The General Services Administration is facing new scrutiny over two separate cloud computing issues.
Two industry associations are raising concerns about specific cloud ideas that GSA is either considering or discussing.
The Coalition for Government Procurement wrote to Laura Stanton, GSA’s assistant commissioner in the Office of Information Technology in the Federal Acquisition Service, expressing concerns about a recent request for information for a new blanket purchase agreement for cloud services.
At the same time, CompTIA wrote to Skip Jentsch, GSA’s cloud products manager and enterprise architect, about public comments he made about buying cloud services during industry outreach sessions in September.
Insight by Carahsoft: This exclusive e-book demonstrates just how far agencies have come and where they still need to go to take fully advantage of DevSecOps to drive modern capabilities to their customers.
Kudos to both CGP and CompTIA for trying to get ahead of potential problems. But at the same time, one has to wonder if both are making a mountain out of a mole hill?
Let’s start with the facts of both situations before we decide how serious these concerns are or need to be.
In CGP’s case, it is asking whether GSA, which was seeking industry feedback on whether it should create a new governmentwide BPA on top of the schedules for cloud services, is going down a path that would be duplicative and wasteful.
GSA released the RFI in May as part of its market research to see how it can make buying cloud services more efficient.
CGP said if GSA launches this new contract, it would “create an additional layer of cost, administration and process that increases costs for all. The use of generic, governmentwide BPAs simply increases costs and complexity in the Schedules program resulting in new barriers to entry for commercial cloud solutions. The result will be reduced competition, efficiency and value for customer agencies, GSA and its industry partners, including potential new entrants to the market. As such, the approach is inconsistent with the administrator’s goal of streamlining the schedules program.”
The coalition, which hosts Off the Shelf on Federal News Network, details five areas of concern about the potential BPA, including the possible competition and scope of the vehicle and draft concepts on how the competition and task order process would work.
“The RFI and previous generic, governmentwide BPAs also raise questions regarding how GSA accounts for additional fees to customer agencies when those agencies already can compete their unique requirements directly against the top-level FSS contracts, rather than second-level generic BPAs,” the coalition wrote. “The use of a generic, governmentwide BPA also prompts concerns regarding the underlying FSS contract terms. To the extent that GSA is seeking to include BPA terms and conditions that would apply governmentwide, the appropriate avenue for consideration of those terms is at the FSS contract level. To that end, GSA should engage with its industry partners and agency customers to determine whether supplemental BPA terms should be negotiated at the FSS contract level. Many times, an added feature from a BPA could have been included at the contract level.”
CompTIA’s concerns, meanwhile, are more focused on comments Jentsch made at industry days, where he is reported to have said vendor lock-in for cloud services may be justified or even desirable.
The industry association says Jentsch also may have said brand name justifications and a single award BPAs for cloud services may be possible to obtain specific services from a cloud provider.
These comments “may undermine federal procurement law, while promoting anti-competitive practices that stifle price competition and innovation,” the association wrote in its letter.
CompTIA highlights both policy from the Office of Management and Budget and the Federal Acquisition Regulations Council, and federal law, such as the Competition in Contracting Act (CICA), that prohibits or severely limits several of the ideals Jentsch brought up.
“Few markets are more vibrant and subject to rapid change than the cloud computing market,” CompTIA wrote. “No assurance exists that today’s reseller of cutting-edge cloud services will have access to the leading cloud services of tomorrow. Single award BPAs insulate the reseller from competition, ending the need for competitive pricing in a market where prices trend downward and technology improves rapidly.”
Both associations are raising these separate cloud-related issues ahead of any more serious problems, but one has to wonder whether they also are jumping to conclusions too fast.
Let’s look at the RFI. As most know, a RFI is just trying to understand more about an idea or concept. Technically, no decisions are made and the responses from vendors should influence an agency’s direction. So are CGP’s concerned justified?
On one hand, they would be remiss if they didn’t offer feedback, but on the other hand GSA hasn’t announced anything further about its plans with the cloud BPA so CGP’s issues may be much ado about nothing.
Want to stay up to date with the latest federal news and information from all your devices? Download the revamped Federal News Network app
GSA’s own history has shown that specific cloud BPAs don’t work well — see the email-as-a-service BPA from 2011. Few, if any, agencies used it and GSA eventually let it expire.
Agencies are buying cloud services with integration help, not as standalone instantiations. This is why that email-as-a-service initial BPA failed.
This exact issue is one CGP brought up back in May soon after GSA released the RFI and asked whether it was repeating history or whether it learned how to create a contract for cloud services that would be successful.
“BPAs that include sound, fulsome requirements enhance competition, reduce costs, increase value, and lead to positive business and mission outcomes,” wrote Roger Waldron, CGP’s president in that blog post.
Similarly, CompTIA’s letter could be seen as raising a red flag prematurely. While Jentsch’s comments are disconcerting to say the least, keep in mind he’s also not a contracting officer. If you look at his background via LinkedIn, it’s more technology than acquisition, so it may be better to give him the benefit of the doubt that he was inartful rather than advocating for a new GSA policy.
GSA should respond to CompTIA’s concerns and clarify Jentsch’s comments. GSA should do this despite the fact that the agency has worked hard over the last two decades to demonstrate their support of multiple award and competitive cloud acquisitions.
As for the cloud BPA, it all comes down to the strategy GSA chooses. If they decide to run a BPA on top of the schedules — which is always a bad idea in my mind — then they need to ensure there are defined requirements and expectations versus just a broad-based cloud procurement. If they choose to develop a new governmentwide acquisition contract or add a new pool or functional area under, say the new services multiple award contract current under development, that may solve some of CGP’s concerns.