On Monday, August 13, 2018, President Trump signed into law the H.R. 5515, the John S. McCain National Defense Authorization Act for Fiscal Year 2019 (FY 2019 NDAA), the earliest an NDAA has been signed in over a decade. The FY 2019 NDAA includes several provisions relevant to contractors, including replacing the definition of “commercial item” with “commercial product” and “commercial services,” discouraging the use of lowest price technically acceptable contracting, and a clause designed to accelerate payments to small businesses.
Admitted in New York only; practicing under the supervision of DC Bar members
In AlliantCorps, LLC, B-415744.2, the Government Accountability Office (GAO) denied a protest by AlliantCorps, LLC (Alliant) alleging violations of the Procurement Integrity Act (PIA) by the Department of the Navy (Navy) following Alliant’s prior protest of a task order award to DKW Communications, Inc. (DKW). Alliant asserted that DKW improperly received Alliant’s bid and proposal information when its proposed subcontractor’s labor rates were furnished to DKW “at the direction of the Navy.” GAO found that the facts asserted could not form the basis of a PIA violation because the employees voluntarily disclosed their salary information to DKW.
The Navy initially awarded the task order seeking software maintenance services to DKW. As part of its transition effort, DKW sent an email to Navy personnel providing a link to DKW’s employment application website. After the Navy provided Alliant with its debriefing, Navy personnel forwarded DKW’s email soliciting employment applications to personnel working on the incumbent contract for Alliant’s proposed subcontractor. Alliant subsequently protested the evaluation underlying the award challenging the Navy’s past performance evaluation and discussions, which prompted the Navy to take corrective action to clarify the solicitation and make a new source selection decision.
The National Institute of Standards and Technology (NIST) recently published a draft special publication titled Systems Security Engineering: Resiliency Considerations for the Engineering of Trustworthy Secure Systems (Volume 2), which provides guidance to professionals responsible for the activities and tasks related to the system life cycle processes in NIST’s flagship publication, NIST Special Publication 800-160 Volume 1 (Volume 1). Volume 2 is the first in a series of systems security engineering publications supplementing Volume 1, and describes how to apply cyber resiliency concepts, constructs, and engineering practices, as part of systems security engineering.
Volume 1 built upon well-established international standards for systems and software engineering to describe the actions necessary to develop more defensible and survivable systems. Volume 2 describes cyber resiliency principles that organizations can select and apply to their own systems based on the organization’s threat environment. These principles help organizations address certain types of advanced cyber-threats that have the capability to breach critical systems, establish a presence within those systems often undetected, and inflict immediate and long-term damage to economic and security interests. Among other things, developers could look to the draft publication for guidance on how to increase the security of older legacy systems in order to limit potential hackers’ access in the event of a data breach. NIST is accepting public comments until May 18, 2018.
On April 2, 2018, the Government Accountability Office (GAO) published Final Rule 83 FR 13817, amending its bid protest regulations to implement the Electronic Protest Docketing System, make administrative and clerical changes, and “streamline the bid protest process.”
This Final Rule goes into effect on May 1, 2018. We detail below some key changes it implements to the protest process.
In the face of an actual or potential organizational conflict of interest (OCI), the potential solutions are often limited. There are several options for contractors and the government that are broadly categorized as mitigation, avoidance, neutralization, limitations on future contracting, and exclusion. Although used sparingly, the FAR also provides that the government can “waive” actual or potential OCIs. Specifically, FAR 9.503 states: “The agency head or a designee may waive any general rule or procedure of this subpart by determining that its application in a particular situation would not be in the Government’s interest.”
A recent GAO decision sheds light on how contractors and agencies should think about OCI waivers. CACI, Inc.-Federal; General Dynamics One Source, LLC, B-413860.4, et al., Jan. 5, 2018.