The Chief Information Officer-Solutions and Partners 4 (CIO-SP4) solicitation has been heavily anticipated by both government and industry, alike. The journey of bringing CIO-SP4 to market has admittedly been a long one, filled with all the expected growing pains of a record setting competitive federal acquisition. With those growing pains, we also have had to contend with a significant rule…
Type: Article
NITAAC is committed to ensuring our contract holders can successfully respond to the Office of Management and Budget (OMB) directives on software attestation and enhancing the security of the software supply chain (M-22-18 and M-23-16). NITAAC supports the use of the CISA common form and encourages all our contract holders to adhere to the deadlines outlined by the OMB. Starting three months…
Type: Article
In February, we informed you about a United States Office of Management and Budget (OMB) memorandum, M-22-18 , that required federal agencies to comply with the guidelines regarding ensuring the safety and integrity of third-party software on federal information technology systems. This memorandum applied to the use of firmware, operating systems, applications, cloud-based software, and general…, Key Dates to Know:, Deadline Extended! , The deadline for collecting forms from software providers has changed. Previously, federal agencies had until June 11 to collect the forms from providers of critical software and until Sept. 14 from providers of non-critical software. This has been extended and agencies are now required to collect self-attestation forms from, critical, software providers three months after the final common form is approved by OMB, under the Paperwork Reduction Act (PRD). In addition to collecting the forms from critical software providers, agencies also must collect self-attestation forms for all software providers six months after the final common form is approved by OMB, under the PRD. The common form clarifies the baseline software…, Alternatives to Attestation:, The self-attestation form also provides an alternative to self-attestation. As an alternative to self-attestation, a software provider may engage a certified FedRAMP third-party assessor organization (3PAO) to confirm that its software complies. , Open Period for Comment:, On April 27, 2023, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a 60-day Request for Comment on a draft version of the secure software self-attestation common form. The request for comments is open until, June 26, 2023, . Contract holders wishing to provide feedback can do so at Regulations.gov . We encourage our Contract Holders to become familiar with these requirements and to provide industry comments on the draft attestation common form. , NITAAC Is Here for You, As more information is provided, NITAAC will be sure to keep you apprised of any changes in the timeline or other deliverables that will have a direct impact on your businesses. To read the Executive Order, visit https://www.nist.gov/itl/executive-order-14028-improving-nations-cybersecurity . To learn more about the OMB Memo, visit https://www.whitehouse.gov/wp-content/uploads/2022/09/M-22-18.…
Type: Article
According to Bloomberg, information technology (IT) continues to be a large source of federal market growth, accounting for more than $76.4 billion dollars. Most of these dollars are typically spent through commodities, solutions, and services purchased from a myriad of companies operating within the United States. But, with so many vendors competing for federal dollars, how can government…, What is fair opportunity?, The concept of fair opportunity is mandated by Federal Acquisition Regulation (FAR) 16.505(b) . It is intended to level the playing field so that agencies cannot give an unfair advantage to one contractor over another. Fair opportunity is a mandatory requirement and is applicable to all federal agencies purchasing IT products and services when using a multiple-award contract. According to the (…, Why is fair opportunity important?, Encouraging competition has a myriad of benefits. Competitive contracting often results in lower overall costs for the government as contractors are more likely to submit more competitive bids to win the business. This results in lower direct public service costs and reduced internal costs. Additionally, competition opens the door for everyone to participate in contracting. According to a recent…, Ensuring fair opportunity in federal contracting, Let’s face it. Most agencies do not have the time or manpower to sort through multiple contracts to ensure every eligible offeror is included. As a result, the federal government still struggles with ensuring parity in contracting. According to a January 2023 FedScoop article, the world’s largest software companies, received at least 25% to 30% of government sales over the last 10 years through…, Leveling the playing field, NITAAC is committed to leveling the playing field for all contractors. In FY22, seven of the top ten performing CIO-SP3 Small Business contract holders were Service-Disabled Veteran-Owned Small Businesses (SDVOSB), 8(a) or Historically Underutilized Business Zones (HUBZone). NITAAC boasts one of the highest numbers of socioeconomic categories compared to most other GWACs. Agencies can award…
Type: Article
The NIH Information Technology Acquisition and Assessment Center (NITAAC) completed its evaluation of proposals in all three phases in accordance with the subject solicitation, including its source selection procedures. The NIH is awaiting the SBA to confirm small business size standards for the apparent successful offerors, while we continue to perform our responsibility checks in accordance…, “preliminary” notice of apparent successful offerors, until such time that we can post the actual apparent successful offeror notice. This “preliminary” listing may not yet be comprehensive and complete. All CIO-SP3 GWACs are valid through 10/29/23.
Type: Article
Are you ready to support your agency with the best prices on notebooks, desktops, tablets and thin client / zero client products? , NITAAC GSS V8, offers many options to meet mission needs, including enabled security, upgraded memory/storage, imaging, docking stations, warehousing, asset tagging and more. GSS solutions also are EPEAT, Energy Star, Section 508, and Trade Act Agreement Compliant and offer 45 days or less delivery and extended warranty options.
Type: Article
NITAAC has once again received their, 801 Certification, for fiscal year 2023. We will continue to provide Assisted Acquisition Services to the Department of Defense (DoD), without the need for a waiver. The DoD has the option of making direct awards on our three BIC GWACs or using our Assisted Acquisition Services to serve as their Contracting Office to award and administer task or delivery orders on our IT GWACs.
Type: Article
The IT Industry is experiencing shortages of microprocessors and key components of many types of IT equipment due to global supply chain issues. This is causing delays for end items and the performance of some services and orders. NITAAC urges customers to review their IT needs and anticipate slower than normal delivery and delayed performance of their requirements. We suggest placing orders as…
Type: Article
I am sure you are all familiar with the story of the tortoise and the hare. As the fable goes, the tortoise and hare were in a race. Considering himself a shoo-in for the win, the hare approached the race at full speed and, when he found himself well ahead of the tortoise, stopped to take a nap. Meanwhile, the tortoise kept running slowly, but steadily, until he passed right by the hare and,…
Type: Article
Late last year, the United States Office of Management and Budget (OMB) published a memorandum, M-22-18 , that required federal agencies to comply with the guidelines regarding ensuring the safety and integrity of third-party software on federal information technology systems. This memorandum applied to the use of firmware, operating systems, applications, cloud-based software and general…, June 11, 2023:, NITAAC deadline to collect self-attestation forms from critical software providers., September 14, 2023:, NITAAC deadline to collect the forms from all software providers on the NITAAC networks., TBD:, If needed, NITAAC will request a software bill of materials or other artifact(s) that demonstrate conformance with secure software development practices. You will hear more from NITAAC as we get additional clarity, however, I wanted you to know you are not in this alone. I understand that this request presents several challenges on your end, in terms of staffing and the additional labor…
Type: Article
U.S. Department of Health & Human Services
