Monthly Archives: February 2023


Both industry and government officials are expressing concern over a proposed rule that would require every company selling software to federal agencies to provide a “self-attestation letter” declaring that a product adheres to National Institute of Standards and Technology guidance.  We previously flagged the proposed rule for having the potential to substantially increase paperwork and overhead.  Both government offices and contractors seem to now be paying attention and agree with us, according to a recent article in Bloomberg Government.  NASA SEWP Program Manager Joanne Woytek expressed the concerns of some in government saying that the impetus behind the rule is “admirable”, but that it needs to be made “scalable and doable.”  “We’re going to work as best we can,” said Woytek at a recent event, “working with GSA and NIST and others to determine what this policy means and how it might actually operate in a world in which there is not 10 companies but many thousands of companies selling software.” One industry group is pushing for the adoption of a single, standardized form through which attestations can be submitted.   GSA does plan to use a Cybersecurity and Infrastructure Security Agency form that it expects to be available before June on GSA’s website.

This underscores a larger problem with which contractors should be concerned:  GSA’s seeming disregard for the regulatory process.  While the software rule is still technically in the proposed stage, GSA has indicated that it will begin requiring attestation letters in June, potentially moving forward before a rule is finalized or even modified.  Other perceived “goods” are being incorporated into contracts and becoming requirements prior to a rule being issued or made final as well.  The agency, for example, is performing an end-run around the Green House Gas rulemaking process by making compliance with industry standards a way to earn extra points on the Alliant III contract. Since it can’t require companies to meet a rule that doesn’t currently exist, it is offering a carrot approach instead.  This, of course, will mostly benefit larger companies who are already aware of the pending rule and have the infrastructure to support it.  Contractors may want to ensure that their internal and external representatives make any concerns with the bypassing of the rule making process known to GSA, OMB, and Congress.


Most IDIQ contractors know that ordering agencies love to load-up task orders with unneeded, or even conflicting, contract clauses.  It’s an established best practice to pushback at least once to see if extraneous clauses can be removed.  Why should contractors have to comply with more requirements than needed?  The issue of whether extraneous clauses are enforceable has always been a concern.  Certainly, agency IG’s and Department of Justice attorneys believe that they should be.  Now, however, the Federal Circuit Court has offered some hope to Read more


While writing the Week Ahead is a work of love, it is not how Allen Federal spends all of its time.  Did you know that Allen Federal provides expert witness services, contract compliance reviews, help for your legal team in audits and other matters,  strategic business development assistance, and training?  To find out what we can do for you email us at or ask for a copy of our 2023 Capabilities Statement.