Jump to content
The Wifcon Forums and Blogs

Recommended Posts

We support several highly complex information technology service acquisitions for custom law enforcement centric technologies which support investigations, etc. The IT engineers and architects that support and these systems require high level clearances and they are not using commercial systems or anything that would be considered a minor modification to a commercial system in developing their custom enhancements to this non-commercial system. In buying the services for the development and maintenance of this system, higher level reviewers are indicating that they are commercial services if the IT labor categories can be found on GSA IT 70. I disagree. In my experience, determining whether a service is commercial is an exercise in reading through the commercial item determination in FAR part 2.101 and defending whether or not the current requirement falls within that definition. Based on paragraph 5 of the definition (excerpt pasted below), I would argue that the services are not commercial. I pointed out that the availability of the labor category alone does not support a determination that the services are commercial, especially considering that CIO-SP3 for example supports both commercial and non-commercial task orders but uses the same labor categories for either. I have also pointed out that my biggest concern is the commercial changes clause where every change must be mutually agreed upon. In technologies where we cannot leave it up to the commercial market to decide whether or not they would want to implement a change to our requirement, this presents a risk and we have experienced the consequence of that risk recently. The response was "well this almost never happens". Without comparing every commercial clause to every non-commercial equivalent, what are some other considerations we need to address when understanding the risk of commercial vs non-commercial? What am I missing? 

(5) Installation services, maintenance services, repair services, training services, and other services if-

                (i) Such services are procured for support of an item referred to in paragraph (1), (2), (3), or (4) of this definition, regardless of whether such services are provided by the same source or at the same time as the item; and

                (ii) The source of such services provides similar services contemporaneously to the general public under terms and conditions similar to those offered to the Federal Government;

Link to post
Share on other sites
10 hours ago, MistyLW said:

[W]hat are some other considerations we need to address when understanding the risk of commercial vs non-commercial? What am I missing? 

Why bother making such an assessment? FAR 12.102, Applicability, states:

Quote

 (a) This part shall be used for the acquisition of supplies or services that meet the definition of commercial items at 2.101.

Emphasis added.

Thus, if the services are, in fact, commercial items, then there is no choice. Any assessment of risk would not be dispositive, unless you are hoping to persuade others to ignore the FAR because you think compliance would be too risky.

I suggest that you stay focused on the question of whether the services are or are not commercial items. If they are, then the case is closed.

Why not issue a Request for Information (RFI), see FAR 15.201(e), that describes the services you're talking about, and ask industry for input as to whether they think the services are or are not commercial items as defined in FAR 2.101?

You say:

Quote

I have also pointed out that my biggest concern is the commercial changes clause where every change must be mutually agreed upon. In technologies where we cannot leave it up to the commercial market to decide whether or not they would want to implement a change to our requirement, this presents a risk and we have experienced the consequence of that risk recently. 

Well, then, when you issue your RFI you can also ask if a changes clause more like the one at FAR 52.243-1, Alt. 1, is used in commercial contracts for such services. If so, then you can tailor the changes provision in FAR 52.212-4(c) pursuant to FAR 12.302(a) and include the FAR changes clause, or one similar to it.

Or, if the use of the FAR changes clause would be inconsistent with commercial practice, you can, pursuant to FAR 12.302(c), request a waiver allowing you to use a FAR-type changes clause. See, for example, Crescent Helicopters, GAO B-284734, May 30, 2000, in which the agency obtained a waiver in accordance with FAR 12.302(c) with regard to pilot and mechanic qualification, even after issuance of its RFP.

There may be some advantages to procuring such service requirements under FAR Part 12. A number of firms in the private sector buy "highly complex information technology service[s]." Some of them employ high-level security procedures.

Part 12 might even save your agency some money.

Link to post
Share on other sites
15 hours ago, MistyLW said:

I disagree. In my experience, determining whether a service is commercial is an exercise in reading through the commercial item determination in FAR part 2.101 and defending whether or not the current requirement falls within that definition.

This caught my eye and as such my comment extends the thoughts of Vern Edwards.

I see no reference in your points to "market research".  By my read of FAR part 10 market research is required for any need procured through a GWAC where such need is non-commercial.

Link to post
Share on other sites

We have conducted market research and as a follow up, I have also reached out to industry asking them to provide equivalent labor categories on their commercial contracts, ensuing that their commercial contract supports the security requirements and asking them to respond to the following questions:

  1. Based on your understanding of the these requirements, do you believe that the services are or are not commercial services? Why?
  1. Is GSA IT 70 the best contract to support these requirements? What are the benefits and risks (to industry and the Government) in comparison to CIO-SP3? Are there terms and conditions in either contract which would make them incongruent with our requirements?

I'm still waiting for the responses.

Link to post
Share on other sites
17 hours ago, MistyLW said:

[T]they are not using commercial systems or anything that would be considered a minor modification to a commercial system in developing their custom enhancements to this non-commercial system.

Emphasis added.

I wonder what you mean by "commercial systems." What systems are those? Hardware systems? Software systems? Work process systems? Work procedure systems?

If you can show that the methods (hardware, software, processes, and procedures) that the contractors must use when rendering their services to the Government are not in use in the commercial sector, then I think you have a pretty good argument that the services are not commercial in nature. I don't think that the labor categories used, in and of themselves, are a sufficient basis for a commercial item determination. I think you have to consider methods of performance.

Can you show that? Can you prove it?

I'm not asking you to answer. I don't care. I'm just suggesting that you ask yourself those questions. Government personnel love to distinguish their work by saying that it involves "highly complex" or "large and highly complex" acquisitions. But there are plenty of large and highly complex acquisitions in the commercial sector. If labor categories are not enough for a determination, neither is complexity.

I suspect that your position is dubious, but I doubt that I know as much about IT as you. So I hope that your agency listens to you with an open mind and that you make a good argument. 

Link to post
Share on other sites
22 hours ago, MistyLW said:

higher level reviewers are indicating that they are commercial services if the IT labor categories can be found on GSA IT 70.

I've both received and (self-servingly) presented this argument, which is false.

Its not the classification (labor category) of the workers that matter, its the thing being worked on.

Counter-factual 1: Let's say the service is off-the-chart obviously non-commercial.   Updating the on-board guidance system for the AMRAAM medium-range air-to-air missile in response to recently discovered PLA ECM tomfoolery.  We agree this is non-commercial, right?

Well,  it so happens that the AMRAAM guidance system is written in the software language ADA.  So you hire someone to write the code.  Computer Programmers, even those who specialize in ADA for avionics,  and have TS/SCI, exist on Schedule 70.  This fact, rather than making this project a commercial service, is irrelevant.

Counter-factual 2: Are there any IT services which don't have the applicable IT categories on schedule 70?  I think the answer is no.  No matter what you are doing, you can find a generic broadly scoped LCAT somewhere on FSS 70 that's a fit.  You want to exploit a CNI-planted backdoor in Mexican cellular networks to geo-locate narcos based on their social media uploads?   What you need is a SME IV, available on FSS 70.  Commercial.  

 

Link to post
Share on other sites

General,

You are right.

The real question is whether services to exploit a backdoor in Mexican cellular networks to geo-locate narcos based on their social media uploads are of a type--

  • offered and sold competitively in substantial quantities in the commercial marketplace; AND
  • based on established catalog or market prices for specific tasks performed or specific outcomes to be achieved and under standard commercial terms and conditions. 

Market research will answer that question, one way or the other, right?

It seems to me that the FAR definition of commercial services is routinely ignored by practitioners and reviewers -- I wonder why that is.

Link to post
Share on other sites
2 hours ago, ji20874 said:

Market research will answer that question, one way or the other, right?

In all seriousness, there are thriving markets for any and all types of cyber attacks and information collection - tools, methods, data, techniques, Cyberwar-As-A-Service, you name it.  That joke about spying on Mexican narcos?  That's a commercial service.   Hacking into encrypted iPhones?  Cellebrite (private company) can do it, but not the NSA.  Its all commercial.  My guess is anything 'investigation' related or otherwise that involves gathering and/or analyzing digital information is commercial.  I also think we (GVT) should not treat these services as commercial, even if they are.

 

 

 

Link to post
Share on other sites

But are they sold based on established catalog or market prices for specific tasks performed or specific outcomes to be achieved and under standard commercial terms and conditions?

If YES, then they are commercial services.  If NO, they are not.  That's the definition.

Link to post
Share on other sites
4 hours ago, General.Zhukov said:

In all seriousness, there are thriving markets for any and all types of cyber attacks and information collection - tools, methods, data, techniques, Cyberwar-As-A-Service, you name it.  That joke about spying on Mexican narcos?  That's a commercial service.   Hacking into encrypted iPhones?  Cellebrite (private company) can do it, but not the NSA.  Its all commercial.  My guess is anything 'investigation' related or otherwise that involves gathering and/or analyzing digital information is commercial.  I also think we (GVT) should not treat these services as commercial, even if they are.

It is frankly hard for me to imagine any IT service that would not be "of a type" that is sold commercially at market prices. DOD conducted its Joint Enterprise Defense Infrastructure (JEDI) cloud acquisition as commercial, and that is to be used to support combat operations, among other things. I think it's the nature of the work that matters, the "type" of work, not the purpose.

I remember speaking at a conference conducted 20 years ago by the Forest Service and the Department of the Interior Office of Aircraft Services about wildfire aircraft operations and telling them that flight operations for smoke jumpers were a commercial item. I thought they were going to have a fit. No way flying smoke jumpers to deploy for firefighting operations was commercial! Then I said, "Are you kidding me? Go to almost any rural airport in America on a weekend and they're dropping parachutists out of airplanes like crazy and from much higher altitudes. And have you seen what Hollywood is doing with aircraft lately?" They became very quiet. They've been buying those services as commercial ever since, and glad of it.

The fact is that the definition of commercial services is so broad that it encompasses almost any "type" of work that you can think of. The commercial market is much bigger and more vibrant that the government market. Heck, they're getting ready to take ordinary people into space. Some commercial companies are guiding tourists to the summit of Mt. Everest. And market prices are just the prices that companies charge for those types of services. Elon Musk and Richard Branson are going to charge market prices for a trip to low earth orbit pretty soon, and someday for a trip to the Moon. Musk is doing stuff with commercially developed launch vehicles that NASA only dreamed of.

Sooner or later, everything is commercial. Even war. Every hear of Mike Hoare?

https://www.nytimes.com/interactive/2020/12/23/magazine/mike-hoare-failed-coup.html

Link to post
Share on other sites

Now I understand I am out of the loop of sorts.  But again playing off the comments I really do wonder if asking a contractor -What do you think are the services commercial or non? - is nuts.  After all if I can be your service supplier and not have to do certified cost pricing data how do you think I would want you to buy my services?   Isn't it less risky for me the contractor if commercial?

 

I hope the OP lets us know what kind of responses come in!

Link to post
Share on other sites

Don't simply ask if it is commercial.  Rather, rely on the already-existing definition -- ask (1) if the service is offered and sold competitively in substantial quantities in the commercial marketplace; and (2) if such sales are based on established catalog or market prices for specific tasks performed or specific outcomes to be achieved and under standard commercial terms and conditions -- and ask for examples of both (1) and (2).  If the answers are universally YES and YES, then it is commercial.  If either answer is universally NO, then it is not commercial.  If you get a hodgepodge of answers, then call it one way or the other and proceed.

Note:  The FAR definition is a single sentence -- I broke it into a (1) and (2) for clarity and to force consideration of each element of the sentence separately.

Link to post
Share on other sites

I agree that relying on industry to tell us whether a service is commercial or non-commercial is risky considering the balance of leverage seems to shift in favor of the contractor with commercial and in favor of the Government if non-commercial. We received two responses:

Response from Contractor A (an incumbent supporting the program): (In short) "We do not believe these are commercial items.  Several things being developed have not been done before and do not have a standard schedule pricing.  In particular, some facets of the data infrastructure that we are developing now for the program are pushing the limits of the open source graph database beyond what has ever been published and is essentially extending and creating new capability. I do not think that you can acquire those types of services as commercial items." 

Response from Contractor B (not an incumbent but a witness to a summary of the description of work): "The services being procured to support the program are commercial services. The description states: "The Contractor shall use the Government-provided virtual environment including development workstations, development integration, testing and production. The Government will provide and support these environments, which are hosted in cloud service provider infrastructure, currently Amazon Web Services (AWS). The Government will provide and support the infrastructure.” The nature of the “virtual environments” listed above are arguably and reasonably commercially available items, because the virtual environments aren’t exclusive for Government use. In addition, the virtual environment and its tools within the environment reside in AWS, which is a commercially available item in the commercial marketplace used by the general public or non-governmental entities for purposes other than governmental purposes as well. Despite the modifications that the program has received to be tailored for Government use and purpose, FAR 2.101 outlines that there can be minor modifications as long as it does not “significantly alter the nongovernmental function or essential physical characteristics of an item”.  They later state that CIO-SP3 is a better vehicle to support the requirement because CIO-SP3 has a "scope covering all things IT and boasts the capabilities of its contractors within many cutting-edge technological areas, including cloud. In a comparison on contractor pools across various IT contract vehicles, the Government can be assured that the requirements for CIO-SP3 were some of the most rigorous, especially in comparison to the requirements for award on a GSA Schedule.  Additionally, CIO-SP3 allows for all order types, the inclusion of unique professional skills other than the standard CIO-SP3 labor categories, as well as ODCs and out of scope services to be added at the task order level at the ordering agency’s discretion, with no changes to the master contract or additional tracking at the task order level. For this requirement, given the specialized nature of the labor categories we would recommend that CIO-SP3 would be a better fit because in accordance with H.1.1 Unique Professional Skills of the CIO-SP3 contract offerors could respond to those exact labor categories provided by your organization when asking for feedback on labor categories. This would eliminate the need for trying to map these skills to existing labor categories on GSA MAS or the standard CIO-SP3 labor categories which may not be the best fit."

The last sentence of the second response seems to contradict his conclusion that it would be commercial (if we consider just the labor categories), however, CIO-SP3 does support both contract types (which is why I think the labor category availability in the commercial sector is a feeble argument. I am not familiar with any IT labor category that is not available in the commercial world. That would mean no IT service should ever be purchased using noncommercial procedures).   

I did ask the technical folks to "show that the methods (hardware, software, processes, and procedures) that the contractors must use when rendering their services to the Government are not in use in the commercial sector", however, I think the decision has already been made by the higher level reviewers for this requirement. 

 

Link to post
Share on other sites
8 hours ago, Misty said:

, I think the decision has already been made by the higher level reviewers for this requirement. 

There you have it, throw the guiding principles out the window and just let higher level approvers guide the procurement.

So.Much.Wasted.Time!

Link to post
Share on other sites
On 4/1/2021 at 8:24 PM, Don Mansfield said:

Why? What's the benefit of treating them as noncommercial?

Hmm, yes, you are right, I change my mind.  Do it commercial, so long as I can make the contract reflect the inherently very-high-risk nature of that type of work.  For example, ensuring (contractual) hellfire will reign down upon the contractor in the event of a data breach.  Honestly, I don't know why federal contracting has such a bright line between commercial vs. non-commercial (although I am 100% sure somebody reading this does know why).   

Link to post
Share on other sites
2 hours ago, General.Zhukov said:

Honestly, I don't know why federal contracting has such a bright line between commercial vs. non-commercial (although I am 100% sure somebody reading this does know why). 

@General.ZhukovI don't know why you think there is a "bright line." The distinction between commercial and noncommercial is anything but "bright." It's quite dim and fuzzy, in fact. That's the problem.

Commercial items policy is an exception to standard contracting laws, regulations, and contract terms. The policy was established by statute in 1994. The goal was to simplify contracting processes and contract clauses in order to make government contracts more attractive to commercial firms that otherwise wanted nothing to do with them.

If you study (not just read) the Federal contracting rules you will notice a pattern: rule and exception. Congress enacts a law or the executive branch establishes a policy that is considered onerous but necessary. However, it is either recognized at the outset or determined over the course of time that the policy is not always appropriate, so exceptions are made.

A good example is the set of rules in FAR 15.403 about requiring the submission of certified cost or pricing data, which includes the exceptions listed in FAR 15.403-1. Other examples are exceptions to the requirement to seek full and open competition, exceptions to the application of socio-economic policies; exceptions to the requirement to impose cost accounting standards, etc.

Other Transaction Authority (OTA) is one very big exception to the requirement to comply with the FAR.

Some exceptions are established when a new rule is imposed; others are developed over the course of time. Some exceptions are discretionary; others are imposed. For an example of a discretionary exception, see FAR 5.102(a)(5) about the availability of solicitations. For an example of an imposed exception, see FAR 15.403-1(b)(1) about adequate price competition.

It tends to be the case that applications of exceptions are controversial, because they free contractors from what what Congress and executive agency officials otherwise consider to be important obligations and frees agencies from the use of procedural safeguards. They are controversial because they rest on fuzzy distinctions and because the discretion to apply them is rarely if ever unfettered. Thus, the application of the adequate price competition exception to the requirement to obtain certified cost or pricing data has historically been very controversial, because Congress has thought that such data were essential to fair and reasonable pricing, and because the adequacy of price competition has always been a matter of judgment within limits.

The application of the commercial items exception has occasionally been controversial. Consider, for example, the Air Force's mid-1990s decision to declare the C-130J aircraft a commercial item. It caused quite a fuss, was ultimately reversed, and resulted in legislation limiting the application of commercial items policy to some kinds of DOD acquisitions. However, it made sense to some people based on the "of a type" standard in the definition of commercial items. Unfortunately for the Air Force, it made no sense at all to Senator John McCain:

Quote

Any rational observer knew that there was no possible way that there was going to be any commercial airline going to purchase a C-130J. Indeed, none did, and none has shown any intention of doing so. But using this cover in collusion with Lockheed Martin, the contract was let under FAR Part 12 which relieves both the manufacturing company and the DOD from any accountability of any significant amount. In other words, the regular acquisition checks, the audits, et cetera, are waived because of that kind of contract.

A lot of people want "bright lines" when it comes to exceptions to standard rules and "acquisition checks." Unfortunately, dim and fuzzy concepts like "commercial items" don't have bright and sharp lines.

Link to post
Share on other sites
On 4/6/2021 at 8:20 PM, C Culham said:

There you have it, throw the guiding principles out the window and just let higher level approvers guide the procurement.

So.Much.Wasted.Time!

I have never had a job in contracting where there wasn't a "staff" that could overrule a contracting officer. They usually worked for the chief of the contracting office. When I was a chief of a contracting office the staff that reviewed my determinations worked for the head of the contracting activity. In my experience the existence of "sfaff" was simply a fact of life. I always saw my job as crafting an argument in support of my determinations. The guiding principles don't eliminate the need to craft arguments.

Link to post
Share on other sites
19 hours ago, Vern Edwards said:

I have never had a job in contracting where there wasn't a "staff" that could overrule a contracting officer. They usually worked for the chief of the contracting office. When I was a chief of a contracting office the staff that reviewed my determinations worked for the head of the contracting activity. In my experience the existence of "sfaff" was simply a fact of life. I always saw my job as crafting an argument in support of my determinations. The guiding principles don't eliminate the need to craft arguments.

No exception here but I would be most interested in who the "reviewer" is.  An HCA staff person who in fact has the authority to sign everything including the contract who offers a convincing argument or some "staff" who says this is what it is and essentially forces a CO to sign something they disagree with?

Link to post
Share on other sites

@C CulhamWhere I worked in the 1970s and early 1980s, there was a hierarchy. Contract specialists (CS) were GS-12s. Contracting officers (CO) were GS-13s. They were assigned to system program offices (SPO). Each SPO had its own contracting office, headed by a "director," usually a lieutenant colonel or GS-14 or GS-15. The contracting director worked for the program manager (PM), a colonel or brigadier general. The Chief of the Contracting Office was a colonel who headed a "staff," which included several offices, such as operations, pricing, statement of work review, contract writing office, and a contract review committee ("the Committee".) The Committee was headed by a GS-15 and staffed by GS-14s. Everybody worked for a lieutenant-general (three stars). There was also a Staff Judge Advocate (JA), a colonel, who had a staff of military and civilian attorneys.

Every action (award or modification) above a certain dollar value had to undergo two reviews: JA and the Committee. If either review found fault with a file they could halt the action until the fault was corrected simply by withholding approval. A finding could be appealed to the Chief of the Contracting Office or the Staff Judge Advocate, but such appeals were not welcomed and were rarely successful.

It was rare that a file would get past the Committee without the need for some corrective action. (JA reviews were generally much easier.) COs would gnash their teeth, but they respected the Committee. The Committee were detailed and meticulous, but they respected a rational argument, even if they didn't agree. The problem was that they were so knowledgeable you just couldn't get anything past them. They were legendary.

If the dollar value of an action was high enough that the action required approval of the command four-star or the service Secretary, there was also a command-level committee, but they were not as tough.

One of the things that made DOD contracting so challenging when I started was the discipline and quality control. Every service had such a "staff" review process for significant actions. I'm sure they still do, at least at some places. The most famous contracting professional who ever lived was one of those staffers, the late Gordon Wade Rule of the Navy, who was so famous that "The New York Times" wrote a long story about him, authored by the reporter Brit Hume. Bob Antonio has mentioned him and has posted some of his writings here at Wifcon. Here is one of his obituaries:

https://www.washingtonpost.com/archive/local/1982/08/12/navy-procurement-official/a6cf2fdc-3da1-4c6b-9b10-b56aad035524/

And you may have read this blog post by Bob:

http://www.wifcon.com/discussion/index.php?/blogs/entry/3279-a-contracting-officer-in-the-midst-of-a-maelstrom/

While complaints about bureaucracy and staffers are commonplace---and I've made them---a good staff and a staff good review process is worth its weight in gold, especially these days, when the government does not provide contract specialists with the professional education or require the knowledge and experience that it once did as a prerequisite to CO appointment.

Link to post
Share on other sites

It was the OSDBU that pushed for use of GSA schedule, despite the fact that there is no reasonable expectation that two small businesses, even on GSA schedule, can successfully perform the work. CPO signature on our procurement strategy included a contingency that requires use of GSA schedule which means that it will be commercial, whether or not we can defend a position that it is not commercial (again, per my initial post, I wish we had addressed commerciality in step one but it's not part of our local process and I am running against the argument that anything with IT labor categories that can be found in the commercial world are commercial IT services). As the CO, I was not invited to the conversation with CPO and OSDBU but I was told that it was political and to "let it go".  From the questions that were presented, it sounded like OSDBU was off in left field somewhere. I voiced my concerns and stated my position but it sounds like it is not a CO decision.

Link to post
Share on other sites
On 4/9/2021 at 6:45 AM, Vern Edwards said:

a good staff and a staff good review process is worth its weight in gold

And so it appears a good "politician" is as well or more importantly a directed contract to get the gold!

Link to post
Share on other sites
Just now, Vern Edwards said:

@C CulhamUhhh, Carl, I don't understand your sentence or the point you are making with respect the comment that you quoted. What do good staff have to do with politicians? What do you mean by "directed contract"?

Reference the most current post by Misty.....................

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...