risk assessment | Georgia Tech Procurement Assistance Center

DoD makes supply chain risk management a permanent performance metric

October 17, 2018 By Andrew Smith

On Sept. 19, 2018, the U.S. Department of Defense (DoD) issued a corrected Class Deviation 2018-O0020, to remove the sunset provision in DFARS 239.73, “Requirements for Information Relating to Supply Chain Risk,” that was due to expire on Sept. 30, 2018. The deviation is effective immediately.

This new deviation implements Section 881 of the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2019. Section 881 made the requirements for supply chain risk management under DFARS 239.73 permanent by placing its authority under a statute (10 U.S.C. § 2239a). This reauthorization reflects the continual efforts by Congress and the DoD to increase oversight on contractors supply chain and use risk management as a metric for contract performance.

DFARS Subpart 239.73, along with its contract clauses DFARS 252.239-7017 and DFARS 252.239-7018, places a significant onus on contractors to investigate its own supply chain to minimize and mitigate any perceived security risks. Failure to meet the requirements of the regulations creates significant risk to a contractor.

First, there is an explicit requirement in DFARS 252.239-7018 requiring contractors to actively mitigate supply chain risk during performance of the contract. However, the clause provides no additional information or standard to what is considered adequate mitigation.
Second, there is an implicit incentive for contractors to ensure that their supply chain is risk-free because the contractor is not the only entity to investigate risks in its supply chain. DFARS 252.239-7018 provides the government with an incredible oversight capability by permitting it to consult both public and non-public information, including all-source intelligence, to determine whether a contractor’s supply chain creates a risk.

Keep reading this article at: http://www.mondaq.com/article.asp?articleid=743224

Software review provisions proposed by Senate Armed Services Committee could have significant impact on DoD contractors

June 20, 2018 By Andrew Smith

As the Senate approaches the end of its debate on the National Defense Authorization Act (NDAA) for Fiscal Year 2019, provisions of the bill regarding access to and review of information technology code deserve close attention. These sections, if enacted, would significantly impact Department of Defense contractors and also would affect matters associated with investments subject to review by U.S. national security agencies.

As drafted, the provisions could expose current and prospective contractors to intrusive scrutiny and significant risks. They lack clarity on key definitions, leaving the precise scope of those risks unclear. We summarize major issues and concerns below. We expect these provisions to receive scrutiny during the House-Senate conference on the NDAA over the summer.

Synopsis of the Proposed Legislation

Three sections of the Senate’s version of the NDAA, which passed the Senate Armed Services Committee in May, would establish new rules designed to mitigate “risks posed by providers of information technology with obligations to foreign governments.” Those risks involve the access that foreign governments may have to code in products or services that are offered to the Department of Defense. The provisions also impose new disclosure requirements on the efforts of a prospective vendor to obtain a license under the Export Administration Regulations (“EAR”) or the International Traffic in Arms Regulation (“ITAR”).

The pending legislation would require proactive disclosure of those matters, and would impose an ongoing duty to supplement those disclosures during the period of performance on the contract. The Secretary of Defense would be authorized to assess and mitigate any resulting national security risks through contractual provisions or other performance requirements.

Keep reading this article at: https://www.insidegovernmentcontracts.com/2018/06/senate-armed-services-committee-proposes-expansive-unclear-software-review-provisions/

Contracting success in a changing government environment

March 4, 2015 By ei2admin

Behind many contracting issues today is the implied topic of who is or isn’t winning contract awards. In the private sector, it’s rare to attribute lack of business success to the customer. Certainly in a commercial market, industry success and failure is usually laid at the feet of company management and its ability to understand and meet market needs. Not so in government contracting.

Along with well-structured protest procedures, industry can and does appeal to government legislative representatives, investigatory bodies, contracting managers, trade groups, and agency leaders concerning any real or perceived unfair treatment before, during, or after contract performance. One regularly hears rationale that the buyer, not the seller, was at fault for lost business and revenue. It’s common practice, if not encouraged by government, for industry to openly critique customer policy, processes, strategy, requirements, and staff. These critiques include time of awards; market conditions; workforce training; communication; sensitivity to private sector concerns; selection methodology; risk mitigation; receipt of external advice (program, technical, incumbents, business, legal, trade groups, etc.); past performance criteria; and more. That’s the nature of an open and fair process.

Keep reading this article at: http://www.federaltimes.com/story/government/acquisition/blog/2015/02/25/contracting-success-changing-government-environment/23993719/

DoD enacts rule on excluding contractors based on supply chain risk

December 3, 2013 By ei2admin

The Defense Department may now officially exclude contractors or subcontractors from receiving information technology contracts based on the risk their supply chain poses to national security systems.

The authority comes from earlier national defense authorization bills and it expires in September 2018. In an interim rule published Nov. 18 in the Federal Register, DoD says the authority applies to the acquisition of any IT product or service, including commercial items, so long as the contractor in question operates a supply chain that poses a significant risk to a particular national security system.

Although the clause permitting the DoD to exclude contractors will now be a part of all defense IT contractors, the interim rule notes that it can apply only to national security systems, and then only to items “the loss of integrity of which could result in a supply chain risk to the entire system.”

Keep reading this article at: http://www.fiercegovernmentit.com/story/dod-enacts-rule-excluding-contractors-based-supply-chain-risk/2013-11-21

DoD makes supply chain risk management a permanent performance metric

Software review provisions proposed by Senate Armed Services Committee could have significant impact on DoD contractors

Synopsis of the Proposed Legislation

Contracting success in a changing government environment

DoD enacts rule on excluding contractors based on supply chain risk

Contracting News

Interim rule banning Huawei and other Chinese equipment and services took effect August 13, 2019

FedBizOpps will be gone before the end of the year

Contractors have questions about DOD’s cyber requirements

U.S. moves to ban Huawei from government contracts

GSA plan for one award schedule gets industry thumbs up

Contracting Tips

Deadline looms for expanded EEO-1 filing

The two-part manufacturing test under the Buy American Act

Uncertainty in how small business joint ventures must be managed

Accept no imitations: Contractor cannot recover for claim based on brand name products

Highlights from the stalled SBA Reauthorization and Improvement Act of 2019

GTPAC News

Georgia National Guard hosting Vendor Expo Day Nov. 14, 2019

GTPAC participates at National MBE Manufacturers Summit

Recent DoD contract awards (Aug. 6-14)

GTPAC Special Fraud Alert

Long-time GTPAC leader Chuck Schadl is a guest on the Risk GovCon podcast (Part 2)

Georgia Tech News

Georgia Tech aerospace engineering graduate James McConville sworn in as Army’s top officer

Georgia Tech: A driver of economic development

Georgia Tech Research Institute develops and teaches tactics to defend transport aircraft

GTRI wins $245M Air Force contract for engineering, advanced technology support

Georgia Tech and Morehouse announce collaborative effort