Alabama Contracting News

Emergency Response Contracting in Alabama

We have received several inquiries from our small business clients regarding contracting opportunities for relief efforts related to the tornadoes that impacted Lee County, Alabama this week. Per our conversations with the Alabama Department of Finance (Purchasing Division) and the Federal Emergency Management Agency (FEMA), companies are advised to follow this two-step process.

  1. Ensure that your company is properly registered in the STAARS system. STAARS stands for “State of Alabama Accounting and Resource System.” As the State’s enterprise-wide accounting system, STAARS supports all financial, procurement, and human resource transactions. All vendor interactions—including solicitations, purchase orders, payments, and receipts—are maintained in STAARS.
  2. Ensure that your company is properly registered in SAM.
    The System for Award Management (SAM) is an official website of the U.S. government. There is no cost to use SAM. You can use this site for FREE to register to do business with the US government, update/renew your entity registration, check the status of a registration, or search for a registration.

Procurement Specialists at the Alabama PTAC can assist with registering in both of these systems.

FEMA will ask for a list of properly registered state vendors from the State Purchasing Office and will attempt to contract with local businesses that are properly registered in both systems

Disaster Contracting Tips

Natural Disasters can be a time of crisis or opportunity for small business government contractors. The Thomas T. Stafford Disaster Relief and Emergency Assistance Act, passed in 2007, requires FEMA to contract with businesses located in the affected area when feasible and practicable, which brings unexpected and often substantial contracting opportunities in the wake of a disaster.

FEMA needs certain types of items most frequently following a disaster, such as office supplies, dumpsters, shredders and other disposal equipment, janitorial supplies, locks, portable toilets, hand washing stations and sometimes material moving equipment such as forklifts. In many areas they need certain services such as certified translators.

If the goods or services you provide are relevant to disaster response, the following steps can help you to position yourself to take advantage of such contracting opportunities when a disaster strikes.

  • Establish relationships with municipal and county governments, as well as state procurement offices. (Have you attended one of our matchmaker events?) Often these offices control much of the work that is done. In fact, FEMA doesn’t do anything without request and concurrence from the state, local and (when applicable) tribal governments. The type, kind and quantity of assistance FEMA provides is entirely up to state and local authorities. If debris removal contracts are already in place for routine incidents, such as wind or ice storms, those contracts will probably be used for major disasters first.
  • Be aware that, like most federal buyers, FEMA buyers often perform quick and dirty market research via Google. Make sure your company is well represented on the internet, with an up to date website that clearly describes the goods and services you offer. Also, check your SAM (System for Award Management) and DSBS (Dynamic Small Business Search) profiles periodically to ensure that your status is “active”, the contact information is current, and your list of capabilities is complete.
  • FEMA buys some things at the region level and some at the national level. Establish contracting relationships with the appropriate offices ahead of disasters. Buyers often turn to the contractors they know rather than to local businesses.
  • Never rest on special databases or designations. FEMA and other federal buyers don’t necessarily use the Disaster Relief designation in SAM or the GSA Disaster Response designation. The FEMA Industry Liaison Program ( is only one point of access for vendors to FEMA buyers, and not necessarily the primary one. Do not depend on these alone for visibility during a disaster.

(Article by Carter Merkle, Oklahoma PTAC )

Disaster Contracting Alabama PTAC

VA Will Use SBA SDVOSB Eligibility Rules Starting 10/1/18

The VA will begin using the SBA’s eligibility rules to verify SDVOSBs and VOSBs beginning October 1, 2018.

In a final rule published today in the Federal Register, the VA confirms that the SBA’s eligibility requirements will apply beginning next week–but in my eyes, one very important question remains unanswered.

As regular SmallGovCon readers know, the differences between the government’s two SDVOSB programs have caused major headaches for veterans. Because the two sets of regulations have different eligibility requirements, a company may be an eligible SDVOSB under one set of rules, but not the other.

In 2016, Congress addressed the problem. As part of the 2017 NDAA, Congress directed the VA to verify SDVOSBs and VOSBs using the SBA’s regulatory definitions regarding small business status, ownership, and control. Congress told the SBA and VA to work together to develop joint regulations governing SDVOSB and VOSB eligibility. The VA published a proposed rule earlier this year to eliminate its separate SDVOSB and VOSB eligibility requirements.

Now the VA has issued a final rule, set to take effect in just one week on October 1. The final rule broadly reiterates that the VA is eliminating its separate SDVOSB and VOSB eligibility requirements because “regulations relating to and clarifying ownership and control are no longer the responsibility of VA.” Instead, in verifying SDVOSBs and VOSBs, the VA will use the SBA’s eligibility rules set forth in 13 C.F.R. part 125.

The VA’s final rule answers a few questions from the public about the change. Among the VA’s answers:

  • Despite a common misconception, this final rule does not move the verification process from the VA to the SBA. The final rule states, “[a]lthough the authority to issue regulations setting forth the ownership and control criteria for SDVOSBs and VOSBs now rests with the Administrator of the SBA, the [VA] is still charged with verifying that each applicant complies with those regulatory provisions prior to granting verified status and including the applicant in the VA list of verified firms.”
  • The “VA and SBA will treat joint ventures the same way,” applying the SBA’s regulatory criteria. This is important because the VA currently does not treat joint ventures the same way as the SBA. Although the VA largely defers to the SBA’s joint venture rules, the VA has been requiring SDVOSB joint ventures to demonstrate that the SDVOSB managing venturer will receive at least 51% of the joint venture’s profits. This conflicts with the SBA’s current regulation, which allows the SDVOSB managing venturer to receive as little as 40% of the joint venture’s profits, depending on how the joint venturers split work.
  • Persons “found guilty of, or found to be involved in criminally related matters or debarment proceedings” will be immediately removed from the VetBiz database. Additionally, owing outstanding taxes and unresolved debts to “governmental entities outside of the Federal government” may be disqualifying, but won’t lead to an automatic cancellation.

As you may recall, the SBA proposed to revise its own SDVOSB regulations earlier this year. These proposed rules, when finalized, would apply to both the VA and SBA.

The VA’s final rule indicates that the SBA’s final rule also will take effect on October 1. “VA and the SBA believe a single date on which all of the changes go into effect is the most effective path for implementation,” the VA writes. As I sit here today on September 24, I haven’t seen the SBA’s final rule yet, but I assume it will be published any moment. We’ll blog about it on SmallGovCon when that happens.

By consolidating the eligibility requirements for SDVOSBs and VOSBs, the SBA and VA will eliminate a lot of confusion. In that sense, these changes are good news. But I’m concerned about one important item that wasn’t raised in the VA’s response–that is, what happens to currently verified companies who no longer meet the eligibility requirements? In other words, what happens to companies that were verified under the VA’s “old” rules, but won’t qualify as SDVOSBs under the SBA’s “new” rules?

Remember, many companies were verified as SDVOSBs and VOSBs based on the VA’s eligibility requirements, which (until October 1) aren’t identical to the SBA’s. Perhaps most notably, the VA has long permitted companies to use reasonable “right of first refusal” provisions in their corporate governing documents. The SBA, on the other hand, has deemed such provisions impermissible–a position that a federal judge called “draconian and perverse,” but nonetheless within the SBA’s broad discretion.

As I read the SBA’s proposed rules, anyway, the SBA hasn’t changed its position on this issue. And while it sounds wonky, it’s actually very important: right of first refusal provisions are commonplace in operating agreements, bylaws, and shareholders’ agreements prepared by good corporate counsel. It’s a virtual certainty that hundreds, if not thousands, of verified SDVOSBs and VOSBs have such provisions in their governing documents.

Are these companies now vulnerable to protest? Will the VA CVE propose them all for cancellation? Are they somehow grandfathered in? (I highly doubt that, but I suppose you never know). It’s a very important question and I hope one that the SBA and VA will answer soon.

Steve Koprince
Managing Partner at Koprince Law LLC



Doing Business with the Defense Logistics Agency (DLA)

Small business suppliers are integral to the success of DLA’s Enterprise Business Systems (EBS), and are key players in meeting DLA’s customers’ requirements. By being informed and aware of these changes, we can work together to ensure that the soldiers, sailors, airmen, and marines, have the right item at the right time and at the right place.

Learn more at:

Enterprise Business Systems Supplier Information Resource Center – New Login Process on June 29

New Login Process for Coming June 29th

Date/Time: June 29, 2018

Details: To further increase security and deter fraud, is partnering with to implement multi-factor authentication for all registered users.

To create the user account, you need to:

1.       know the email address associated with your username and password

2.       have access to that email to receive a confirmation email from, and

3.       have a working phone (cell phone or landline) to receive a security code from

Please share with your teams the following information:

·         Before June 29th – Make sure you know the email address associated with your current user account (after June 29th, the username and password won’t work and you won’t be able to find the email information without contacting the Federal Service Desk)

·         Review the FAQs located at

SBA is also communicating via email to several groups of users, and plans to send the attached emails beginning this week to:

·         Group 1: Entities with registrations expiring between now and July 31, 2018

·         Group 2: Users with system accounts and data access roles

·         Group 3: Federal users  (those with data access roles, roles with Federal entities, and those with email-based access to FOUO data)

As always, for no-cost assistance with, and for all of your contracting needs, contact your local PTAC Procurement Specialist.
(Remember, you do not have to pay anyone anything to register in!)

Important Update: New registrations & updating existing registrations

SAM Update from GSA

For assistance with your registration, contact your trusted local PTAC Procurement Specialist.

Alleged Fraudulent Activity in SAM – Updated April 26, 2018

GSA’s System for Award Management (SAM) is supporting an active investigation by the GSA Office of Inspector General (OIG) into alleged, third-party fraudulent activity in SAM. At this time, only a limited number of entities registered in SAM are suspected of being impacted by this alleged fraudulent activity. GSA has already taken proactive steps to address this issue and has notified affected entities. GSA will continue to work with the OIG and law enforcement agencies to take additional action as appropriate.

These proactive steps include requiring submission of an original, signed notarized letter identifying the authorized Entity Administrator for the entity associated with the Data Universal Numbering System (DUNS) number before the registration will be activated. GSA posted instructions for domestic entities and instructions for international entities for easy reference. This requirement went into effect on March 22, 2018 for new entities registering in SAM and goes into effect on April 27, 2018 for existing registrations being updated or renewed in SAM.

What is GSA doing to address the problem?

GSA’s SAM team is supporting GSA’s OIG in an active investigation into alleged, third-party fraudulent activity related to SAM. GSA has taken a number of proactive steps to address this issue and is in the process of making system modifications to prevent improper activity going forward. In the interim, GSA expired, then deactivated any entity registrations that appeared to have been affected. These entities are being advised to validate their registration information in SAM, particularly their financial information and points of contact, before reactivating the entity registrations. Further, GSA has begun implementing additional reviews during the registration process to prevent future issues.

Who was impacted?

Entities with registrations that appeared to be impacted were notified. Instructions were provided explaining how to validate registration information and how to reactivate the registration. In addition, entities whose bank account information for Electronic Fund Transfer (EFT) changed within the last year were notified. Although not associated with suspicious activity, these entities are required to validate their registration information, particularly their EFT information.

What is an entity?

In SAM, you, your company, business, or organization is referred to as an “entity.” Individuals register themselves or their entity to do business with the U.S. Federal Government by completing the registration process in SAM.

What should entities registered in SAM do to protect themselves and confirm that their bank account information has not been changed?

Entities registered in SAM are advised to log into SAM and review their registration information, particularly their bank account information for Electronic Funds Transfer (EFT) on the financial information page. Contact the supporting Federal Service Desk at, or by telephone at 866-606-8220 (toll free) or 334-206-7828 (internationally) Monday through Friday from 8 a.m. to 8 p.m. (EDT), for FREE assistance. Entities are responsible for ensuring that their information is current and correct in SAM in accordance with paragraph (b) of Federal Acquisition Regulation (FAR) clause 52.232-33 or Title 2 of the Code of Federal Regulations Part 25 (2 CFR § 25.310 and Appendix A), as applicable, and should routinely review such information for accuracy.

Who should entities contact if they find that payments due them from Federal agencies have been paid to a bank account that other than their own?

If an entity suspects a payment due them from a Federal agency was paid to a bank account other than their own, they should contact the Federal Service Desk at, or by telephone at 866-606-8220 (toll free) or 334-206-7828(internationally), Monday through Friday from 8 a.m. to 8 p.m. (EDT), for FREE assistance.

What interim changes have been made to the SAM registration process?

The proactive steps taken by SAM to address this fraudulent activity include requiring an original, signed notarized letteridentifying the authorized Entity Administrator for the entity associated with the DUNS number before a new entity registration will be activated or an existing entity is updated or renewed.

Who should an international entity contact if they are unable to complete the notarized letter process?

Entities not located in the U.S. or its outlying areas should read the international entity instructions posted at the Federal Service Desk that outline procedures and provide links to letter templates. If they have additional questions, international entities should contact the Federal Service Desk at, or by telephone at 866-606-8220 (toll free) or 334-206-7828 (internationally), Monday through Friday from 8 a.m. to 8 p.m. (EDT), for FREE assistance.

Coffee County Water Authority Water Main Extension Project

Sealed Bids for the construction of the Water Main Extension Project will be received by the Coffee County Water Authority, at their office located at 401 East Davis Street, Elba, Al 36323, until 10:00 a.m. local time on July 14, 2017 at which time the Bids received will be opened and read aloud. The Project consists of installing approximately 14,500 feet of 6” PVC water main, 3,700 feet of 3” PVC water main, and necessary appurtenances.

There will be a non-mandatory pre-bid conference, as required by the funding agency, held at the Water Authority Office on July 7, 2017 at 10:00 a.m.

The Issuing Office for the Bidding Documents is: David Hicks and Associates, 406 Dothan Road Abbeville, Al 36310, 334-585-5841, Prospective Bidders may examine the Bidding Documents at the Issuing Office and may obtain copies of the Bidding Documents from the Issuing Office via pick-up or mail upon a non-refundable production cost payment of $100.

Bidding Documents also may be examined at the water authority office, 401 East Davis Street, Elba, Al 36323.

The owner reserves the right to waive any informalities and reject any or all bids.

Bid security shall be furnished in accordance with the Instruction to Bidders.

Bidders shall submit proof of qualifications to perform the Work as described in the Instructions to Bidders.

Owner: Coffee County Water Authority

By: Loftin Martin

Title: Chairman

Date: June 12, 2017

National Security Innovation Summit

The National Security Innovation Summit (NSIS) is coming to Huntsville, July 17-20, 2018.  Department of Defense Tech Scouts will listen to pitches, examine poster board displays, discuss government needs, and chat with innovators during at networking events. Through these connections, innovators will gain feedback and direction, and their innovation might be selected for socialization among government agencies and for fast-track contracting.

The National Security Innovation Summit (NSIS) provides innovators the opportunity to present and showcase their technology; it will connect innovators with funders and support networks to accelerate technology commercialization.  If you are already in business, please contact your local PTAC Procurement Specialist to learn more; if you have not yet started your business, your PTAC specialist will refer you to a Business Advisor at the Alabama SBDC Network.

SBA 8(a) Annual Reviews & Certification

We’ve attached an Annual Review Document Checklist that may be of interest to 8(a) firms. Also, you can find this information on the Certifyknowledge sharing page

As a reminder, any 8(a) firm with an anniversary date of March 22 or later will need to submit their 8(a) Annual Review on Certify.

Questions? Contact your local PTAC Procurement Specialist.

8(a) Annual Review in Certify for Existing Firms Tues, March 20 @2PM-3PM EST Intended Audience:
(District Office/Resource Partners listening in)
Dial-in: 1-877-369-5243 or 1-617-668-3633
Access Code: 0929412##

CyberSecurity Requirements for Government Contractors

The Department of Defense amended the Defense Federal Acquisition Regulation Supplement (DFARS) in 2016 to provide for the safeguarding of controlled unclassified information when residing on or transiting through a contractor’s internal information system or network. OF ARS Clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting, requires contractors to implement National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, “Protecting Controlled Unclassified information in Nonfederal Info1mation Systems and Organizations” to safeguard covered defense information that is processed or stored on their internal information system or network.

Contractors, who self-attest to meeting these requirements, have until December 31. 20 I 7, to implement NIST SP 800-171.

For additional information, please contact your local Alabama PTAC Procurement Specialist, and read the following guidelines:

Guidance for Selected Elements of DFARS Clause 252.204-7012,
“Safeguarding Covered Defense Information and Cyber Incident Reporting”
— Implementing the Security Requirements of NIST SP 800-171

DoD posts all related regulations, policy, frequently asked questions, and resources addressing DFARS Clause 252.204-7012, and NIST SP 800-171, at the Cybersecurity tab at

Contractors must implement and verify security protocols that address these 14 points:

  1. Access Control (Who is authorized to view this data?)
  2. Awareness and Training (Are people properly instructed in how to treat this info?)
  3. Audit and Accountability (Are records kept of authorized and unauthorized access? Can violators be identified?)
  4. Configuration Management (How are your networks and safety protocols built and documented?)
  5. Identification and Authentication (What users are approved to access CUI and how are they verified prior to granting them access?)
  6. Incident Response (What’s the process if a breach or security threat occurs, including proper notification)
  7. Maintenance (What timeline exists for routine maintenance, and who is responsible?)
  8. Media Protection (How are electronic and hard copy records and backups safely stored? Who has access?)
  9. Physical Protection (Who has access to systems, equipment and storage environments?)
  10. Personnel Security (How are employees screened prior to granting them access to CUI?)
  11. Risk Assessment (Are defenses tested in simulations? Are operations or individuals verified regularly?)
  12. Security Assessment (Are processes and procedures still effective? Are improvements needed?)
  13. System and Communications Protection (Is information regularly monitored and controlled at key internal and external transmission points?)
  14. System and Information Integrity (How quickly are possible threats detected, identified and corrected?)

Hurricane Disaster Contracting for Harvey and Irma – The Steps are the Same

For disaster response contracting – fundamentals and follow-through are key

In the aftermath of a disaster, potential contractors swarm to the site hoping for a piece of the clean-up and recovery effort.  For inexperienced players, it can be chaotic, confusing, and cut-throat, as informal subcontracting agreements are made on the ground which may not be enforceable and third-party firms falsely promise no-bid contracts to those who pay big bucks to be on a “priority vendors list” (there is no such list). Government officials in charge of relief efforts are overwhelmed and information may be hard to come by.  What is a small contractor to do?

Know the facts:

  • The Thomas T. Stafford Disaster Relief and Emergency Assistance Act requires FEMA to contract with businesses located in the affected area when feasible and practicable.
  • State and local government agencies control a large proportion of disaster response activities, so many of the contracting opportunities will come through these offices. At the time of a disaster, they may initially rely upon contracts already in place.
  • Potential contractors must be registered in the appropriate federal, state, and/or local databases to be eligible for contract awards.

Take care of the fundamentals:

  • Make sure that you are registered in all applicable databases (see below) and that your company information is accurate, complete (including detailed capabilities listings), and consistent across all the various registrations (i.e., use the same company name, address, numbers, e-mail and web addresses). This will make it easier for government agencies to cross check your information. Note: your SAM registration must match your IRS and DUNS information.
  • Make sure your company is well represented on the internet, with an up to date website that clearly describes the goods and services you offer and (if possible) includes a link to your catalogue. Especially in emergencies, agency buyers may rely on the internet for market research.
  • Actively research to find contract opportunities and then pursue them. See below for information on federal agencies (like FEMA and the Army Corps of Engineers) as well as for state and local agencies in Texas and Florida.

Contact the Alabama PTAC: There are never shortcuts in government contracting.  The Alabama PTAC can help you—at no cost—to take the steps you need to be eligible, to find, and to bid on government contracts.  Disaster recovery is a long process; doing the right things now will position you to take advantage of opportunities that are still weeks or months down the road. 

For Federal government opportunities (FEMA; Army Corps of Engineers):

  • Register with the System for Award Management (SAM) at
    • Complete the Disaster Response Information section in SAM indicating you want to be included in the Disaster Response Registry. The Disaster Response Registry is used by FEMA and The U.S. Army Corp of Engineers to establish their list of contractors that want to provide disaster-response assistance through Federal Government procurement opportunities. Learn more about the Disaster Response Registry.
  • Complete FEMA’s Industry Liaison Program Vendor Profile form and submit it to “”; and
  • Look for contracting opportunities at the following websites:

State and Local Government Contracting

State of Texas:

  • The Texas Division of Emergency Management (TDEM) is the state agency responsible for coordinating damage surveys and the overall recovery process. Visit their website for more information on opportunities related to the Hurricane Harvey recovery effort
  • TDEM and other state agencies, issues notices of procurement opportunities through the Electronic State Business Daily (ESBD) ( for opportunities exceeding $25,000. Monitor the ESBD daily for procurement notices.
  • State agencies use the Centralized Master Bidders List (CMBL) to locate registered contractors to invite them to bid on opportunities by National Institute of Governmental Purchasings (NIGP) Commodity / Services Codes and highway districts.
    • If you are not registered with the CMBL, visit to complete your registration. Be sure to enter all your NIGP codes and indicate the highway districts where you can provide your products and services. The NIGP codes entered and highway districts selected are the prime criteria used to send notices of opportunities to contractors.

Harris County, TX: In order to do business with Harris County as a prime contractor, you must be a registered vendor.

  • Harris County uses BuySpeed Online to manage contractor registrations and post procurement opportunities; visit to register your business with the Harris County Purchasing Department. As disaster-recovery requirements are defined by the county in the upcoming weeks, procurement opportunities will be posted on BuySpeed. Be sure to enter all your applicable NIGP codes.
  • Harris County is currently focused on debris-removal and debris-monitoring services. The purchasing department has existing contracts in place to provide these services. You may contact these companies to inquire if they have subcontracting opportunities.
  • If you have specific questions for the Harris County Purchasing Department, click here to find the Purchasing Department Employee list and / or call 713-274-4400.

City of Houston:  The city of Houston requires that all prime contractors be registered.  Visit the City of Houston Strategic Purchasing Division (SPD) website to register your business and enter your NIGP codes. As opportunities become available, SPD will post them on their website. Registered contractors with NIGP codes matching procurement notices should be notified of the opportunity.  Links at the city of Houston SPD website to visit:

State of Louisiana

When the Governor of Louisiana declares a disaster, the Governor’s Office of Homeland Security and Emergency Preparedness (GOHSEP) activates the Louisiana Business Emergency Operations Center (LABEOC) for disaster response and recovery. Companies registered with LABEOC will be notified of needs as they arise. The LA BEOC, located at 635 Cajundome Boulevard, Abdalla Hall, Lafayette, LA (in the University of Louisiana at Lafayette Research Park) serves as the alternate State Emergency Operations Center (SEOC) in the event the primary SEOC located in Baton Rouge is incapacitated or is unable to activate due to a disaster requiring the evacuation of the Baton Rouge area.  Click here to Register with LABEOC.

The State of Louisiana, Office of State Purchasing, posts all its open bids on the Louisiana Procurement and Contract Network (LaPAC) website.  LaPAC is part of LaGOV.  Click here to register with LaPAC.


State of Florida: The Florida Emergency Supplier Network (FESN), run through the main procurement agency (Florida Department of Management Services), coordinates supplier information for state and local agencies by:

  • Identifying and grouping needed commodities and services by categories
  • Recruiting suppliers to be a resource for the purchase of products and services during declared emergencies
  • Obtaining information from suppliers including their product lists, inventory information, company profile, emergency operations capabilities, emergency and off-hours contact information
  • Issuing a certificate to FESN suppliers as participants in the Florida Emergency Supplier Network
  • Collecting and organizing supplier information and make it accessible to state and local purchasing professionals during emergencies.

Registration with FESN is required (click here for information and instructions).

Some Florida local government agencies also have disaster / emergency vendor registrations. Visit specific Florida County websites for more information.