The Department of Defense amended the Defense Federal Acquisition Regulation Supplement (DFARS) in 2016 to provide for the safeguarding of controlled unclassified information when residing on or transiting through a contractor’s internal information system or network. OF ARS Clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting, requires contractors to implement National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, “Protecting Controlled Unclassified information in Nonfederal Info1mation Systems and Organizations” to safeguard covered defense information that is processed or stored on their internal information system or network.
Contractors, who self-attest to meeting these requirements, have until December 31. 20 I 7, to implement NIST SP 800-171.
For additional information, please contact your local Alabama PTAC Procurement Specialist, and read the following guidelines:
DoD posts all related regulations, policy, frequently asked questions, and resources addressing DFARS Clause 252.204-7012, and NIST SP 800-171, at the Cybersecurity tab at http://dodprocurementtoolbox.com/.
Contractors must implement and verify security protocols that address these 14 points:
Access Control (Who is authorized to view this data?)
Awareness and Training (Are people properly instructed in how to treat this info?)
Audit and Accountability (Are records kept of authorized and unauthorized access? Can violators be identified?)
Configuration Management (How are your networks and safety protocols built and documented?)
Identification and Authentication (What users are approved to access CUI and how are they verified prior to granting them access?)
Incident Response (What’s the process if a breach or security threat occurs, including proper notification)
Maintenance (What timeline exists for routine maintenance, and who is responsible?)
Media Protection (How are electronic and hard copy records and backups safely stored? Who has access?)
Physical Protection (Who has access to systems, equipment and storage environments?)
Personnel Security (How are employees screened prior to granting them access to CUI?)
Risk Assessment (Are defenses tested in simulations? Are operations or individuals verified regularly?)
Security Assessment (Are processes and procedures still effective? Are improvements needed?)
System and Communications Protection (Is information regularly monitored and controlled at key internal and external transmission points?)
System and Information Integrity (How quickly are possible threats detected, identified and corrected?)
For disaster response contracting – fundamentals and follow-through are key
In the aftermath of a disaster, potential contractors swarm to the site hoping for a piece of the clean-up and recovery effort. For inexperienced players, it can be chaotic, confusing, and cut-throat, as informal subcontracting agreements are made on the ground which may not be enforceable and third-party firms falsely promise no-bid contracts to those who pay big bucks to be on a “priority vendors list” (there is no such list). Government officials in charge of relief efforts are overwhelmed and information may be hard to come by. What is a small contractor to do?
Know the facts:
The Thomas T. Stafford Disaster Relief and Emergency Assistance Act requires FEMA to contract with businesses located in the affected area when feasible and practicable.
State and local government agencies control a large proportion of disaster response activities, so many of the contracting opportunities will come through these offices. At the time of a disaster, they may initially rely upon contracts already in place.
Potential contractors must be registered in the appropriate federal, state, and/or local databases to be eligible for contract awards.
Take care of the fundamentals:
Make sure that you are registered in all applicable databases (see below) and that your company information is accurate, complete (including detailed capabilities listings), and consistent across all the various registrations (i.e., use the same company name, address, numbers, e-mail and web addresses). This will make it easier for government agencies to cross check your information. Note: your SAM registration must match your IRS and DUNS information.
Make sure your company is well represented on the internet, with an up to date website that clearly describes the goods and services you offer and (if possible) includes a link to your catalogue. Especially in emergencies, agency buyers may rely on the internet for market research.
Actively research to find contract opportunities and then pursue them. See below for information on federal agencies (like FEMA and the Army Corps of Engineers) as well as for state and local agencies in Texas and Florida.
Contact the Alabama PTAC: There are never shortcuts in government contracting. The Alabama PTAC can help you—at no cost—to take the steps you need to be eligible, to find, and to bid on government contracts. Disaster recovery is a long process; doing the right things now will position you to take advantage of opportunities that are still weeks or months down the road. http://al-ptac.org/register
For Federal government opportunities (FEMA; Army Corps of Engineers):
Register with the System for Award Management (SAM) at www.sam.gov.
Complete the Disaster Response Information section in SAM indicating you want to be included in the Disaster Response Registry. The Disaster Response Registry is used by FEMA and The U.S. Army Corp of Engineers to establish their list of contractors that want to provide disaster-response assistance through Federal Government procurement opportunities. Learn more about the Disaster Response Registry.
Potential Subcontracting Opportunities with DHS Prime Contractors: Information on large business Prime Contractors who are interested in subcontracting with small, small and disadvantaged, women-owned small, HUBZone-certified, 8(a), veteran-owned small, and service-disabled veteran-owned small businesses, complete with tips on how to pursue subcontracting opportunities with them.
State and Local Government Contracting
State of Texas:
The Texas Division of Emergency Management (TDEM) is the state agency responsible for coordinating damage surveys and the overall recovery process. Visit their website for more information on opportunities related to the Hurricane Harvey recovery effort
TDEM and other state agencies, issues notices of procurement opportunities through the Electronic State Business Daily (ESBD) (http://esbd.cpa.state.tx.us/) for opportunities exceeding $25,000. Monitor the ESBD daily for procurement notices.
State agencies use the Centralized Master Bidders List (CMBL) to locate registered contractors to invite them to bid on opportunities by National Institute of Governmental Purchasings (NIGP) Commodity / Services Codes and highway districts.
If you are not registered with the CMBL, visit https://comptroller.texas.gov/purchasing/vendor/registration/ to complete your registration. Be sure to enter all your NIGP codes and indicate the highway districts where you can provide your products and services. The NIGP codes entered and highway districts selected are the prime criteria used to send notices of opportunities to contractors.
Harris County, TX: In order to do business with Harris County as a prime contractor, you must be a registered vendor.
Harris County uses BuySpeed Online to manage contractor registrations and post procurement opportunities; visit https://bids.hctx.net/bso/ to register your business with the Harris County Purchasing Department. As disaster-recovery requirements are defined by the county in the upcoming weeks, procurement opportunities will be posted on BuySpeed. Be sure to enter all your applicable NIGP codes.
Harris County is currently focused on debris-removal and debris-monitoring services. The purchasing department has existing contracts in place to provide these services. You may contact these companies to inquire if they have subcontracting opportunities.
City of Houston: The city of Houston requires that all prime contractors be registered. Visit the City of Houston Strategic Purchasing Division (SPD) website to register your business and enter your NIGP codes. As opportunities become available, SPD will post them on their website. Registered contractors with NIGP codes matching procurement notices should be notified of the opportunity. Links at the city of Houston SPD website to visit:
When the Governor of Louisiana declares a disaster, the Governor’s Office of Homeland Security and Emergency Preparedness (GOHSEP) activates the Louisiana Business Emergency Operations Center (LABEOC) for disaster response and recovery. Companies registered with LABEOC will be notified of needs as they arise. The LA BEOC, located at 635 Cajundome Boulevard, Abdalla Hall, Lafayette, LA (in the University of Louisiana at Lafayette Research Park) serves as the alternate State Emergency Operations Center (SEOC) in the event the primary SEOC located in Baton Rouge is incapacitated or is unable to activate due to a disaster requiring the evacuation of the Baton Rouge area. Click here to Register with LABEOC.
State of Florida: The Florida Emergency Supplier Network (FESN), run through the main procurement agency (Florida Department of Management Services), coordinates supplier information for state and local agencies by:
Identifying and grouping needed commodities and services by categories
Recruiting suppliers to be a resource for the purchase of products and services during declared emergencies
Obtaining information from suppliers including their product lists, inventory information, company profile, emergency operations capabilities, emergency and off-hours contact information
Issuing a certificate to FESN suppliers as participants in the Florida Emergency Supplier Network
Collecting and organizing supplier information and make it accessible to state and local purchasing professionals during emergencies.
Some Florida local government agencies also have disaster / emergency vendor registrations. Visit specific Florida County websites for more information.
The South Central Alabama Development Commission is seeking minority and female-owned businesses for the attached Requests for Qualifications for CDBG Program Year 2017. aestes
The Department of Defense spends nearly $300 billion annually acquiring systems, goods, and services in support of the nation’s defense. A successful acquisition system is critical to providing warfighting and defense capability.
Section 809 of the National Defense Authorization Act for Fiscal Year 2016 (Public Law 114– 92), as amended by Section 863(d) of the National Defense Authorization Act for Fiscal Year 2017 (Public Law 114–328), established an independent Advisory Panel on Streamlining and Codifying Acquisition Regulations—the Section 809 Panel. By statute, the panel was formed to
Review the acquisition regulations applicable to the Department of Defense with a view toward streamlining and improving the efficiency and effectiveness of the Defense acquisition process and maintain defense technology advantage and
Make recommendations for the amendment or repeal of such regulations that the panel considers necessary to
– establish and administer appropriate buyer and seller relationship in the procurement system,
– improve the functioning of the acquisition system,
– ensure the continuing financial and ethical integrity of defense procurement programs,
– protect the best interests of the Department of Defense, and
– eliminate any regulations that are unnecessary for the above purposes.
Did you know that goals are in place to ensure that small businesses have the maximum practicable opportunity to compete for contracts with the federal government? In fact, each federal agency must set annual goals for participation in its contracts by small businesses and specific groups of small businesses, including woman-owned small businesses (WOSBs) small-disadvantaged businesses (SDBs), HUBZone-certified small businesses and service-disabled, veteran-owned small businesses (SDVOSBs).
Dr. James Galvin, the Acting Director of DoD’s Office of Small Business Programs (OSBP), negotiates DoD-wide small business goals with the Small Business Administration (SBA). Dr. Galvin also assigns specific small business goals to DoD buying commands.
Government-wide Small Business Contracting Goals
The federal government has the following statutory goals for government-wide small business procurement:
23 percent of prime contracts for small businesses
5 percent of prime and subcontracts for WOSBs
5 percent of prime and subcontracts for SDBs
3 percent of prime and subcontracts for HUBZone-certified small businesses
3 percent of prime and subcontracts for SDVOSBs
How Agency Goals are Negotiated and Established
Every year, SBA works with federal agencies to establish small business contracting goals. SBA ensures that the sum total of all of the individual agency goals exceeds the 23 percent target established by Congress.
Here is how the process works:
SBA negotiates with agencies, including DoD, to establish individual agency goals that, in the aggregate, constitute government-wide goals. SBA also negotiates a small business subcontracting goal based on recent achievement levels. SBA establishes the government-wide and agency socio-economic category goals at their statutory levels.
Before the beginning of the fiscal year, SBA reviews agency year-to-date performance and agencies submit their proposed goals to SBA.
SBA’s Office of Government Contracting determines if these individual agency goals, in the aggregate, meet or exceed the government-wide statutorily mandated goals in each small business category.
SBA notifies the agencies of their final agency goals.
DoD Small Business Prime Contracting Goals
DoD’s fiscal year 2017 small business prime contracting goal is 22 percent. In other words, we aim to award at least 22 percent of small-business-eligible prime-contract spending to small businesses in fiscal year 2017. We also have prime contracting goals for WOSBs (5 percent), SDBs (5 percent), HUBZone-certified small businesses (3 percent) and SDVOSBs (3 percent).
In fiscal year 2016, DoD spent more than 60 percent of the federal procurement budget eligible for small businesses.
DoD Small Business Subcontracting Goals
In addition to prime contracting goals, DoD has goals for awarding subcontracting spending to small businesses. Our fiscal year 2017 subcontracting goal is 34 percent. In addition to the overall subcontracting goal, we have subcontracting goals for WOSBs (5 percent), SDBs (5 percent), HUBZone-certified small businesses (3 percent) and SDVOSBs (3 percent).
Component and Agency Small Business Prime Contracting Goals
DoD’s overall fiscal year 2017 small business prime contracting goal is 22 percent, but the Army’s fiscal year 2017 small business prime contracting goal is 26 percent. Because the Army buys a lot of products and services provided by small businesses, e.g., construction, its goal is higher than DoD’s overall goal. The Navy and Air Force have goals that are lower than DoD’s overall goal because they buy a lot of aircraft and ships, which are typically supplied by large businesses.
The chart below identifies the fiscal year 2017 prime contracting goals for 22 DoD buying commands.
Calculation of Achievements
At the end of every fiscal year, SBA measures DoD’s achievements against our goals. SBA requests a report from the Federal Procurement Data Center calculating the prime and subcontract statistical achievements. If we fail to achieve any proposed prime or subcontracting goal, we are required to submit a justification-and-corrective-action plan to SBA.
Small Business Procurement Scorecard
SBA releases an annual scorecard to measure how well federal agencies reach their small business and socio-economic prime contracting and subcontracting goals.
DoD’s fiscal year 2017 grade will be based on the following four factors:
Prime contracting (50 percent)
Subcontracting (20 percent)
Compliance with the requirements of Section 15(k) of the Small Business Act (20 percent)
Comparison of the number of prime contracts awarded to small businesses in fiscal year 2017 versus fiscal year 2016 (10 percent)
DoD Fiscal Year 2016 Scorecard Grade
In fiscal year 2016, DoD exceeded its small business prime contracting goal of 21.26 percent, achieving 22.94 percent. The SBA’s fiscal year 2016 small business procurement scorecard awarded DoD an “A.”
In fiscal year 2016, DoD exceeded three out of five of its small business prime contracting goals.
Civilian Agency Goals
In addition to DoD, SBA negotiates small business procurement goals with 23 civilian agencies. Click here to see the fiscal year 2017 goals for civilian agencies.
Effective October 28, 2016, the System for Award Management (SAM) will no longer support Internet Explorer versions 7 & 8 (IE7 & IE8).
Microsoft announced in January 2016 only the most current version of Internet Explorer (IE) will receive technical support and security updates.
Following our quarterly release on October 28th, we will block users from accessing SAM if they are coming in from an IE7 or IE8 browser. Users will either need to upgrade to a Internet Explorer version of IE9 or higher, or access SAM with another supported browser type (Chrome, Firefox, Safari, etc).
Women-Owned Small Business sole source contracts have moved one step closer to becoming a reality.
Today, the SBA issued a proposed rule implementing the WOSB sole source authority contained in the 2015 National Defense Authorization Act. The relative speed with which the proposed rule was issued suggests that WOSBs could begin receiving sole source awards later this year.
The proposed rule provides that EDWOSBs may receive sole source awards in industries designated by the SBA as “underrepresented” by women. WOSBs may receive sole source awards in industries designated as “substantially underrepresented.” The industry-by-industry limitations are the same as those applicable to competitive EDWOSB and WOSB set-asides.
Under the proposed rule, an agency may make a sole source award in an appropriate industry where: (1) the contracting officer does not have a reasonable expectation that two or more EDWOSBs/WOSBs will submit offers; (2) The anticipated award price (including options) will not exceed $6.5 million for manufacturing contracts and $4 million for other contracts; (3) the EDWOSB/WOSB is responsible; and (4) in the estimation of the contracting officer, the award can be made at a fair and reasonable price.
In the aftermath of a disaster, potential contractors swarm to the site hoping for a piece of the clean-up and recovery effort. For inexperienced players, it can be chaotic, confusing, and cut-throat, as informal subcontracting agreements are made on the ground which may not be enforceable and third-party firms falsely promise no-bid contracts to those who pay big bucks to be on a “priority vendors list” (there is no such list). Government officials in charge of relief efforts are overwhelmed and information may be hard to come by. What is a small contractor to do?
