VA awards $31.9M contract for technical evaluation security testing to MAVARIS LLC

Contract Overview

Contract Amount: $31,905,535 ($31.9M)

Contractor: Maveris LLC

Awarding Agency: Department of Veterans Affairs

Start Date: 2024-09-27

End Date: 2026-09-26

Contract Duration: 729 days

Daily Burn Rate: $43.8K/day

Competition Type: FULL AND OPEN COMPETITION

Number of Offers Received: 4

Pricing Type: FIRM FIXED PRICE

Sector: IT

Official Description: TECHNICAL EVALUATION SECURITY TESTING (TEST)

Place of Performance

Location: MARTINSBURG, BERKELEY County, WEST VIRGINIA, 25401

State: West Virginia Government Spending

Plain-Language Summary

Department of Veterans Affairs obligated $31.9 million to MAVERIS LLC for work described as: TECHNICAL EVALUATION SECURITY TESTING (TEST) Key points: 1. Contract focuses on critical security testing services for the VA. 2. The award was made under full and open competition. 3. The contract duration is 729 days. 4. The contract type is Firm Fixed Price, which shifts risk to the contractor. 5. The North American Industry Classification System (NAICS) code is 541511, indicating custom computer programming services. 6. The award was a delivery order, suggesting it's part of a larger indefinite-delivery/indefinite-quantity (IDIQ) contract or a similar vehicle.

Value Assessment

Rating: good

The contract value of $31.9 million for approximately two years of technical evaluation security testing appears reasonable given the specialized nature of cybersecurity services. Benchmarking against similar contracts for security testing and IT support within the federal government would provide a more precise value-for-money assessment. The firm fixed-price structure suggests that the government has a clear understanding of the scope and expects predictable costs, which is a positive indicator for cost control.

Cost Per Unit: N/A

Competition Analysis

Competition Level: full-and-open

This contract was awarded under full and open competition, indicating that all responsible sources were permitted to submit offers. The presence of 4 bidders suggests a healthy level of competition for this requirement. This competitive environment is generally expected to drive better pricing and service quality as contractors vie for the award.

Taxpayer Impact: Full and open competition benefits taxpayers by ensuring that the government receives the best possible value through a wide range of offers and potentially lower prices due to competitive pressures.

Public Impact

The Department of Veterans Affairs (VA) will benefit from enhanced cybersecurity through rigorous technical evaluation and security testing. This contract supports the delivery of essential IT security services to protect sensitive veteran data. The services are primarily located in West Virginia (WV). The contract supports the IT workforce, likely requiring skilled cybersecurity professionals.

Waste & Efficiency Indicators

Waste Risk Score: 50 / 10

Warning Flags

Potential for scope creep if testing requirements are not clearly defined upfront.
Dependence on contractor expertise for accurate and thorough security assessments.
Risk of vendor lock-in if specialized knowledge is developed solely by the contractor.

Positive Signals

Firm Fixed Price contract type minimizes cost overrun risk for the government.
Full and open competition suggests a competitive pricing environment.
The contract is for essential security testing, directly supporting VA's mission.
The award was made to MAVARIS LLC, a specific contractor whose past performance would be a key factor.

Sector Analysis

This contract falls within the broader IT services sector, specifically focusing on cybersecurity and custom computer programming. The market for cybersecurity services is robust and growing, driven by increasing cyber threats and regulatory requirements. The VA's spending in this area is significant, reflecting the critical need to protect veteran health and personal information. Comparable spending benchmarks would involve analyzing other federal contracts for similar security testing and IT assessment services.

Small Business Impact

The data indicates that this contract was not set aside for small businesses (ss: false, sb: false). Therefore, there are no direct subcontracting implications for small businesses arising from a small business set-aside. The primary contractor, MAVARIS LLC, will be responsible for fulfilling the contract requirements, and their approach to subcontracting, if any, would be a separate consideration.

Oversight & Accountability

Oversight for this contract will likely be managed by the contracting officer and the program office within the Department of Veterans Affairs. Accountability measures are typically embedded in the contract terms, including performance standards and delivery schedules. Transparency is facilitated through contract award databases like FPDS. Inspector General jurisdiction would apply if any fraud, waste, or abuse is suspected.

Related Government Programs

VA IT Modernization
Cybersecurity Services Contracts
Custom Computer Programming Services
IT Security Assessment and Testing

Risk Flags

Potential for undefined scope leading to cost overruns or performance issues.
Reliance on contractor expertise may limit internal knowledge transfer.
Cybersecurity threats are constantly evolving, requiring adaptable testing methodologies.

Frequently Asked Questions

What is this federal contract paying for?

Department of Veterans Affairs awarded $31.9 million to MAVERIS LLC. TECHNICAL EVALUATION SECURITY TESTING (TEST)

Who is the contractor on this award?

The obligated recipient is MAVERIS LLC.

Which agency awarded this contract?

Awarding agency: Department of Veterans Affairs (Department of Veterans Affairs).

What is the total obligated amount?

The obligated amount is $31.9 million.

What is the period of performance?

Start: 2024-09-27. End: 2026-09-26.

What is MAVARIS LLC's track record with the federal government, particularly with the Department of Veterans Affairs?

Assessing MAVARIS LLC's track record requires a review of their past federal contract performance, including any awards, past performance evaluations, and any reported issues or disputes. Specifically for the VA, understanding their history with similar IT security or programming contracts would be crucial. Data from contract databases often includes past performance information, which can indicate reliability, quality of work, and adherence to schedules and budgets. A positive track record with the VA would increase confidence in their ability to successfully execute this new $31.9 million contract.

How does the $31.9 million contract value compare to similar technical evaluation security testing contracts awarded by the VA or other federal agencies?

To benchmark the $31.9 million contract value, one would compare it against similar contracts for technical evaluation and security testing services awarded by the VA and other federal agencies over the past 1-3 years. Key comparison points include contract duration, scope of work (e.g., penetration testing, vulnerability assessments, code reviews), and the specific technologies or systems being tested. If this contract represents a higher per-year cost than comparable contracts, it might warrant further investigation into the specific requirements or market conditions. Conversely, if it aligns with or is lower than benchmarks, it suggests reasonable pricing.

What are the primary risks associated with this contract, and how are they being mitigated?

Primary risks for this contract include potential technical challenges in executing complex security tests, the risk of discovering critical vulnerabilities that require immediate and costly remediation, and the possibility of the contractor failing to meet performance standards. Mitigation strategies often involve clearly defined scope of work, robust testing methodologies, regular progress reporting, and performance-based payment schedules. The firm fixed-price nature of the contract also shifts some financial risk to the contractor. The VA's oversight and the contractor's own quality assurance processes are critical for managing these risks.

How effective is the firm fixed-price (FFP) contract type in ensuring value for money for this specific security testing requirement?

The firm fixed-price (FFP) contract type is generally effective in ensuring value for money when the scope of work is well-defined and understood, as it incentivizes the contractor to control costs and manage performance efficiently to maximize profit. For technical evaluation and security testing, FFP can be beneficial as it provides cost certainty to the government. However, if the scope is ambiguous or prone to change, FFP can lead to contractor resistance to necessary adjustments or potential disputes. The VA's ability to clearly define the testing parameters and deliverables is crucial for maximizing the value derived from this FFP contract.

What is the historical spending trend for technical evaluation security testing services at the VA?

Analyzing historical spending trends for technical evaluation security testing at the VA would involve examining contract data over several fiscal years. This would reveal whether spending in this area is increasing, decreasing, or remaining stable. An increasing trend might indicate growing cybersecurity needs or a greater reliance on external contractors for these services. Conversely, a stable or decreasing trend could suggest internal capability development or shifting priorities. Understanding these patterns provides context for the current $31.9 million award and helps forecast future budgetary needs.

What specific types of security testing are covered under this contract, and how do they align with current cybersecurity best practices?

The contract description 'TECHNICAL EVALUATION SECURITY TESTING (TEST)' is broad. To assess alignment with best practices, one would need to examine the detailed statement of work (SOW) or performance work statement (PWS). This would specify whether the testing includes vulnerability assessments, penetration testing, security architecture reviews, code analysis, or compliance checks against standards like NIST. Current best practices emphasize continuous monitoring, threat intelligence integration, and automated testing where appropriate. The effectiveness of this contract hinges on the SOW accurately reflecting these modern approaches.

Industry Classification

NAICS: Professional, Scientific, and Technical Services › Computer Systems Design and Related Services › Custom Computer Programming Services

Product/Service Code: IT AND TELECOM - INFORMATION TECHNOLOGY AND TELECOMMUNICATIONS › IT AND TELECOM - SECURITY AND COMPLIANCE

Competition & Pricing

Extent Competed: FULL AND OPEN COMPETITION

Solicitation Procedures: SUBJECT TO MULTIPLE AWARD FAIR OPPORTUNITY

Offers Received: 4

Pricing Type: FIRM FIXED PRICE (J)

Evaluated Preference: NONE

Contractor Details

Address: 126 E BURKE ST, MARTINSBURG, WV, 25401

Business Categories: Category Business, Corporate Entity Not Tax Exempt, Limited Liability Corporation, Not Designated a Small Business, Special Designations, U.S.-Owned Business

Financial Breakdown

Contract Ceiling: $232,939,651

Exercised Options: $31,905,535

Current Obligation: $31,905,535

Actual Outlays: $20,297,067

Subaward Activity

Number of Subawards: 1

Total Subaward Amount: $2,748,896

Contract Characteristics

Commercial Item: COMMERCIAL PRODUCTS/SERVICES

Cost or Pricing Data: NO

Parent Contract

Parent Award PIID: 47QSWA18D008Q

IDV Type: FSS

Timeline