It can be difficult to set customer briefings or follow-up meetings
right now as career professionals take time to brief a new wave of political
appointees. Here are three things contractors
should consider now to keep their customer discussions going. 1. Make
sure you have a “hook”: What’s new
or really special about your solution?
How is it different from the last time you briefed the customer you’re
reaching out to now? Whether its new
functionality or the way your solution supports a new operational goal, a
well-defined hook can get you the follow-up or new discussion you seek. 2. Do
you have a new partner to introduce?: A new business partner, whether a
“brand name” company or a specialized small business with a unique talent, can
also catch the interest of an otherwise over-committed customer. Like a hook, a new partner gives you
something different to talk about.
It adds to your previous capabilities, something that can be
attention-getting if those capabilities now align more closely with agency
priorities. New partners can make
your company look dynamic and able to meet a wide array of needs. 3.
Consider an incremental approach:
Some customers may not want to commit to longer-term projects at a
time when new leadership is coming in. Indeed, larger pieces of business may be
subject to review during a transition.
Consider a “start small” proposal that allows your project to get
underway and start showing its worth. Whether
it’s a task order against an existing contract, or a buy made via Simplified
Acquisition Threshold procedures, this approach gets you business now and
positions your firm for any follow-on business.
It may, however, not be the time to talk about “pilot” projects unless
you know your customer will be receptive.
“Pilot” may sound too new.
Overall, understanding what your customer can and can’t do during a
transition time is key to success now and after the transition is complete.
Despite support from the Biden Administration and several Senators, substantial
additional funding for the Technology Modernization Fund (TMF) no longer seems
likely. A lack of Congressional
support for adding $9 billion to the fund as part of a COVID-relief bill became
apparent during the recent confirmation hearing for OMB Administrator-designate
Neera Tanden. The problem with fully funding the TMF is not that Congress
believes that large-scale IT modernization across federal agencies isn’t
needed. Rather, the fund’s
non-agency specific status means that legislators would have to cede control of
where the money is applied, something Congress is always reluctant to do. Appropriating money for specific projects
enables Members and Senators to direct spending and conduct oversight. A general pot of money, not allocated for any
specific initial purpose, is also difficult to account for within current
budget and appropriations rules. Tanden
stated that she was optimistic that other avenues could be found to increase
technology accounts, even if a more traditional agency-by-agency approach was
used. Among her many comments of
support was a statement on pandemic-related IT spending. “We recognize the importance of this
modernization during a global pandemic where we need to make sure that our
agencies’ information and essentially the public’s privacy is protected and
protected well.” Although this, and
other positive statements, indicate that Tanden might be an ally for increased
tech spending, her well-documented reputation for smearing those with whom she
disagrees may want to make contractors think twice about fully engaging with
OMB. Working with specific
customer agencies may be a better approach.
Anecdotal information is emerging about
contractors rushing to meet federal customer needs on an increasingly-wide
range of pandemic-related projects, but failing to ensure that they maintained
compliance with applicable contract terms. We don’t mean to seem school-marmish, but the
reality is that contractors must comply with applicable contract terms and
conditions whether serving a client with an urgent need or in the normal
conduct of business. Additionally,
contractors cannot “assume” that rules were waived. While some waivers have been issued for
pandemic-related acquisitions they are very closely defined. It is important to have those waivers in
your contract file, too, before you cut a corner. The “my customer told me it would be ok”
defense doesn’t work without an actual document to back it up. Experienced contractors know all too well
that customers will also hedge on whether they said something was “ok” if a
compliance issue arises. Remember that
customers are just as wary of their inspectors general as you are. Competitors, too, will be watching. The annals of False Claims Act litigation
show that competitors absolutely know enough about each other’s business to be
suspicious and take action when they believe a violation has occurred. The result could be costly litigation
for your company and/or a hit to your reputation, even though you thought you
were doing your patriotic duty to help a customer in need. Cutting a corner now doesn’t help anyone if
you end up running into a wall later on.
Contractors with existing FedRAMP or
Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) certification
will not have to go through separate Cybersecurity Maturity Model Certification
(CMMC) according to DOD officials. Katie Arrington, the chief information
security officer for Defense acquisitions, was recently quoted in a
NextGov article stating, “I’m going to take any ISO 27001 and provide
reciprocity,” referring to the formal international information security
standard upon which all of the reviews are based. This is good news for contractors that
have already paid third party certification organizations hundreds of thousands
of dollars to show that their systems can safely handle government information. It also means that DOD will have a ready-made
field of companies eligible to compete for projects where CMMC is
required. CMMC safeguards, therefore,
will also be able to be in place in more areas ahead of schedule. There are, of course, some
differences over implementation.
Unlike FedRAMP, which credits companies for submitting a plan of action
and milestones, or POA&M, CMMC will be approving companies based purely on
where they are at the time of review.
Arrington explained, “A CMMC level 3 is a FedRAMP moderate, so if you’re
using a cloud service provider to supplement portions of a CMMC 3, then
absolutely, you need to have the CSP’s certification for the assessor. The
difference between CMMC and FedRAMP is we are not allowing plans of action to
get better, right, you either are or you aren’t.” Still, companies that thought they were
facing significant new costs and delays that could put them at a competitive
disadvantage have to be pleased. Less
spending, faster implementation, and the ability to compete now all place
certified companies in a good place to obtain DOD business.
The federal revolving Technology Modernization Fund (TMF) could get an
injection of $9 billion, and get it quickly, if some lawmakers have their way. Although the fund has struggled to get
sufficient funds to modernize outdated IT systems, including funding in the
next COVID relief package, as key House Democrats have requested, would change
all of that overnight. TMF
projects have been hailed as critical to improving specific systems where they
have been allowed to work.
Agencies must present a business case proposal to a review board. If the review board approves the project, the
agency gets a certain amount of funds from the TMF account that it must pay
back as the benefits from the modernization action begin to show savings. There
is board oversight throughout. The
revolving fund structure is intended to allow many agencies to use the fund for
qualified projects. One key
impediment has been the reluctance of Congress, particularly the Senate, to
fully fund the account, despite an established track record of success. “We must begin to address IT investments now,
or we will continue down the same path as before unable to deliver critical
services to the public at a time when our country needs it the most…” read a
portion of the letter signed by six House Democrats, including Rep. Carolyn
Maloney, D-N.Y., Chairwoman of the House Committee on Oversight and Reform, and
Gerry Connolly, D-Va., Chairman of the House Subcommittee on Government
Operations. Contractors were excited
about working with customer agencies on TMF projects when the fund was
originally created. Some have had good
experiences. Overall, however, the $150
million in the current fund has prevented meaningful larger projects from using
this process to upgrade critical systems.
Contractor interest will undoubtedly be rekindled should the $9 billion
request be enacted. Current
plans show that a COVID relief bill could move as soon as next week under
expedited Senate procedures. Interested
contractors should watch this space.