Great Government through Technology

August 10, 2023April 29, 2024

2023 EIS Transition Update

Last December I blogged about GSA’s decision to pursue extensions of the Networx, Washington Interagency Telecommunications System (WITS) 3 and Local Service contracts on behalf of a few agencies who needed more time to complete their transition to Enterprise Infrastructure Solutions (EIS). Much has transpired since that last blog post, and I wanted to give an update.

As of April 2023, 123 of 222 agencies had successfully transitioned off of the legacy telecommunications contracts. Transitioned agencies have realized some truly great benefits such as:

Divested from legacy services no longer supported by contractors
Adopted Trusted Internet Connection 3.0 architectures
Achieved lower overall cost
Increased cyber resilience.

Agencies that require an extension beyond May 31, 2024 must sign a Memorandum of Understanding (MOU) with GSA, provide GSA with details supporting further contract extensions, and start comprehensive quarterly executive transition updates with GSA. As of June 26, 2023, eight agencies have requested extensions to May 31, 2026. Some need additional weeks and some need additional months to complete their transition.

New Executive Leadership for Enterprise Technology Solutions

On February 16, 2023, Jake Marcellus became the Executive Director for Enterprise Technology Solutions (ETS). Jake leads a subcategory that includes Enterprise Telecommunications, Mobility and Satellite Communications (SATCOM) services. Jake came to us from GSA IT and has extensive experience leading telecommunications efforts within the Department of Defense.

I have asked Jake, as lead executive for EIS, to place his initial focus on improving the customer agency EIS transition experience and outcomes. His team developed a system to use disconnect data to identify the most significant transition risks and make the appropriate executive engagements with agencies.

They’re engaging agencies, assisting with problem identification, consulting on technical solutions and facilitating requests for 2026 extensions. In addition to meeting with agency Chief Information Office (CIO) staff, Jake is also meeting with executives of our EIS contractors.

The Continuity of Service Period and beyond

GSA continues to manage the EIS transition by supporting agency requirements and the contractors’ performance toward meeting the key completion dates.

May 31st 2024 – Continuity of Service (CoS) ends for those agencies that signed MOUs with GSA for the June 1, 2023 through May 31, 2024 CoS periods.
May 31st 2026 – The end of service for those agencies authorized to use extended CoS beyond May 31, 2024.

The terms and conditions of the legacy telecommunications contracts allow only those organizations specified in the Networks Authorized User List (NAUL) to obtain services under these contracts. GSA continues to update the NAUL to remove those agencies which are no longer authorized to use the contracts and will order contractors to disconnect services to such agencies. Unless an agency is working with GSA to use the extended CoS to May 31, 2026, the NAUL will be updated to remove the agency and its services will be disconnected on or before May 31, 2024. Agencies should continue to work aggressively with their contractors to transition prior to May 31, 2024. If an agency requires days, weeks or months beyond May 2024, it should contact their Solutions Broker on the GSA team to explore options.

Working together to achieve successful outcomes

Successful EIS transitions are a team effort. While GSA manages the transition as a governmentwide program, the agencies and their contractors–for both the legacy contracts and EIS–must work very closely to ensure the agencies’ requirements and those of their task orders are successfully met. This requires close oversight by the Ordering Contracting Officers for those task orders and the project managers, in collaboration with experts in networking, security, finance and operations that form the agencies’ transition teams. These teams monitor the contractors’ activities, identify risks and issues, and develop solutions with the contractors in compliance with the task orders and with an eye toward completing transition by the deadline.

Below are some of the lessons learned that enabled the successful completion of agency transitions.

Know your existing inventory and requirements
It is foundational that a transition is properly scoped in regards to physical locations and required telecom services. This step will ensure full accountability on what needs to be transitioned, what will not be transitioned and account for new requirements.
Create a transition strategy
A transition strategy includes what will be transitioned and the discrete considerations for unique mission needs and environment. Transitions in urban and rural areas have distinct challenges.
Develop a plan and schedule
Provide an overview of required actions and a detailed schedule of activities.
Get stakeholder buy-in
A successful transition requires acute coordination between engineering, program management, government contracting staff and the associated contractors.
Monitor and Control
This phase requires the agency work with both their EIS and legacy contractors to ensure that services are both transitioned and disconnected. Transition progress should be actively monitored to spot potential obstacles and implement corrective actions.
Leverage the GSA team
GSA has assigned solutions brokers for all agencies. Solutions brokers are a single point of contact for assistance with EIS, Networx, WITS3 and all transition activities. GSA’s ETS Executive Director is available for the agency executive engagement.

Visit our website to learn more about EIS or use our IT Solutions Navigator to find the vehicle that’s right for you.

Follow ITC on LinkedIn and Twitter, and subscribe for blog updates.

July 31, 2023April 29, 2024

Working on a critical acquisition? Start with GSA’s Market Research as a Service

Before making a mission-critical acquisition, agencies can save time and resources in finding compliant suppliers, capabilities, competition levels and more to understand the market landscape. GSA’s Market Research as a Service (MRAS) conveniently delivers meaningful market data at no cost to federal, state, and local agencies.

How does MRAS work with agencies?

Through FAR Part 10-compliant Requests for Information (RFIs), sources sought, industry days, and advanced product research, MRAS collects data to help customers understand where their need fits within the GSA governmentwide marketplace.

MRAS experts partner with federal, state, and local agencies to create customized RFIs and help agencies shape their overall acquisition strategy with a thorough, tailored market research report. These services are available at no cost and can be completed typically in two weeks or less.

Record of success with MRAS

In three years, MRAS has conducted over 3,000 RFIs for customers, including more than 25% specifically for IT Category Special Item Numbers (SIN) on the GSA Multiple Award Schedule (MAS).

Top customers served:

U.S. Air Force
U.S. Army
U.S. Navy

Better techniques, better results, Best in Class

The MRAS team uses extensive technology tools and the latest research techniques to generate the best information for customers, and generates a list of vetted, Best in Class GSA industry partners who can fulfill a customer’s unique requirements. The team also works closely with GSA’s talented Customer Service Directors (CSD) to research and review the category, SIN, or contract that best meets the customer’s requirements while following applicable compliance guidelines and maximizing resources.

Customers can review the results of their MRAS request with a member of GSA’s CSD team to answer questions and consider next steps.

Recently, the MRAS team produced a market research report for a multimillion-dollar Department of Defense (DOD) project at Nellis Air Force Base, Nev. and Fort Irwin, Calif. In less than two weeks, the team identified more than 40 potential sources. DOD ultimately found a winning match on the MAS IT professional services SIN.

GSA’s MRAS – Your free resource to start your agency’s successful acquisition journey

GSA’s MRAS offers customers invaluable help through a key component of the acquisition process. MRAS helps agencies make informed acquisition decisions precisely and efficiently. Contact MRAS to learn more and get started today.

Follow ITC on LinkedIn and Twitter, and subscribe for blog updates.

July 27, 2023April 29, 2024

Celebrating two years of 8(a) STARS III

8(a) STARS III officially launched two years ago this month, and it’s worth celebrating this important anniversary milestone. This governmentwide contract has really hit the ground running, and I couldn’t be more proud of its success in helping agencies achieve their missions. I’d like to share why we are so happy with this program.

Supporting the mission of government

8(a) STARS III is a competitively awarded, multiple-award, indefinite-delivery/indefinite-quantity governmentwide acquisition contract (GWAC) set aside for participants in the Small Business Administration’s 8(a) program. 8(a) STARS III is GSA’s fourth-generation 8(a) GWAC and continues the legacy of creating opportunities for small disadvantaged businesses while helping federal agencies meet their socioeconomic goals and mission-critical IT requirements.

STARS III delivers opportunities to more than a thousand 8(a) businesses and drives progress on important public policy objectives, including the President’s Executive Order on Advancing Racial Equity and Support for Underserved Communities Through the Federal Government as we work to improve diversity, equity, inclusion, and accessibility.

Phased award approach

We awarded cohort one of 8(a) STARS III in June 2021 to 448 industry partners. Then awards for cohort two were announced in February 2022 to nearly 600 additional awardees. The third and final cohort award happened in June 2022 for an additional 65 awardees – just one year ago.

Traditionally, we made awards in one batch, but with 8(a) STARS III, we reinvented the award process. Using an innovative cohort approach, we gave 8(a) firms additional opportunities by allowing initially unsuccessful offerors a second and third chance. 145 of these cohort two and three industry partners have received task order awards proving that they can be successful if given an opportunity.

Major success

In just two years, 8(a) STARS III secured $1 billion in obligations through 600 task order awards to 309 small disadvantaged businesses. Notability, 177 of them have never had a task order award through GSA before. That’s incredible and really shows how 8(a) STARS III is building opportunities for the community.

Agencies adopting 8(a) STARS III

37 federal agencies have already put their faith in the contract with an award, and more than 2,656 acquisition professionals from 54 agencies have signed up and received their delegation of procurement authority training.

Those agencies are leveraging the contract for a variety of IT Services to meet their mission, including help desk support, database administration, emerging technologies, custom software and applications development, systems integration, and cybersecurity solutions to secure the enterprise.

Hand-in-hand with industry

This doesn’t happen all by itself. We’ve worked hard to build meaningful relationships with these small businesses through one-on-one engagement, monthly snapshot newsletters for awardees, video tutorials, and even through our new GSA Does That podcast. We’ve also created an 8(a) STARS III Resource Center where our industry partners can find just about everything that they need to be successful.

Empowering small businesses

Again, I couldn’t be more proud of 8(a) STARS III as we empower disadvantaged small businesses to deliver mission-critical IT services to the government. Visit our website to learn more about www.gsa.gov/stars3.

Follow ITC on LinkedIn and Twitter, and subscribe for blog updates.

July 14, 2023April 29, 2024

Alliant 2 GWAC: Empowering businesses, large and small

We recently announced that we exercised the option on the Alliant 2 Governmentwide Acquisition Contract. This is important because it will allow Alliant 2 to continue delivering cutting-edge technology solutions for federal agencies. What’s equally important is how Alliant 2 has demonstrated its unwavering commitment to small businesses. I’d like to take a moment to highlight the outstanding performance of Alliant 2 in exceeding small business subcontracting goals, fostering diversity, and propelling economic growth.

Committed to small business

Alliant 2 has set new benchmarks by surpassing our small business subcontracting goals. The contract achieved an impressive overall small business subcontracting goals rate of 55.5 percent in option year five. This noteworthy accomplishment not only exceeds the target goal of 50 percent, but also showcases the program’s dedication to supporting small businesses.

The commitment to small business subcontracting through Alliant 2 has resulted in a substantial economic impact. Cumulatively to date, the contract has facilitated an impressive $2.67 billion for overall small business subcontracting. This remarkable figure highlights the significant role played by small businesses in delivering innovative IT solutions to federal agencies.

Further, Alliant 2 has promoted diversity, equity, and inclusion within the federal marketplace. It exceeded the goals in Small Disadvantaged Business (SDB) and Women-Owned Small Business (WOSB) categories, achieving rates of 25 percent and 26 percent, respectively. Additionally, Alliant 2 has made notable progress in the HUBZone, Veteran-Owned Small Business (VOSB), and Service-Disabled Veteran-Owned Small Business (SDVOSB) categories. HUBZone achieved 10 percent, VOSB achieved an impressive 20 percent, and SDVOSB reached 13 percent – each individually exceeding their respective 3 percent goal.

Empowering small businesses

The success of Alliant 2 in meeting and exceeding subcontracting goals demonstrates its commitment to empowering small businesses. By providing subcontracting opportunities, the program enables small businesses to contribute their expertise, gain valuable experience, and thrive within the federal marketplace. Through Alliant 2, small businesses have the chance to showcase their capabilities and play a vital role in delivering innovative IT solutions to federal agencies.

Alliant 2’s support of small businesses demonstrates our dedication to fostering economic growth and promoting diversity within the federal marketplace. By empowering small businesses, the program paves the way for innovation, collaboration, and increased efficiency.

For more information, visit gsa.gov/alliant2.

Follow ITC on LinkedIn and Twitter, and subscribe for blog updates.

June 15, 2023April 29, 2024

Drive success in the modern workplace with GSA’s Training Courses SIN

In today’s fast-paced world, continuous learning and development are essential for individuals and organizations to stay competitive. With this in mind, we developed the comprehensive Training Courses Special Item Number (SIN) on the GSA Multiple Award Schedule, which provides government agencies with access to a broad range of training courses to enhance the knowledge, skills, and abilities of their employees.

This blog post is part of a series where we’re discussing each of GSA’s key IT Services SINs on the GSA Multiple Award Schedule. Each blog will discuss the benefits for agencies in using the solution, take a look at who is using it, and share an example of how an agency successfully used the SIN to achieve its mission.

Benefits of using the Training Courses SIN:

Improved employee performance: Provides access to courses designed to improve employee performance, enhance skills, and build knowledge in a variety of IT areas.
Staying ahead of the curve: Provides agencies with training on hardware, software, cloud, and other IT systems.
Flexible learning: Offers flexible learning options, including in-person, online, and blended learning formats.
Cost-effective: Helps agencies save time and money by providing access to pre-negotiated pricing with qualified vendors.
Compliance: Offers compliance-related courses that help agencies meet regulatory requirements, such as cybersecurity training, ethics, and anti-harassment training.

Top agencies

Agencies invested more than $46 million through the Training SIN last year. Here are some of our biggest users:

Social Security Administration
General Services Administration
Department of the Navy
Department of the Air Force
Department of the Army
Department of Veterans Affairs
Department of Agriculture
Department of Defense

Use Case: How the IT Training SIN helped agencies quickly and easily install learning options during the COVID-19 pandemic

An agency needed to quickly install distance learning options for their employees during the COVID-19 pandemic. Using the IT Training SIN, they were able to contract with multiple vendors to provide virtual training, both customized training as well as commercial off-the-shelf solutions for employees.

The solution also facilitated the award of completion certificates for employees, and the agency was able to easily track which courses were most popular to then increase the availability of training in those subjects.

In another example, during the COVID-19 outbreak, a military base had to quickly deploy virtual courses for officers and enlisted personnel. They used the IT Training SIN for detailed leadership training by leveraging commercial off-the-shelf courses in leadership and program management.

This meant that even during an almost two-year pandemic, more than 75 critical employees received training through one thousand hours of CLP-accredited courses. It also allowed the base to track certificates of completion in real-time.

Additionally, they used small businesses for training. As a result, over 300 employees were trained virtually.

Driving government workforce success

Agencies are modernizing their operations to better accomplish their missions. These changes impact the IT implemented at agencies, and employees need training on how to effectively use those IT products. The Training Courses SIN provides access to IT training courses to support any IT training need by allowing centralized access to pre-approved training courses, thereby saving federal, state, local, and tribal agencies time and resources.

Follow ITC on LinkedIn and Twitter, and subscribe for blog updates.

June 13, 2023April 29, 2024

Improve patient outcomes with GSA’s Health IT Services Special Item Number

As technology continues to advance, the healthcare industry is rapidly evolving to keep pace with the growing demands of patients and providers. In response to this trend, we developed the Health IT Services Special Item Number (SIN) on the GSA Multiple Award Schedule (MAS), an innovative solution that provides agencies at all levels with access to a wide range of health IT services.

Health IT is the use of computer hardware, software, or infrastructure to record, store, protect, and retrieve clinical, administrative, or financial information. It’s a critical factor in improving the quality of healthcare, preventing medical errors, protecting data, increasing administrative efficiencies, and decreasing the need for paperwork.

Benefits of the Health IT Services SIN:

Improved patient outcomes: Provides agencies with access to cutting-edge health IT solutions that can improve patient outcomes by streamlining healthcare delivery and facilitating more efficient communication between healthcare providers.
Faster procurements: Does the heavy lifting upfront to offer agencies a streamlined procurement process to find solutions to manage their health IT needs quickly and efficiently. Buying through MAS simplifies the procurement process by providing access to pre-vetted, qualified contractors who can fulfill the agency’s requirements.
Improved security: Provides access to health IT solutions that are compliant with federal regulations and industry standards, ensuring that patient data is secure and protected.
Wide range of solutions: Open access to a broad range of health IT services, including electronic health records, health information exchanges, and telehealth solutions. These solutions can help agencies to improve healthcare delivery and patient outcomes.
Cost savings: Helps agencies save money by eliminating the need for extensive market research and evaluation of potential contractors. Additionally, the solution’s pre-negotiated pricing ensures that agencies receive the best value for their purchases.

Top agencies

Agencies invested more than $750 million through the Health IT Services SIN last year. Here are some of our biggest users:

Department of Health and Human Services
Department of Veterans Affairs
Department of Agriculture
Department of the Interior
Department of the Air Force

Use Case: Health IT Services SIN modernizes Southeast hospitals

An agency was looking to modernize some of its hospitals in the Southeastern part of the United States as a “test case” for possible expansion across the whole country. Through the Health IT Services SIN, they instituted major changes at 10 pilot hospitals in their system.

They used the SIN to deliver connected health services between hospitals, share electronic health records and information, and also to provide new health informatics and emerging health IT research resources between doctors and nurses.

This allowed the patients in these 10 hospitals — more than 5,000 patients total — to receive the highest quality and well-informed care because their healthcare providers had access to the latest healthcare information in the most secure, efficient and effective way possible. It also enabled the agency to test out new emerging health IT research and systems for further analysis for possible development in the future.

The final outcome of the pilot was better and more efficient care for patients and more efficient healthcare systems for doctors and nurses providing state-of-the-art care.

Transforming government healthcare delivery

The Health IT Services SIN is an innovative solution that can help federal, state, local, and tribal agencies improve healthcare delivery and patient outcomes. As demonstrated by the top ten agencies using this technology, Health IT Services SIN is a proven solution that can be implemented successfully in a wide range of government healthcare settings.

Follow ITC on LinkedIn and Twitter, and subscribe for blog updates.

June 5, 2023April 29, 2024

Unlocking the power of E-Commerce for government agencies

IT modernization is mission-critical for many federal agencies and quick, easy access to the latest technologies is key to their success. However, finding the right IT services to supply those solutions isn’t always easy. That’s why we developed the Electronic Commerce and Subscription services (E-Commerce) Special Item Number (SIN) on the GSA Multiple Award Schedule (MAS). This solution enables agencies to access a wide range of e-commerce solutions: from networking to email, internet, data, and more, the SIN provides a broad range of leading-edge technologies and resources.

This blog post is part of a series where we’re discussing each of GSA’s key IT Services SINs on the Multiple Award Schedule. Each blog will discuss the benefits for agencies in using the solution, take a look at who is using it, and share an example of how an agency successfully used the SIN to achieve its mission.

Benefits of the E-Commerce SIN:

Cutting-edge solutions: Provides access to a range of e-commerce solutions, including online marketplaces, e-procurement tools, and supply chain management systems. These solutions can help agencies stay ahead of the curve and adapt to new technological advancements.
Faster procurements: Offers a streamlined procurement process that allows government agencies to manage their needs quickly and efficiently. This solution simplifies the procurement process by doing much of the heavy lifting through the master contract and providing access to pre-vetted, qualified contractors who can fulfill the agency’s requirements.
Cost savings: Helps agencies save money by eliminating the need for extensive research and evaluation of potential contractors. Additionally, the solution’s pre-negotiated pricing ensures that agencies receive the best value for their purchases.

Top agencies

Agencies invested more than $430 million through the E-Commerce SIN last year. Here are some of our biggest users:

Department of Health and Human Services
Department of the Navy
Department of Defense
Department of Homeland Security
Department of the Air Force
General Services Administration
Department of Agriculture
Department of Treasury
National Aeronautics and Space Administration
United States Tax Court

Use Case: E-Commerce SIN helps military base provide email and internet access to deployed soldiers

A military base in Kansas had an immediate need to add email services and internet access to over 3,500 soldiers that were temporarily deployed to train soldiers for overseas activities.

The base was quickly able to use the e-commerce SIN to locate several local small businesses, as well as women-owned small businesses, to add additional email services and internet access services for these soldiers that were placed in forward warehouses during the 120-day exercise.

The contracting staff on base also used this same SIN to provide private phone lines for the mobile headquarters staff, as well as mobile smartphones and hosted PBX services for secured communication between the headquarters staff and forward operating units during the joint exercises. This enabled the home-based and visiting unit soldiers to use real-world scenarios in their training.

Using the MAS e-commerce SIN allowed the agency to quickly implement new electronic commerce services while also allowing them to deliver on a mission-critical need while getting their agency closer to meeting their women-owned and small business goals.

Acquire leading-edge technology and services for your modernization efforts

GSA’s e-commerce SIN provides eligible users with easy access to technologies and services that can support their modernization efforts. As demonstrated by the top ten agencies using this technology, it’s a proven solution that can be implemented successfully in a wide range of government settings.

Follow ITC on LinkedIn and Twitter, and subscribe for blog updates.

June 5, 2023April 29, 2024

Revolutionize citizen communication with Automated Contact Center Solutions

The demand on government agencies is fast-paced, complex, and constantly evolving. It’s no surprise that citizens often face difficulties in connecting with agencies when looking for help, which can cause frustration, impede their ability to get the assistance they need, and ultimately they have a bad experience.

With this in mind, we established an innovative solution to this problem — the Automated Contact Center Solutions (ACCS) Special Item Number (SIN) on the Multiple Award Schedule (MAS-IT). This contract vehicle can help agencies streamline their communications, improve citizen satisfaction, and increase overall efficiency in the execution of their mission.

This blog post is part of a series where we’re discussing each of GSA’s key IT Services SINs on MAS. Each blog will discuss the benefits for agencies in using the solution, take a look at who is using it, and share an example of how an agency successfully used the SIN to achieve its mission.

There are a number of benefits to using the ACCS SIN; here are five of the most important:

Enhanced citizen experience: ACCS provides a range of interactive voice response options that allow citizens to access information quickly and easily, without having to wait on hold or navigate complex menus. This significantly improves citizen satisfaction and reduces the number and workload of call center agents.
Increased efficiency: ACCS automates routine tasks such as call routing, call recording, and call back, freeing up agents to focus on more complex inquiries and tasks. This can help agencies handle a higher volume of calls and reduce wait times for citizens.
Improved analytics: ACCS provides detailed analytics that can help agencies to identify patterns, track performance, and optimize their call center operations. This data can also be used to identify areas where additional resources may be needed, such as staffing or training.
Scalability: ACCS is designed to be scalable and flexible, allowing agencies to easily adjust their capacity based on demand. This can help agencies handle spikes in call volume without sacrificing service quality.
Cost savings: By automating routine tasks and improving efficiency, ACCS can help agencies to reduce their operational costs and allocate resources more effectively.

Use Case: Quick deployment of additional support for hurricane response efforts with the help of small businesses

An agency had an urgent need for additional contact call center support out of their main office. They already had a contact call center with approximately 80 personnel in a 24/7 operation but wanted additional capability added in support of Hurricane Ida and other potential hurricanes that were predicted to hit the Texas, Louisiana, and Alabama coastlines in 2021.

Their contracting staff used the ACCS SIN to quickly add vendors that could support their existing customer service representatives with technologies such as artificial intelligence monitoring, chat-bot technology, web callback services, hosted email web forms, text-to-speech communications, and hosted FAQ services for citizens calling in for information about various hurricanes.

Their staff also utilized this same SIN to take advantage of small businesses offering various services under this SIN and identified both women-owned small businesses as well as service-disabled veteran-owned small businesses that were able to assist in some of the new capability development.

This resulted in the agency not only improving its contact center capabilities but also enabling them to take advantage of using small businesses to help succeed in its overall mission.

GSA’s ACCS SIN help you communicate

Agencies invested more than $385 million through the ACCS SIN last year — with the Department of Homeland Security leading the way. ACCS supports providing the public with ready access to government information and services and helping agencies ensure timely, consistent, and accurate responses to citizen inquiries. ACCS provides federal agencies with easy access to a broad range of contact center services that will make that vision a reality.

Follow ITC on LinkedIn and Twitter, and subscribe for blog updates.

June 1, 2023April 29, 2024

Empowering government operations with cutting-edge IT solutions through IT Professional Services SIN

In today’s digital age, technology plays an essential role in every aspect of our lives, including government operations. But agencies don’t always have the resources or expertise in-house to take advantage of the benefits technology can bring. To help agencies that may be stretching resources and budgets in addition to the workload of their acquisition workforce, GSA provides a wide range of IT services through the IT Professional Services Special Item Number (SIN) on the Multiple Award Schedule (MAS-IT). This SIN enables federal, state, local, and tribal agencies to access a broad range of IT solutions from experienced contractors at competitive rates.

This blog post is part of a series where we’re discussing each of GSA’s key IT Services SINs. Each blog will discuss the benefits for agencies in using the solution, take a look at who is using it, and share an example of how an agency successfully used the SIN to achieve its mission.

A few key benefits to using GSA’s IT Professional Services SIN are listed below:

Experienced industry partners: Access a pool of experienced IT professionals who have worked on government projects. These contractors have the knowledge and expertise required to design and implement complex IT solutions that meet the specific needs of your agency.
Faster procurements: Quickly and easily access IT solutions through the Multiple Award Schedule (MAS). This saves time and resources and enables you to focus on your core mission.
Cost savings: Leverage competitive rates, lower administrative burden, and reduced use of agency resources. Buying IT solutions through SIN is faster and easier, driving costs down when compared to the costs of the open market.

Top agencies

Agencies invested almost $10 billion through the IT Professional Services SIN last year. Here are some of our biggest users:

US Customs and Border Protection
National Aeronautics and Space Administration
General Services Administration
Department of Defense (Various Offices)
Department of Homeland Security
Department of Agriculture
Department of the Navy
Department of Health and Human Services
Department of the Air Force
Department of the Interior

Use Case: Small businesses provide low-cost, secure application for agency’s foreign aid program

A federal agency administering aid to foreign countries needed to create an application that could run efficiently and effectively on low-cost tablets. This application also needed to operate in areas where only low-speed internet access was available.

In addition, the application had to be secure and protect personally identifiable information and health data.

The agency released a request for information (RFI) under the IT Professional Services SIN using GSA eBuy. The RFI allowed the agency to survey existing capabilities among the vendors on the SIN to determine what requirements to include in a request for proposal (RFP). The agency used the RFI market research to draft and issue a performance work statement (or PWS) under the IT Professional Services SIN for the Field Employee Support Tablet Initiative project. They received six proposals.

Ultimately, a group of three small businesses using a contractor teaming arrangement (or CTA) received the contract award.

GSA’s IT Professional Services SIN, serving you

GSA’s IT Professional Services SIN provides agencies — at all levels — with access to experienced IT professionals, a faster procurement process, and cost savings. By leveraging the expertise of contractors through the IT Professional Services SIN, agencies can implement IT solutions that meet their specific needs, improve efficiency, and better fulfill their missions.

Follow ITC on LinkedIn and Twitter, and subscribe for blog updates.

May 30, 2023April 29, 2024

Application Security Testing (AST) — reduce your cybersecurity risk

“Improving the Nation’s Cybersecurity” is a top priority across all federal agencies. Constant and fast-paced application innovation is the new norm of today’s digital enterprise. Vulnerabilities are waiting to be exploited by adversaries and their increasingly sophisticated malicious attempts such as the Log4J application exploitation.

The Office of Management and Budget’s (OMB) Memorandum 22-09 specifically charges agencies to operate dedicated Application Security Testing (AST) programs for a stronger and more robust cyber posture. Early and continuous AST minimizes the risk of sensitive data exposure and system compromise. To prevent most application security threats, agencies need a dedicated AST program that implements a variety of tools to continuously assess and address application vulnerabilities throughout the Security Development Life Cycle (SDLC).

The software development lifecycle begins with analysis before moving to design, development, and testing. Next comes deployment and finally, maintenance.

AST tools

Testing requirements and guidance released by OMB, the National Institute of Standards and Technology, and the Cybersecurity and Infrastructure Security Agency will make applications more resistant to security threats and identify security weaknesses and vulnerabilities. Ultimately, the goal is to create a holistic AST program of automated tools and manual testing that continuously examines applications as they are developed and continue through the SDLC. AST methodologies can be categorized into:

Automated AST relies on written code/test scripts and tools to test and validate an application. It can be completed in less time than manual testing and covers more test permutations; however, it does require heavy coding and maintenance.
Manual testing is executed by human security testers to discover complex bugs for which automated testing cannot detect or to resolve automated testing’s false positives. It requires a substantial level of expertise, effort, and time.

An AST program uses a variety of tools throughout the SDLC, many of which are described in the table below.

A table that highlights AST testing tools, their purpose, proactive or reactive scanning, low false positives, and cost. Static application security testing is used to examine source code for weaknesses. Dynamic application security testing is used to find security vulnerabilities in a running environment. Interactive application security testing analyzes code for vulnerabilities by simulating scenarios in a running environment. Mobile application security testing identifies vulnerabilities in applications used with mobile platforms during or post development. Software composition analysis identifies open-source software in codebase. Manual testing examines all essential features to find more complex and logical vulnerabilities.

Top AST threats

According to the Open Web Application Security Project (OWASP), the top three application security threats are broken access control, cryptographic failures, and injection.

A table featuring best practices and AST tool(s) to address broken access control, cryptographic failure, and inject vulnerabilities.

Third-party application security testers

Another component of a dedicated AST program is the use of independent third-party application security testers who specialize in identifying vulnerabilities internal staff may miss. These expert firms have the skills and certifications required to provide high-quality results and ensure applications hold up against real-world cyber attacks.

GSA cybersecurity resources

GSA created the AST Buyer’s Guide to help federal agencies meet AST program requirements, provide Third-Party Application Security Tester selection criteria, and address application security threats. It provides an overview of AST, key considerations when implementing an AST program, and helps identify and procure AST offerings to improve your agency’s application security posture.

To make the acquisition experience easier and more efficient, GSA also provides useful resources like an AST summary sheet, AST statement of work template, and AST informational video. These and many other resources can be found at www.gsa.gov/ast.

GSA cybersecurity support

The GSA IT category team is available to answer questions and provide subject matter expertise related to purchasing AST, cybersecurity, and a full range of IT products and services. Please contact the IT customer service center at 855-ITaid4U/855-482-4348 or itcsc@gsa.gov.

Follow ITC on LinkedIn and Twitter, and subscribe for blog updates.