Search the Community
Showing results for tags 'IT'.
Found 4 results
Newish CO here. I am pre-award with an IDIQ that will have a BOM for a bunch of contractor-provisioned IT COTS hardware (maybe 100 different items, up to $80K unit price). These IT materials are from a dynamic market. Prices, models, features all change quickly. I am being asked by management to get 5-year pricing at the unit level for everything, and incorporate that pricing into the IDIQ. To me, this is a bad idea and a waste of time. My question to you all is - am I right in my assessment? Am I missing something? I see nothing in FAR 16.5 requiring any pricing of any type at the IDIQ level. Pricing and price analysis occurs at the order level. I understand that ceiling unit prices can be established by the IDIQ and found fair and reasonable, so that orders with unit prices at or below those levels are also fair and reasonable automatically, and this greatly speeds up the procurement process. However, this is predicated upon the assumption that the unit prices and things being priced will be stable over time. For example, carpenters and database administrators exist now and are reasonably likely to exist five years from now, and their hourly rates aren't going to change very much between now and then. This is not the case with IT hardware. Basically everything on the IDIQ's BOM has a lifecycle of less than 5 years and prices will change quickly, and by a lot. Also, new stuff comes onto market all the time. So why bother with IDIQ level pricing, you are going to have to do the price analysis per order anyways? If you know now, before award, that the IDIQ unit pricing will be obsolete and therefore can't be used for price analysis in the future, why bother having it? I know I will not win this battle with management, so this is for my personnel edification.
jonmjohnson posted a topic in Proposed Law & Regulations; Legal Decisionshttp://oversight.house.gov/wp-content/uploads/2013/03/FITARA.pdf I was wondering if some of the senior members of this discussion board had any impressions of the proposed legislation. It is a bit different from the initial draft (Summary of changes found here: http://oversight.house.gov/wp-content/uploads/2013/03/FITARA_RevisionsSummary.pdf). One piece of the proposed legislation is the introduction of the "fixed-priced technical competition" that I thought would be of interest to some (Sec. 503). I know that some find IT acquisitions dry as dirt, but IT procurement is something that every agency procurement division manages in some form or fashion, and the implications of this legislation fall beyond IT procurement. Just interested in your impressions. Jon Johnson
The traditional approach to IT service acquisitions is to put a solicitation on the street and evaluate written proposals of how a contractor would design, build, and implement a new IT system. Does anyone have experience or can point me to IT service acquisitions where rather than direct potential contractors to "Tell" us how they'll do something, we direct them to "Show & Tell" us how they do it? In other words, a group I'm working with is exploring the notion of providing a concept paper and 4 databases (web, access, excel, sharepoint, etc...) along with fake data from each and providing potential contractors the time (60-90 days) to provide a live system for us to actually test. In theory, this will minimize the failure rate (typically high) of contractors to deliver on time and within budget, not to mention a viable product. This approach would enable us to see which company can actually do the work and do it the best, and supposing it works, we could provide them with the contract to finalize the system, maintain it, and perform ad hoc upgrades. What I'm looking for are examples across contracting where this has happened or something similar so we can mitigate failure and achieve success. Thanks, Mark
I have an IT contract for cloudbased webhosting services among the many contracts I've inherited recently. IT contracts are new to me, so I don't know if the contract was properly written or not. The contract provides the agency with a definite amount of bandwidth every month. During a distributed denial of service attack (DDoS), the amount of bandwidth the agency uses can easily exceed the amount of bandwidth that the contract allows for. The subject contract provides for overage charges for whenever the agency exceeds the amount of bandwidth provided by the contract on any particular month. My concern with this scheme is that the contract currently does not provide funding for overage charges incurred by the agency. In fact, I have to modify the contract to add funds in order to be able to pay last month's invoice because it included overage charges that the agency had not anticipated. I assume that there should be funding on the contract to cover the overage charges, but how do I estimate something that can vary so significantly from month to month? We have no advance knowledge of when DDoS attacks will occur, or of how many attacks might occur in a month. Since the amount of the overage can be so significant, how do I go about keeping the contract properly funded? Is there a better or more common method of setting up the contract? Another concern I have is that the provider has offered us a type of "protection" plan that for a monthly fee establishes a fee cap on the amount of overage charges the agency would incur during a DDoS attack. The "protection" plan requires the agency to request a service credit after the agency has suffered a DDoS attack. Upon receipt of the agency's request, the provider would credit any overage charges that are in excess of the fee cap established by the "protection" plan. The "protection" plan they're offering seems to have - to some degree - the effect of insurance. Is this type of plan/service considered insurance? If so, are we allowed to purchase these types of "protection" plans? Or is the Government's limitation on purchasing insurance limited only to insurance provided by insurance companies? My last concern with this contract is that the contractor is a FedRAMP compliant cloud service provider (CSP). That's why the agency chose the contractor. The agency's CIO was surprised to learn that bandwidth overage charges could be incurred by the agency during a DDoS attack under this contract. The contractor claims that it provides the agency with DDoS protection (through a third party), but that the additional bandwidth required to keep the agency's websites available during a DDoS attack is not included in the contract price. Does anyone know whether or not a FedRAMP compliant CSP is required to provide DDoS attack protection and additional bandwidth at no additional cost to the Government when there is a contract in place for cloud services? Or is there a more common method the industry employs to allow for excess bandwidth usage in government contracts without additional charges?