.

“I’m extremely surprised this contract has not gone back and been recompeted. Most contracts that have come under far less scrutiny than this one have been brought back by agencies to cross the ‘Ts’ and dot the ‘Is,’” said Trey Hodgkins, CEO of Hodgkins Consulting and a former senior vice president of IT Alliance for Public Sector. “The department certainly held fast for this one.”

Disconnect between strategy, JEDI

Solway said that is another big difference between this procurement and so many others, DoD has been unwavering in its strategy.

“I think this was a procurement that was being advocated, not necessarily inappropriately, by one community and perpetuated by the CIO’s office and executed by another one, the contracting,” he said. “And this other group [Defense Digital Service] is influential and had leadership support behind it. It’s an interesting study about how multiple communities in government can be so disconnected despite having similar goals.”

That disconnect came through in the IT-AAC report.

John Weiler, the executive director of the consortium and an outspoken critic of DoD’s approach to JEDI, said the goal was to show there was no “connective tissue” among JEDI and government and commercial best practices.

“Our goal is to get everyone out of the political debate around conflicts of interest and lobbying, and focus on the essence of what DoD is buying and the consequence of turning so much of their data over to commercial cloud provider,” Weiler said. “We want to stop with the hype and ask if this is really something we should do.”

The report highlights 10 reasons why JEDI and the DoD, OMB and commercial best practices are at odds, ranging from security to private sector innovation to cross-platform interoperability.

“The DoD Cloud Strategy has set the vision for IT modernization and made the move to the cloud clear,” the report states. “Yet the JEDI RFP undermines the entire strategy by limiting access to innovation; requiring a static cloud environment without on-ramps for new providers and technologies; and failing to recognize the role of software-as-a-service (SaaS).”

Hodgkins said highlighting this disconnect may have a bigger impact on JEDI than most people would think.

“For some it’s more fuel for the fire and that’s the way it will be used. But it points out a legitimate disconnect between policy and guidance from CIO’s office and the contract the CIO’s office is marshalling,” he said. “So the question is how does JEDI fit into DoD’s strategy? The report drew attention to that question.”

Weiler said IT-AAC’s objective was just that, draw attention to the fact JEDI doesn’t reflect the CIO’s or any other documented approach and get away from the “cloud as a shiny object” syndrome.

The General Services Administration’s inspector general came down hard on McKinsey and Company in a recent audit. It recommended that the Federal Acquisition Service cancel McKinsey’s IT and professional support services schedule contracts.

That’s right, FAS should just pull the plug and tell McKinsey to start over.

“McKinsey refused to provide the records required to complete the pre-award audit; therefore, the audit report advised the contracting officer to obtain the necessary information or cancel the contract. However, instead of addressing the contractor’s lack of cooperation during the pre-award audit, a Federal Acquisition Service (FAS) division director (Division Director) removed the contracting officer from the contract negotiations and awarded the contract pricing with rates that were at least 10 percent higher than those originally proposed,” the July 23 IG report states.

The problems with the schedule contracts may be more about GSA and less about McKinsey, but the recommendation to just cancel schedule contracts is stunning. Several industry observers say they can’t remember a time that a vendor wasn’t suspended or debarred that auditors came down hard on a contractor.

“It is not a common recommendation,” said Trey Hodgkins, CEO of Hodgkins Consulting and a former senior vice president of IT Alliance for Public Sector. “Usually the IG tells the agency to take some other remedial action. The question that I have is, what’s going with division director GSA?”

Another good question because the IG just made far less punitive recommendations for the division director, who seemed to be the real wrongdoer here.

The auditor suggested GSA decide whether the division director should be involved in future negotiations with McKinsey — seems like an obvious bad idea — and add more controls to ensure contracting officers remain independent and take appropriate actions to address the Washington Branch chief’s actions. Again what those actions are unclear.

If you look at FAS Commissioner Alan Thomas’s response to the audit, it’s among the most detailed you will see in these reports.

“FAS will immediately pursue a bilateral contract modification to prevent placement of new orders while FAS attempts to negotiate better pricing,” FAS stated. “FAS strongly considered the OIG’s recommendation to cancel the contract, however, we decided to pursue the bilateral contract negotiation and better pricing for three reasons: first, it protects taxpayers by immediately stopping any new work under the contract; second, it allows agencies to continue to perform mission critical work; and third, it affords FAS the opportunity to negotiate better pricing with a contractor that works with agencies across the government.”

Thomas said if McKinsey does not accept bilateral contract modification or renegotiation, then GSA will cancel the contracts.

Thomas said cancelling the contract immediately doesn’t give them any of these benefits and could hurt agency missions. GSA also is bringing in a new contracting staff to handle the renegotiations and the division director is no longer working for GSA.

McKinsey didn’t have much to say about the IG’s audit or recommendations.

“We have received the OIG’s report and are in discussions with GSA,” a company spokesman said in a statement to Federal News Network.

“I do think GSA had reasonable solution for the problem,” Hodgkins said.

Commercial vs. government practices

Several federal procurement experts questioned whether auditors are considering the way McKinsey and other similar companies sell services in the commercial sector when performing the oversight.

Christoph Mlinarchik, a government contracts expert and owner of ChristophLLC.com, said it’s clear agencies are trying to juggle the conflicting priorities of keeping prices down and adhering to commercial practices.

“Due to McKinsey’s sterling reputation, it commands higher prices — that’s the reality of the consulting market. If McKinsey uses a weekly team rate instead of individual hourly rates, there are many federal clients who will pay the premium and play ball with flexible contract structure to secure a top-tier consulting firm like McKinsey,” he said. “After this IG report, maybe it just won’t be in the form of a GSA Schedule contract order.”

Mlinarchik said the report also highlights other challenges GSA, and many other agencies, face daily — speed vs. price.

“In this case, the IG scolded GSA for focusing on timeliness and productivity (awarding contracts quickly) rather than pricing. I can tell you that many contracting shops favor speed and quantity rather than quality. They call this ‘customer service,’ which makes you question the identity of the customer,” he said. “Is the customer the government program office or the taxpayer footing the bill?”

GSA also said it’s reviewing all team-based pricing across the schedules program by the Office of Governmentwide Policy’s Procurement Management Review team, meaning it’s considered an independent review.

Do you remember the movie Major League and the way the baseball team’s skipper motivated his squad to win more games? For every win, he removed a piece of paper on a poster that eventually revealed the team owner in a skimpy outfit.

Maybe it’s an approach the General Services Administration can use for its System for Award Management or SAM.gov site. While I don’t believe GSA employees need to be motivated by a revealing photo of any person, maybe the staff and senior leaders could use a similar tactic. Think about a countdown clock or maybe Alan Thomas, the Federal Acquisition Service’s commissioner, could offer to grow a mustache and Elvis side burns to give the group a little kick in the pants to decommission more of these legacy sites in favor of the beta.SAM.gov site more quickly.

A little more motivation is needed because of continued problems with SAM.gov and the news that the transition away from the WORST WEBSITE IN GOVERNMENT will be delayed for a fourth time to mid-November.

The latest problem with SAM.gov is around vendors getting or renewing a Commercial and Government Entity (CAGE) Code. This is a five-digit number that only federal contractors need to do business with agencies. It provides a standardized method of identifying a given legal entity at a specific location.

The Defense Logistics Agency (DLA) is responsible for providing CAGE codes to vendors, mostly through the SAM.gov portal.

So this latest problem really doesn’t have anything to do with GSA or the site, except for guilt by association, and a reminder that the archaic systems and processes remain in place.

As the federal fourth quarter buying season picks up steam, DLA reports a delay in processing CAGE Code requests. A DLA spokesman said more than one-third of all requests are taking longer than typically expected.

“The backlog is the result of an increase in 4th quarter registration requests coupled with a more deliberative security review and validation process being implemented by DLA,” the spokesman said. “Currently about 36% of registrations are above the 10 business day target, but that percentage is being reduced on a daily basis. DLA is employing overtime and is hiring additional employees to incorporate system upgrades and meet the target CAGE code processing timelines.”

An internal GSA document obtained by Federal News Network said the delay has been happening since April and is causing lags in SAM.gov registrations.

A GSA spokesperson added, “GSA is processing registrations as soon as the CAGE validations are complete and will continue to work closely with DLA and with Integrated Award Environment (IAE) governance to expedite registrations as appropriate to reduce the impact during the fourth quarter buying season.”

Bad news for new contractors

That’s all good unless you are a new contractor trying to bid on work or an organization applying for a grant.

That is the case for one organization in California.

The person who called me, who I’ll call Tammy, said they applied for a CAGE Code three weeks before the deadline of the first grant application they wanted to apply for. As the grant deadline came and went, the organization received no word from DLA.

“We talked to DLA and they said ‘there is a backlog and that’s all I can tell you. It will be processed,’” Tammy told me. “They offered no details on where we are in the process. There are specific deadlines that we had to hit and I thought we had enough time, but we missed them So we can’t apply for another year. The funds are there to be applied for and I think we qualify, and that’s why it’s frustrating.”

Tammy is not alone in her frustrations.

Phillip Luebke, a government contracting advisor at the Bozeman Procurement Technical Assistance Center (PTAC) at Montana State University, said his clients have seen delays, and in conversations with other PTAC advisors, the CAGE Code backlog comes up often.

“I’m not sure I’m ready to sound the alarm and I’m hopeful that it will clear out pretty soon. But we haven’t been given any information from DLA on what the holdup is and how long it will take to get through it,” he said. “Maybe goes back to government shutdown. It’s one of those things hiccups with process. We try to work through it. We have network of PTAC counselors so we know what’s normal and what’s not, but individual contractors don’t know what to expect or what is concerning.”

And that is rub, the lack of communication from GSA and DLA is part of the problem, especially at a time when nearly every agency wants “new” or “innovative” vendors to bid on contracts.

Telling vendors or potential new grant organizations, there is a delay is nice, but offering workarounds or specific details is much more of an encouraging sign that speaks to telling creating honest communication channels with all vendors.

“This is probably the worst it’s been in my time as far as CAGE delays,” Luebke said. “There would be sometimes when you help someone and the next day after IRS validation comes back they were active, and other times it took longer. But I haven’t experienced this widespread of a backlog.”

As for Tammy, her CAGE Code finally came through after 33 days. One day it just popped up in her email. For others, the wait continues and when it will end, no one really knows.

The end of FBO.gov is farther away

This latest hiccup for SAM.gov leads us down the path of FedBizOpps.gov — which I still contend is the WORST WEBSITE IN GOVERNMENT.

The GSA spokesperson confirmed the plan is to migrate FBO.gov to beta.SAM.gov by mid-November now.

“In July 2019, with the consensus of the Procurement Committee for eGov, IAE updated the date to transition the FBO functionalities to beta.sam.gov to November 8, 2019; moving the date from mid-October to mid-November and still within the first quarter of FY20. The change, formally requested by the IAE Change Control Board allows for additional system integration time, will have minimal impact to the overall cost and schedule,” the spokesperson said. “There have not been any unexpected challenges in decommissioning the system; we are building on the success of decommissioning CFDA.gov, and recently WDOL.gov, and are proceeding as expected.”

But sources tell me that the original decommission date was first quarter 2019, then third quarter 2019 and then first quarter 2020, and now later in first quarter 2020.

The internal GSA presentation potentially identifies one reason for the schedule change. It says GSA wants to “reduce the government burden of the transition” by cleaning up “active” records in FBO.gov, some of which are more than 15 years old. By July 17, GSA said it had archived all notices whose date had passed.

GSA just started testing the replacement for FBO.gov with about 200 “alpha users” in early July and they will continue their end-to-end test through Aug. 30.

And beta.SAM.gov has been available for external testing for some time. I’ve used it several times over the last six months so here are my initial thoughts:

• Finding the site coming from the main beta.SAM.gov page is a little confusing. It’s called “contracting opportunities.” While that makes logical sense, when you are coming in from FBO.gov, my first thought was to look for something with a similar name.
• Searching the site needs some work. You can’t search phrases so if you put in “cloud computing,” the site searches “cloud” and “computing.” That is a problem because there are more “cloud” and “computing” results than “cloud computing” results, particularly because you are talking about three different things.
• Results of searches are better than FBO.gov, and you can sort by relevancy and newest listings. The next update would be good if the listings were inclusive instead of each modification or change coming up separately, forcing the user to sort through to find the original notice.
• Overall the user interface is clean, easy to use and logical.
• GSA has plans to add Login.gov capabilities to the site. My recommendation would be to limit it to what I’ll call “power users” — those people who bid on solicitations and need to see technical or other potentially procurement sensitive data. For those of us who just want to follow a procurement or see what’s out there on a regular basis, having to use Login.gov will not be user-friendly. I’ve experienced the same frustration with USAjobs.gov, when I only want to do a basic search.

The federal fiscal fourth quarter isn’t just a busy time for releasing solicitations and submitting bids, but agencies are addressing several policy and programmatic questions, particularly over the last month or so.

The Federal Acquisition Regulations Council made it easier to buy as the fourth quarter spending spree approaches.

The General Services Administration launched its Commercial Solutions Opening pilot and told industry and federal customers to get their plane tickets to Austin, Texas for the IT Acquisition Summit.

The Homeland Security Department made its plans known for the next generation of the FirstSource multiple-award contract, while the Customs and Border Protection directorate issued a request for information for a cloud-broker approach to services.

Since about one-third of all federal acquisition spending happens in the fourth quarter and with the 35-day government shutdown making this year even busier, let’s start with the FAR rule.

The regulation, published and effective as of June 5, makes it easier for agencies to spend their money with GSA. It removes the requirement for agencies to justify the best procurement approach if they are using GSA schedules or governmentwide acquisition contracts.

The final rule also lets agencies use GSA’s assisted acquisition services without the need to validate their approach.

GSA said the rule change lessens the burden on its customers because they can now identify and quickly use GSA IT Category contracts especially as they begin the end-of-year IT spending rush.

Not OTA, but CSO

And speaking of GSA, its Federal Systems Integration and Management Center (FEDSIM) announced it will begin testing the CSO concept where they will acquire “innovative, commercial items, technologies and services currently in the production/commercialization phase as well as adaptations of existing commercial products.”

The goal of the CSO approach is to streamline the acquisition process and simplify contract terms to attract start-up companies and others who have not previously worked with government. It’s not quite the same at an Other Transaction Authority/Agreements (OTA), but focuses on a similar objective.

FEDSIM posted the first solicitation earlier this month for the Defense Department’s Joint Artificial Intelligence Center (JAIC) for its Humanitarian Assistance and Disaster Relief (HADR) National Mission Initiative (NMI).

“The JAIC requires an innovative commercial software and services solution that will provide comprehensive data management, end-to-end platform integration, and model/capabilities development of still imagery and computer vision solutions for locating flood affected areas and infrastructure; ultimately identifying at-risk, in-need, and/or harmed/damaged people/infrastructure,” the CSO solicitation states.

JAIC said the commercial system would include 10 characteristics or capabilities, including models to distinguish features like flood lines or dangerous structures, pre-processing, post-processing and integration algorithms necessary to run models as a cohesive, deployable and efficient capability, and integration with new and existing systems.

Responses were due July 22.

FEDSIM says it will post other solicitations for a specific project or technical area of interest when an opportunity is open.

FEDSIM joins the Defense Innovation Unit, the Defense Intelligence Agency, Naval Sea Systems Command, Army Materiel Command and the Department of Homeland Security as having launched their own CSO programs, according to Bloomberg Government.

Congress gave GSA the CSO pilot authority in the 2017 National Defense Authorization Act.

Unique identifier final rule

In another final rule in the Federal Register, GSA announced the move to a new Unique Entity ID for federal awards management is final, as are the technical specification for the identifier standard.

GSA will be holding a public meeting on July 25 to discuss the changes.

“[T]he U.S. government is moving to a new unique entity identifier for federal awards management, including, but not limited to, contracts, grants and cooperative agreements, which will ultimately become the primary key to identify entities throughout the federal awarding lifecycle, in SAM.gov, other IAE systems, on required forms, and in downstream government systems. The DUNS will be phased out as the entity identifier for entity record within SAM,” GSA states in the notice. “Through December 2020, IAE systems will be transitioning from the DUNS to a SAM-generated Unique Entity ID (UEI). The standard for the new UEI was developed by an interagency working group. This new entity identifier will be the authoritative identifier once the transition is complete.”

CSO, the new FAR rules and many other topics will be discussed in great detail at GSA’s first IT Acquisition Summit in Fort Worth, Texas in early August.

“This ‘Texas Two Step’ event showcases the latest in IT and telecommunications focused on cybersecurity, cloud, mobility and emerging technology,” GSA writes in a notice on FedBizOpps.gov.  “Learn how to tap into best-in-class contracts, gain practical insight with real world cases and more.”

Beyond GSA, DHS also shed some light on major programs.

It released its plan for its next generational IT products and services contract. DHS decided to move to version three of the First Source IT products and services contract.

The agency’s Chief Procurement Officer Soraya Correa announced on FedBizOpps that First Source III will have set-aside tracks across each of the five socio-economic categories. It also will include specific ordering flexibilities for DHS. Correa said her office is working with the Office of the Chief Information Officer and across the components to iron out the scope of First Source III and establish an estimated timeline.

CBP and the cloud

DHS has obligated more than $2.8 billion on First Source contracts since 2013.

The decision to keep First Source in-house is a little surprising. DHS recently decided not to fully renew its EAGLE IT services contract, deciding instead to move it under GSA. Many in the community expected DHS to do something similar with First Source.

But the fact that First Source is a popular way for DHS components to access qualified small businesses and given that the agency has received an “A” on the small business scorecard for 10 straight years probably played into the decision to keep First Source in house.

Over at CBP, there has been a lot of interest in its IT modernization plans for much of this year after the bureau joined other DHS components and GSA to hold a cloud industry day.

CBP released a RFI for a cloud broker to provide access to infrastructure, platform and software-as-a-service.

Deputy CIO Sonny Bhagowalia told me on Ask the CIO earlier this month that demand for IT services and cyber threats are driving CBP toward the cloud.

“Currently, our first and primary priority is keep the mission going now. We are definitely seeing huge increase in the need for bandwidth,” he said. “Network is an enabler to making sure computing, data and applications work. I’ve not seen that level of synergy that the network must support the mission because if it goes down, we have to bring it back up as soon as possible.”

Bhagowalia added CBP expects to issue several cloud-related acquisition efforts in the coming months.

Reponses to this new RFI are due Aug. 1.

Over the last two years, agencies have come around to truly grasping the dangers of the technology supply chain.

Part of the credit has to go to Emile Monette, whose last day at the Department of Homeland Security was Friday. He was among the first federal executives to start talking publicly about the threats caused by an uncontrolled supply chain.

Monette left federal service after 15 years to join Synopsys as director of value chain security.

“I know the work I was fortunate enough to be a part of made a real difference for our nation. And at the end of the day, what more could anyone ask from a career in public service?” Monette wrote in a message on LinkedIn. “Despite the value of professional accomplishments, I believe the true measure of a life is the quality of the relationships it produces. Please know that each of you has touched my life in a positive and meaningful way. It was a great ride for me and I’m grateful for the part you played in making it so. “

Monette spent the last three years as DHS’ program manager of the cyber supply chain risk management initiative. In the role, he was the co-chairman of the information and communications technology (ICT) Supply Chain Risk Management Task Force and helped add more supply chain rigor to the continuous diagnostics and mitigation (CDM) program.

Through CDM, Monette helped implement a more comprehensive approach to protecting agency software by asking the vendors to propose tools and services to let agencies verify the security of the software on their network as well as the software used by the vendors.

Before coming to DHS, Monette spent six years at the General Services Administration where he was the director of governmentwide cybersecurity resiliency and risk.

In that role, Monette worked on developing a cyber acquisition risk profile as part of the implementation the recommendations GSA and the Defense Department submitted to the White House in 2014.

During his career, Monette also was a captain in the Air Force, serving for five years, worked in the White House and GSA as senior procurement advisers and spent a year with the House Oversight and Government Reform Committee on procurement-related topics.

Monette was one several long-time federal executives to decide to move to the private sector.

Matt Goodrich, the force behind the maturation of cloud security across the government, is leaving for the private sector. Goodrich, who spent seven years moving the Federal Risk Authorization Management Program (FedRAMP) cloud security program from its infant stage to its adolescence, announced on LinkedIn that his last day at GSA would be July 26.

He is taking a position in the private sector, but declined to name the company or what role he will be taking on.

Goodrich started in government as a Presidential Management Fellow. He spent the last seven years at GSA where he helped improve FedRAMP to have 144 cloud services authorized from more than 100 providers.

Over at the U.S. Patent and Trademark Office, Tony Scardino, the chief financial officer for the last nine years, joined Grant Thornton as a managing principal in its public sector advisory practice.

Scardino will lead a CXO Transformation Services group to help agencies work across the C-suite to improve mission outcomes, services and effectively spend taxpayer dollars.

Carlos Otal, national managing partner of public sector at Grant Thornton said in a statement, “His broad experience leading different organizations across multiple management functions is a perfect fit to enhance our leading transformation and innovation services.”

This is Scardino’s second tour at Grant Thornton, working for seven months with the company in 2006.

Scardino started his career in 1990 at the FBI where he was a senior budget analyst. He also worked at the Federal Election Commission, the Broadcasting Board of Governors and the Department of Housing and Urban Development.

During Scardino’s time at PTO, he led the implementation of the 2011 Leahy-Smith America Invents Act, which brought major changes to the operating and funding models of the agency.

That law let the agency use some of the fees collected above their appropriations for operating expenses.

Finally, Ben Sweezy left the role of chief information officer and deputy director of the Institute for Museum and Library Services after about two-and-a-half years.

Sweezy said he plans to take some time off to figure out what’s next and in the meantime setting up a consulting firm for technology work.

Before coming to IMLS, Sweezy worked as a senior consultant for Incapsulate for more than two years where he worked on the State of Federal IT report. He also spent six years at the Office of Management and Budget where he led the implementation of the Federal IT Acquisition Reform Act (FITARA).

Two more notable industry changes

First, Tim Harvey joined G2Xchange as senior director content and engagement after spending the last six years as the content and engagement director for the Advanced Technology Academic Research Center (ATARC).

For G2Xchange, Harvey will help the company improve the delivery of news and intelligence for vendors about federal opportunities.

Second, some sad news. Jeff Sessions, the CEO of Red River, and his wife, Elizabeth, 48, died suddenly on July 3 in boating accident.

“Jeff led our company with intelligence, humor, integrity and passion. The contributions he made to the transformation of our business cannot be measured. Jeff’s impact on Red River, our people and the communities we serve will forever be felt. On behalf of our management team and employees, we extend our deepest sympathies to Jeff’s family,” the company said in a statement.

The company said Rick Bolduc, the executive chairman of Red River’s board of directors, will serve as acting CEO. Bolduc helped found Red River in 1995 and served as its CEO until February of 2017.

Sessions was 53 years old and is survived by his son, Jeffrey, daughter, Tessa, and their families.

Red River ranked 66 on the Washington Technology’s Top 100 with $324.8 million in revenue in fiscal 2019.

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The Department of Health and Human Services’ Program Support Center handles more than $1.4 billion in contracts for other agencies as part of its assisted acquisition services offering.

Program Support Center customer agencies include the Office of Personnel Management, the Office of Special Counsel, the Environmental Protection Agency and most notably the Defense Department. In fact, DoD accounts for about $1 billion of that total.

Unfortunately for those and many other agencies, HHS is pulling the rug out from under them at possibly the worst time.

Internal memos obtained by Federal News Network show HHS decided to stop offering assisted acquisition services on June 14 just as agencies were gearing up for the fourth quarter buying season, one which many experts say will be even busier than normal because of the 35-day government shutdown.

This means all new acquisitions are stopped, including a $150 million multiple-award contract PSC was close to awarding for EPA and numerous in-process contracts for DoD.

It also means that any award made over the last four years must be moved to other agencies or absorbed by the home agency by Sept. 30, 2020. This basically gives agencies 15 months to move existing contracts.

The reason HHS gave for immediately discontinuing its assisted acquisition services: “As the result of an internal review that is ongoing, PSC has determined that it does not have the policies, procedures or internal controls necessary to conduct assisted acquisitions for agencies outside of HHS,” the agency wrote in a memo to civilian agency customers.

In a similar memo to DoD customers, HHS said it can no longer certify that it complies with the requirement in Federal Acquisition Regulation (FAR) 17.7 and in the 2008 National Defense Authorization Act that “requires the heads of all non-DoD agencies that provide acquisition support to DoD to certify that their respective non-Defense agencies will comply with defense procurement requirements for fiscal 2019 for assisted acquisitions executed on behalf of DoD in FY 2019.”

DD-254 at the heart of the rationale

Source say the issue comes back to how PSC is handling classified information for DoD and, potentially other agencies, procurements. This is commonly done by self-certifying their processes are rigorous using the DD-254 form.

“The Federal Acquisition Regulation (FAR) requires that a DD Form 254, Contract Security Classification Specification, be integrated in each classified contract. The DD Form 254 provides the contractor (or a subcontractor) security requirements and the classification guidance that is necessary to execute a classified contract,” according to Army’s headquarters website.

HHS initially wanted to end all contracts immediately, but on July 1 DoD issued a memo waiving the Section 801 requirements in order to maintain continuity of operations and give them time to transition more than 500 current contracts.

But here is the rub in HHS’ decision — PSC doesn’t do any classified work. In fact, sources familiar with PSC’s operations say a recent audit found the organization does no classified work.

“The only thing the memos ever sited was not having a DD-254 in the file. It is not a FAR or Defense FAR or HHS FAR requirement to have a DD-254 in the file nor does having a DD-254 on a contract make it a classified contract,” said one source familiar with PSC operations, who requested anonymity in order to discuss internal documents and changes. “If a contract can be on FedBizOpps or eBuy, it’s not a classified contract. A contract for janitors at a DoD facility will require a DD-254 because you will have to have a clearance but that doesn’t make it a classified contract.”

Sources say the HHS management made a decision to get out of the assisted acquisition services business and went looking for a reason.

Pulling the rug out from under customers

Alan Chvotkin, senior vice president and counsel at the Professional Services Council, an industry association, said the lack of a DD-254 is rarely a reason for an assisted acquisition service not to undertake new work.

“Many of the assisted acquisitions that Program Support Center does, including many of its contracts for DoD, do not have classified information in the bidding. There may be a need to access classified information in performance of the contract, but not the bidding,” Chvotkin said. “I’m hard pressed to see how by itself not having a DD-254 on file is a rationale to stop offering assisted acquisition services.”

Chvotkin, however, said he doesn’t have all the details about what led HHS to conclude that they can’t perform.

“There has to be some work around that they and DoD have agreed to to allow them to continue working together. That work around can be applicable to front end of bidding process where solicitation is already underway and proposals have been submitted,” he said.

Chvoktin may be right in the fact that there is more going on than just the lack of DD-254s in file.

Sources said HHS placed the three top executives at PSC on administrative leave in the spring. PSC Executive Director Al Sample, CFO Bill McCabe and Patrick Joy, the head of PSC’s contracting activity, were all temporarily removed from their positions and possibly even escorted out. Sample has been PSC’s executive director for more than four years. McCabe received the Meritorious Presidential Rank Award in 2015 and also worked as CFO of the Nuclear Regulatory Commission, and Joy has worked for HHS for 29 years.

Sample declined to comment on his situation. Emails through LinkedIn to McCabe and Joy were not returned.

A HHS spokesperson declined to comment on the status of Sample, McCabe and Joy, citing the fact the agency is unable to comment on personnel matters.

The HHS spokesperson, in fact, provided little insight into the PSC situation. There is nothing on PSC’s website about the change and, in fact, HHS took down the acquisition section of PSC’s site.

The agency, however, sent out FAQs to civilian and DoD customers with more specifics, but not offering much more about why HHS made the decision or how it is helping customer agencies.

When asked why is PSC unable to certify it is meeting the requirements under Section 801 of the NDAA, the spokesperson said, “PSC constantly reviews its business processes to ensure accountability and customer satisfaction. Section 801 requirements are no different.”

When asked whether HHS tried to fix the challenges with its DD-254s before deciding to stop offering assisted acquisition services, the spokesperson said, “PSC has taken the position that it is in the best interest of all parties to conduct an orderly phase out of this line of business.”

But sources say that’s the problem with this whole issue — PSC is not doing an orderly phase out. It’s more like a jolt to the system.

Sources say the issue is less about HHS’s decision to stop offering assisted acquisition services, and more about the sudden burden PSC is putting on DoD and other customer agencies.

Multiple customer agencies, OPM, the Department of Housing and Urban Development and EPA declined to comment on how PSC’s decision is impacting them.

The HHS spokesperson said customer agencies can rely on their own acquisition offices and “PSC is providing contact information for other acquisition shared service providers when appropriate.”

Additionally, the spokesperson said, “PSC is working with customer agencies independently to support their mission needs.”

One-third of all federal spending happening

But the source familiar with PSC operations said the quick decision by HHS clearly upset many agency customers and put them in a tough and unnecessary situation.

The source said a more orderly process would have been for PSC to finish administering every contract until the end of life, including all modifications and option years.

“This decision places a huge administrative burden on the people who are so overwhelmed that they are using assisted acquisition services. This is really creating a five-alarm crisis in the fourth quarter,” the source said. “Deadlines for fourth quarter work were in June, and generally speaking other assisted acquisition service providers like General Services Administration and Interior, rarely accept new customers in July or August. They just can’t staff up to deal with new work. So if you only used PSC for assisted acquisition services, you are in trouble, and must find a way to do it yourself.”

Other government sources say the General Services Administration has some capacity to accept new work in the fourth quarter, but others such as the National Institutes of Health and the Interior Department, both of which offer assisted acquisition services, may have a harder time because they don’t have enough contracting officers to do the work.

“We are getting calls to pick up work,” said one federal executive with an assisted acquisition service, who requested anonymity because they didn’t get permission to speak to the press. “PSC’s decision is hurting a lot of DoD’s programs.”

Chvotkin said HHS’ decision also impacts vendors because they spent time and money bidding on solicitations that now must start over and calls into question the future of existing contract awards.

“PSC is putting enormous pressure on agencies to find places to move these contracts and it puts vendors at risk for losing work that they competed for and were working on,” he said. “I wish they had included a longer transition period because a lot of work needs to be done and I hope they stay fully engaged.”

Chvotkin said the Professional Services Council looked at the spend rate of federal agencies and about one-third of all federal spending goes out in the fourth quarter and almost a quarter goes out in September.

“Cutting off agencies when they had weeks of preparation work to get to PSC on time and are now finding themselves cut off during the worst time of federal fiscal year is tough,” he said. “If there was ever a good time to make a bad decision, the decision would’ve become after Oct. 1 and included a more reasonable transition period.”

Chvotkin said his organization is meeting with member companies, DoD and the Office of Federal Procurement Policy to figure out a way forward. He said OFPP is aware of HHS’ decision and is working with agencies to find solutions.

“This was all foreseeable if the leadership had talked to someone at the Program Support Center who understands acquisition they would’ve have understood the ramifications,” said the source familiar with PSC.