risk assessment | Georgia Tech Procurement Assistance Center

DoD makes supply chain risk management a permanent performance metric

October 17, 2018 By cs

On Sept. 19, 2018, the U.S. Department of Defense (DoD) issued a corrected Class Deviation 2018-O0020, to remove the sunset provision in DFARS 239.73, “Requirements for Information Relating to Supply Chain Risk,” that was due to expire on Sept. 30, 2018. The deviation is effective immediately.

This new deviation implements Section 881 of the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2019. Section 881 made the requirements for supply chain risk management under DFARS 239.73 permanent by placing its authority under a statute (10 U.S.C. § 2239a). This reauthorization reflects the continual efforts by Congress and the DoD to increase oversight on contractors supply chain and use risk management as a metric for contract performance.

DFARS Subpart 239.73, along with its contract clauses DFARS 252.239-7017 and DFARS 252.239-7018, places a significant onus on contractors to investigate its own supply chain to minimize and mitigate any perceived security risks. Failure to meet the requirements of the regulations creates significant risk to a contractor.

First, there is an explicit requirement in DFARS 252.239-7018 requiring contractors to actively mitigate supply chain risk during performance of the contract. However, the clause provides no additional information or standard to what is considered adequate mitigation.
Second, there is an implicit incentive for contractors to ensure that their supply chain is risk-free because the contractor is not the only entity to investigate risks in its supply chain. DFARS 252.239-7018 provides the government with an incredible oversight capability by permitting it to consult both public and non-public information, including all-source intelligence, to determine whether a contractor’s supply chain creates a risk.

Keep reading this article at: http://www.mondaq.com/article.asp?articleid=743224

Software review provisions proposed by Senate Armed Services Committee could have significant impact on DoD contractors

June 20, 2018 By cs

As the Senate approaches the end of its debate on the National Defense Authorization Act (NDAA) for Fiscal Year 2019, provisions of the bill regarding access to and review of information technology code deserve close attention. These sections, if enacted, would significantly impact Department of Defense contractors and also would affect matters associated with investments subject to review by U.S. national security agencies.

As drafted, the provisions could expose current and prospective contractors to intrusive scrutiny and significant risks. They lack clarity on key definitions, leaving the precise scope of those risks unclear. We summarize major issues and concerns below. We expect these provisions to receive scrutiny during the House-Senate conference on the NDAA over the summer.

Synopsis of the Proposed Legislation

Three sections of the Senate’s version of the NDAA, which passed the Senate Armed Services Committee in May, would establish new rules designed to mitigate “risks posed by providers of information technology with obligations to foreign governments.” Those risks involve the access that foreign governments may have to code in products or services that are offered to the Department of Defense. The provisions also impose new disclosure requirements on the efforts of a prospective vendor to obtain a license under the Export Administration Regulations (“EAR”) or the International Traffic in Arms Regulation (“ITAR”).

The pending legislation would require proactive disclosure of those matters, and would impose an ongoing duty to supplement those disclosures during the period of performance on the contract. The Secretary of Defense would be authorized to assess and mitigate any resulting national security risks through contractual provisions or other performance requirements.

Keep reading this article at: https://www.insidegovernmentcontracts.com/2018/06/senate-armed-services-committee-proposes-expansive-unclear-software-review-provisions/

Contracting success in a changing government environment

March 4, 2015 By ei2admin

Behind many contracting issues today is the implied topic of who is or isn’t winning contract awards. In the private sector, it’s rare to attribute lack of business success to the customer. Certainly in a commercial market, industry success and failure is usually laid at the feet of company management and its ability to understand and meet market needs. Not so in government contracting.

Along with well-structured protest procedures, industry can and does appeal to government legislative representatives, investigatory bodies, contracting managers, trade groups, and agency leaders concerning any real or perceived unfair treatment before, during, or after contract performance. One regularly hears rationale that the buyer, not the seller, was at fault for lost business and revenue. It’s common practice, if not encouraged by government, for industry to openly critique customer policy, processes, strategy, requirements, and staff. These critiques include time of awards; market conditions; workforce training; communication; sensitivity to private sector concerns; selection methodology; risk mitigation; receipt of external advice (program, technical, incumbents, business, legal, trade groups, etc.); past performance criteria; and more. That’s the nature of an open and fair process.

Keep reading this article at: http://www.federaltimes.com/story/government/acquisition/blog/2015/02/25/contracting-success-changing-government-environment/23993719/

DoD enacts rule on excluding contractors based on supply chain risk

December 3, 2013 By ei2admin

The Defense Department may now officially exclude contractors or subcontractors from receiving information technology contracts based on the risk their supply chain poses to national security systems.

The authority comes from earlier national defense authorization bills and it expires in September 2018. In an interim rule published Nov. 18 in the Federal Register, DoD says the authority applies to the acquisition of any IT product or service, including commercial items, so long as the contractor in question operates a supply chain that poses a significant risk to a particular national security system.

Although the clause permitting the DoD to exclude contractors will now be a part of all defense IT contractors, the interim rule notes that it can apply only to national security systems, and then only to items “the loss of integrity of which could result in a supply chain risk to the entire system.”

Keep reading this article at: http://www.fiercegovernmentit.com/story/dod-enacts-rule-excluding-contractors-based-supply-chain-risk/2013-11-21

DoD makes supply chain risk management a permanent performance metric

Software review provisions proposed by Senate Armed Services Committee could have significant impact on DoD contractors

Synopsis of the Proposed Legislation

Contracting success in a changing government environment

DoD enacts rule on excluding contractors based on supply chain risk

Contracting News

Government shutdown costing private-sector contractors $245 million every day

Defense companies starting to feel effect of the shutdown

Air Force to host first small business pitch day, with $40 million up for grabs

OFCCP releases three new directives for federal contractors

General contractor can be cited for subcontractor safety violations

Contracting Tips

The Big R: Relationships remain the key to GovCon success

LPTA solicitations no longer acceptable? Reviewing DoD’s proposed changes to the DFARS

DoD and other agencies seek to enhance contractors’ cyber and supply chain security

What to expect during a government shutdown: Submitting bids, getting paid, and more

Building better mousetraps by adding value to technical proposals

GTPAC News

Dept. of Health & Human Services holding small business outreach event in Nashville on Feb. 11

Defense Innovation Conference less than a week away — Register now!

Interest in GTPAC continued to grow in 2018 – What did you miss?

Here are the Georgia businesses who won federal contracts in 2018

Learn what DoD prime contractors want in a subcontractor

Georgia Tech News

Georgia Tech develops safety app for social workers

Georgia Tech names new leadership for ATDC

Tech Square to host 2019 Association of University Research Parks international conference

Georgia Tech’s Technology Square continues to grow

Georgia Tech to hold panel discussion on succession planning in Savannah on Sept. 27th