Treasury's IRS awards $28.7M for FISMA compliance, with 9 bidders vying for the task order
Contract Overview
Contract Amount: $28,656,869 ($28.7M)
Contractor: Variq Corporation
Awarding Agency: Department of the Treasury
Start Date: 2016-03-31
End Date: 2020-09-30
Contract Duration: 1,644 days
Daily Burn Rate: $17.4K/day
Competition Type: FULL AND OPEN COMPETITION AFTER EXCLUSION OF SOURCES
Number of Offers Received: 9
Pricing Type: COST PLUS FIXED FEE
Sector: IT
Official Description: IGF::CT::IGF FOR CRITICAL FUNCTIONS - TASK ORDER AWARD FOR FISMA COMPLIANCE SUPPORT
Place of Performance
Location: LANHAM, PRINCE GEORGES County, MARYLAND, 20706
State: Maryland Government Spending
Plain-Language Summary
Department of the Treasury obligated $28.7 million to VARIQ CORPORATION for work described as: IGF::CT::IGF FOR CRITICAL FUNCTIONS - TASK ORDER AWARD FOR FISMA COMPLIANCE SUPPORT Key points: 1. The contract's cost-plus-fixed-fee structure requires careful monitoring to ensure cost efficiency. 2. Full and open competition suggests a healthy market for FISMA compliance services. 3. The contract duration of over 4 years indicates a significant, ongoing need for these services. 4. Performance context is crucial given the critical nature of FISMA compliance for IRS operations. 5. This award falls within the 'Other Computer Related Services' NAICS code, a broad category. 6. The task order award mechanism suggests it's part of a larger indefinite-delivery/indefinite-quantity (IDIQ) contract.
Value Assessment
Rating: fair
Benchmarking the value of this specific task order is challenging without knowing the scope of work and the base IDIQ contract it falls under. The cost-plus-fixed-fee (CPFF) pricing structure can lead to cost overruns if not managed diligently. Comparing the total award amount to similar FISMA compliance support contracts would provide better insight into value for money. However, the presence of 9 bidders suggests a competitive environment that should theoretically drive reasonable pricing.
Cost Per Unit: N/A
Competition Analysis
Competition Level: full-and-open
The contract was awarded under 'Full and Open Competition After Exclusion of Sources,' which typically means that while the initial contract might have had restrictions, this specific task order was competed broadly. The participation of 9 bidders indicates a robust level of competition for this particular requirement, suggesting that multiple vendors were capable and interested in providing FISMA compliance support.
Taxpayer Impact: A competitive award process like this generally benefits taxpayers by encouraging lower prices and better service quality as contractors vie for the business.
Public Impact
The Internal Revenue Service (IRS) benefits directly through enhanced cybersecurity posture and compliance with the Federal Information Security Management Act (FISMA). Services delivered include support for FISMA compliance, likely encompassing risk assessments, security control implementation, and policy development. The geographic impact is primarily within the IRS's operational footprint, likely concentrated where its IT infrastructure and personnel are located. Workforce implications may include the need for specialized cybersecurity professionals within the IRS or reliance on external expertise provided by the contractor.
Waste & Efficiency Indicators
Waste Risk Score: 50 / 10
Warning Flags
- The CPFF contract type requires vigilant oversight to prevent scope creep and ensure costs remain within reasonable bounds.
- The broad NAICS code (541519) could encompass a wide range of services, necessitating clear definition of deliverables to avoid ambiguity.
- The duration of the task order (over 4 years) requires ongoing performance monitoring to ensure sustained quality and compliance.
Positive Signals
- Full and open competition indicates a healthy market and potential for competitive pricing.
- The award of a task order suggests successful performance under a potential parent IDIQ contract.
- The focus on FISMA compliance addresses a critical cybersecurity requirement for a major federal agency.
Sector Analysis
This contract falls within the IT services sector, specifically focusing on cybersecurity and compliance. The market for FISMA compliance support is significant, driven by federal mandates requiring agencies to secure their information systems. Comparable spending benchmarks would involve analyzing other federal contracts for cybersecurity consulting and compliance services, particularly those supporting large agencies like the IRS. The NAICS code 541519, 'Other Computer Related Services,' is broad but captures the essence of specialized IT support.
Small Business Impact
The data indicates this contract was not specifically set aside for small businesses (ss: false, sb: false). Therefore, the primary impact on the small business ecosystem would be through potential subcontracting opportunities, if Variq Corporation chooses to engage small businesses. Without specific subcontracting plans detailed in the award, it's difficult to assess the direct benefit to small businesses from this particular contract.
Oversight & Accountability
Oversight for this contract would primarily reside with the contracting officer and the IRS's program management officials. The contract type (CPFF) necessitates close monitoring of expenditures and performance against the fixed fee. Transparency is generally facilitated through contract award databases like FPDS. Inspector General jurisdiction would apply if any fraud, waste, or abuse related to the contract is suspected.
Related Government Programs
- FISMA Compliance Support
- Cybersecurity Services
- IT Consulting
- Federal Information Security Management Act
- IRS IT Modernization Efforts
- Cost Plus Fixed Fee Contracts
Risk Flags
- Cost Plus Fixed Fee contract type requires diligent oversight.
- Broad NAICS code may lead to scope ambiguity if not clearly defined.
- Long contract duration necessitates sustained performance monitoring.
Tags
it-services, cybersecurity, fis জটিলma-compliance, department-of-the-treasury, internal-revenue-service, cost-plus-fixed-fee, full-and-open-competition, task-order, computer-related-services, maryland
Frequently Asked Questions
What is this federal contract paying for?
Department of the Treasury awarded $28.7 million to VARIQ CORPORATION. IGF::CT::IGF FOR CRITICAL FUNCTIONS - TASK ORDER AWARD FOR FISMA COMPLIANCE SUPPORT
Who is the contractor on this award?
The obligated recipient is VARIQ CORPORATION.
Which agency awarded this contract?
Awarding agency: Department of the Treasury (Internal Revenue Service).
What is the total obligated amount?
The obligated amount is $28.7 million.
What is the period of performance?
Start: 2016-03-31. End: 2020-09-30.
What is the specific scope of work covered under this task order for FISMA compliance support?
The provided data indicates the task order is for 'IGF::CT::IGF FOR CRITICAL FUNCTIONS - TASK ORDER AWARD FOR FISMA COMPLIANCE SUPPORT.' While the exact deliverables are not detailed, FISMA compliance support typically involves a range of activities such as developing and implementing security plans, conducting risk assessments, implementing security controls, monitoring system security, incident response planning, and ensuring adherence to NIST (National Institute of Standards and Technology) guidelines and federal cybersecurity directives. Given the IRS's critical functions, the scope likely emphasizes robust protection of sensitive taxpayer data and critical financial systems.
How does the pricing structure (Cost Plus Fixed Fee) compare to other federal FISMA compliance contracts?
Cost Plus Fixed Fee (CPFF) contracts are common in federal IT services, especially when the scope of work is not precisely defined at the outset or is expected to evolve. This structure reimburses the contractor for allowable costs plus a predetermined fixed fee representing profit. Compared to fixed-price contracts, CPFF offers flexibility but carries a higher risk of cost overruns if not managed tightly. Benchmarking requires comparing the fee percentage and total cost against similar CPFF contracts for comparable services. Agencies often prefer fixed-price for well-defined scopes to ensure cost certainty for taxpayers.
What are the key performance indicators (KPIs) used to evaluate Variq Corporation's performance on this contract?
Specific KPIs are not detailed in the provided award data. However, for a FISMA compliance support contract, typical KPIs would likely include metrics related to the timely completion of security assessments, the effectiveness of implemented security controls (e.g., reduction in security incidents or vulnerabilities), adherence to reporting deadlines, successful audits or reviews, and the contractor's responsiveness to identified security issues. The IRS program office and contracting officer would establish and monitor these KPIs throughout the contract's duration.
What is Variq Corporation's track record in providing similar cybersecurity and compliance services to federal agencies?
Variq Corporation has a history of performing federal IT services. While specific details on their FISMA compliance expertise require deeper research into past performance evaluations and contract history, their ability to win this task order under full and open competition suggests they possess the necessary qualifications and experience. Federal procurement databases and past performance reviews would offer more granular insights into their success rates, client satisfaction, and specific expertise in cybersecurity domains relevant to agencies like the IRS.
How does the $28.7 million award amount compare to historical IRS spending on FISMA compliance?
To assess this, one would need to analyze historical IRS spending data specifically allocated to FISMA compliance and related cybersecurity services over several fiscal years. The $28.7 million award covers a period of approximately 4 years (March 2016 - September 2020), equating to roughly $7.175 million per year. Comparing this annual average to previous IRS budgets for similar functions would reveal whether this represents an increase, decrease, or stable level of investment in maintaining its cybersecurity posture and compliance.
What are the potential risks associated with this contract, and what mitigation strategies are in place?
Potential risks include cost overruns due to the CPFF structure, contractor performance issues failing to meet compliance standards, scope creep, and cybersecurity vulnerabilities within the contractor's own systems. Mitigation strategies typically involve robust contract oversight, clearly defined performance metrics, regular progress reviews, strong security protocols for contractor personnel accessing IRS systems, and contingency planning. The competitive nature of the award also serves as a risk mitigation factor, as multiple vendors were deemed capable.
Industry Classification
NAICS: Professional, Scientific, and Technical Services › Computer Systems Design and Related Services › Other Computer Related Services
Product/Service Code: IT AND TELECOM - INFORMATION TECHNOLOGY AND TELECOMMUNICATIONS › ADP AND TELECOMMUNICATIONS
Competition & Pricing
Extent Competed: FULL AND OPEN COMPETITION AFTER EXCLUSION OF SOURCES
Solicitation Procedures: SUBJECT TO MULTIPLE AWARD FAIR OPPORTUNITY
Offers Received: 9
Pricing Type: COST PLUS FIXED FEE (U)
Evaluated Preference: NONE
Contractor Details
Address: 1200 G ST NW STE 800, WASHINGTON, DC, 20005
Business Categories: Category Business, Hispanic American Owned Business, HUBZone Firm, Minority Owned Business, Self-Certified Small Disadvantaged Business, Small Business, Special Designations, Subchapter S Corporation, U.S.-Owned Business
Financial Breakdown
Contract Ceiling: $3,855,044,965
Exercised Options: $2,516,908,870
Current Obligation: $28,656,869
Actual Outlays: $8,361,886
Subaward Activity
Number of Subawards: 10
Total Subaward Amount: $1,128,000
Contract Characteristics
Commercial Item: COMMERCIAL PRODUCTS/SERVICES PROCEDURES NOT USED
Cost or Pricing Data: YES
Parent Contract
Parent Award PIID: TIRNO11D00070
IDV Type: IDC
Timeline
Start Date: 2016-03-31
Current End Date: 2020-09-30
Potential End Date: 2021-03-30 08:01:07
Last Modified: 2022-09-09
More Contracts from Variq Corporation
- Verification Information System Operations and Maintenance (VIS O&M) — $43.9M (Department of Homeland Security)
- Professional Information Technology Personnel in Support of Information Systems Division — $39.5M (Department of Homeland Security)
- THE Student and Exchange Visitor Program (sevp) WAS Established AS Part of the Homeland Security Investigations (HSI) National Security Investigations Division (nsid) Within Immigration and Customs Enforcement (ICE). Sevp IS Responsible for Deliverin — $30.2M (Department of Homeland Security)
- . Cybersecurity Defense Center Services — $26.8M (Department of the Treasury)
- This Requirement IS for Microsoft 365 Support Within the Criminal Investigation Division of the IRS, in Support of LAW Enforcement Operations — $5.5M (Department of the Treasury)
Other Department of the Treasury Contracts
- Advertising Services — $636.5M (True North Communications Inc)
- Cade 2 Ltis3 Covid-19 — $383.8M (Deloitte Consulting LLP)
- Establish a Broad Networking and Telecommunications Service Environment to Meet ITS Network Services (wide Area and Local Area Network), Voice Telecommunications Services, Audio/Video/Web Conferencing, and Cyber Requirements — $320.2M (AT&T Enterprises, LLC)
- THE Internal Revenue Service (IRS), Office of Information Technology Office, Issues This Order Under GSA Alliant 2 (unrestricted). Enterprise Case Management (ECM) Solution Integration Services — $305.5M (Booz Allen Hamilton Inc)
- THE Tfcceis Task Order IS to Transition the Existing Tfcc Services From the Networx Contract Onto the EIS Contract Vehicle in a Manner That Will Enable Continuity of an Enterprise Network of Toll Free Services for the IRS — $264.6M (Verizon Business Network Services LLC)