FAR Companion Change

Back to FAR Companion

Summary

PART_39 updated: 223 lines added, 2 lines removed

Diff

--- previous
+++ current
@@ -1,2 +1,227 @@
-Part 39 - Acquisition of Information and Communication Technology
-FC 39.001 Applicability.+FAR part 39 emphasizes strategies that promote faster acquisition and secure deployment for
+information and communication technology (ITC) including information technology (IT),
+operational technology, emerging technology, and information systems. The definition for
+information and communication technology is in FAR part 2. However, the following context may
+be helpful in navigating the diverse ICT marketplace:
+● Operational technology includes programmable systems or devices that interact with
+the physical environment or manage devices that interact with the physical environment.
+These systems or devices detect or cause a direct change through the monitoring and/or
+control of devices, processes, and events.
+● Emerging technology includes any evolving or innovative capability (whether
+hardware, software, or service) that introduces new methods, tools, or efficiencies in
+support of mission needs. This includes technologies undergoing rapid advancement or
+change, and those with the potential to significantly improve operations, service delivery,
+and security (such as the Internet of Things, or IoT).
+● Information systems can combine information technology, operational technology, and
+emerging technology.
+○ Information systems can be deployed on premises or in the cloud.
+○ Cloud deployments can be performed either as infrastructure, platform, or
+software as a service.
+FC 39.001(a)(2) Strategic planning for ICT acquisitions.
+Successful ICT acquisitions begin with thoughtful planning that extends beyond immediate
+technical requirements to consider long-term strategic objectives, organizational, and
+operational factors consistent with OMB Circular A-130, “Managing Information as a Strategic
+Resource.” These planning approaches establish the foundation for technology solutions that
+remain viable and valuable throughout their lifecycle while meeting Federal information
+governance requirements.
+OMB Circular A-130 establishes general policy for information governance, acquisitions, records
+management, open data, workforce, security, and privacy and represents a shift from viewing
+security and privacy requirements as compliance exercises to understanding security and
+privacy as crucial elements of a comprehensive, strategic, and continuous risk-based program
+at Federal agencies. ICT acquisition planning must align with this strategic framework by
+treating information as a valuable strategic resource requiring comprehensive lifecycle
+management.
+97
+Federal Acquisition Regulation (FAR) Companion
+● Align acquisitions to the agency’s technology roadmap: Align the procurement to
+the agency’s strategic technology roadmap that extends beyond immediate needs. This
+approach permits the agency to plan systemically for technology evolution, integration
+requirements, and capability maturation over time. This planning helps prevent isolated,
+incompatible systems and reduces total ownership costs by facilitating smoother
+technology transitions throughout the lifecycle. Where practical and appropriate,
+technology roadmaps may rely on integration with shared services that scale cost
+savings and value across larger Federal technology infrastructure and platforms. To
+ensure alignment with your agency’s technology roadmap, the acquisition planner
+should coordinate with your agency’s Chief Information Officer’s Office (or similar). The
+agency CIO plays a central role in ensuring ICT acquisitions align with enterprise
+architecture, information governance policies, and strategic technology planning as
+mandated by A-130's framework for managing information as a strategic resource.
+● Integrate Federal information governance requirements: ICT acquisitions must
+incorporate the comprehensive information governance framework established by OMB
+Circular A-130. This includes ensuring acquisitions support the agency's information
+lifecycle management, from creation and collection through processing, dissemination,
+and disposal. Acquisition planning should address how proposed systems will contribute
+to the agency's strategic information management objectives, enable appropriate
+information sharing, and support data-driven decision making while maintaining security
+and privacy protections throughout the information lifecycle.
+● Implement continuous risk-based security and privacy management: OMB Circular
+A-130 emphasizes the role of both privacy and security in the Federal information life
+cycle through a continuous, risk-based approach rather than periodic compliance
+exercises. ICT acquisition planning must incorporate security and privacy considerations
+from the earliest planning stages, ensuring that systems are designed with appropriate
+safeguards and can adapt to evolving threats and requirements. This includes
+conducting Privacy Impact Assessments (PIAs) when acquiring systems that handle
+personally identifiable information and implementing the Risk Management Framework
+throughout the system development lifecycle.
+● Consider non-functional requirements: Balance functional capabilities with critical
+non-functional requirements: security, scalability, interoperability, maintainability,
+accessibility, and performance metrics. These requirements often determine whether a
+system will not only meet user needs, but also integrate with enterprise architecture and
+remain viable throughout its lifecycle. Clearly articulating non-functional requirements in
+solicitations helps vendors propose appropriate solutions and prevents expensive
+modifications later.
+Being familiar with key statutory requirements related to the acquisition of ICT is critical to a
+compliant acquisition. In addition to FAR part 39, it is important to be familiar with prohibitions as
+they pertain to the acquisition of ICT detailed in FAR part 40. Further applicable guidance, such
+as that related to the Federal Information Security Management Act (FISMA) or Section 508 of
+the Rehabilitation Act of 1973, can be found on CIO.gov, Section508.gov, and the National
+Institute of Standards and Technology Information Technology page (e.g., Federal Information
+Security Management Act (FISMA) requirements). Information pertaining to statutorily required
+purchasing programs relevant to ICT can be found on the statutory purchasing programs page.
+98
+Federal Acquisition Regulation (FAR) Companion
+FC 39.001(a)(2) Streamlined timeline techniques.
+Accelerating the acquisition timeline ensures that implemented solutions remain technologically
+relevant and meet current mission needs. These techniques maintain procurement integrity
+while eliminating unnecessary delays that can undermine program success.
+● Streamlined source selection. Design evaluation processes that enable award
+decisions within 180 days or less from solicitation release. Techniques include limiting
+proposal page counts; focusing on differentiating evaluation factors; using oral
+presentations, demonstrations, or other real-time assessments to replace written
+portions of the proposal; and implementing concurrent rather than sequential evaluation
+phases. Establish dedicated review teams with scheduled evaluation sessions rather
+than rely on part-time evaluators. These approaches maintain thoroughness while
+eliminating unnecessary delays that can render solutions outdated before
+implementation begins.
+● Consensus-only documentation. Implement a streamlined consensus approach that
+eliminates individual evaluator write-ups in favor of direct team consensus
+documentation. This technique reduces administrative burden and timeline by having
+evaluators first discuss their assessments collaboratively, then document only the team's
+consensus findings. Instead of detailed narratives for each proposal, focus on capturing
+discriminating factors between proposals and clear reasons for ratings (or rankings).
+This approach can cut weeks from the evaluation timeline while improving evaluation
+quality through collaborative assessment that uses the entire team's expertise.
+● Agile acquisition techniques. Apply agile principles to the acquisition process itself,
+not just the development methodology. Break the procurement into smaller, more
+manageable chunks with shorter timelines. Consider techniques like rolling admissions
+for vendor qualification, regular on-/off-ramping for multiple-award vehicles, and
+streamlined ordering procedures for prequalified providers. Capture lessons learned and
+continually refine acquisition approaches based on results. This creates a more
+responsive procurement system that can adapt to changing technology and mission
+needs.
+FC 39.101 Management of ICT contract risk.
+Information and communication technology acquisitions present unique challenges that can
+significantly impact mission success and taxpayer value. Unlike traditional procurements, ICT
+projects involve rapidly evolving technologies, complex integrations, and cascading
+dependencies that can create costly problems if not properly managed. Effective risk
+management enables agencies to identify potential issues early and respond proactively,
+protecting against cost overruns, schedule delays, technical obsolescence, and solutions that
+fail to meet user needs.
+Modern ICT acquisitions face new risks beyond traditional concerns. Schedule risks may
+include Artificial Intelligence (AI) integration delays and supply chain disruptions. Cost risks
+often stem from evolving cybersecurity requirements and frequent technology updates.
+Technical risks have grown with AI implementations where agencies may lack expertise to
+evaluate performance or detect bias. Contract decisions typically involve balancing AI security,
+federal design requirements, and third-party vendor risks, while AI systems can face data
+99
+Federal Acquisition Regulation (FAR) Companion
+poisoning attacks. These challenges tend to multiply when agencies manage multiple high-risk
+projects with limited oversight resources.
+Effective acquisition risk management often combines proven contracting techniques with
+modern planning approaches. Acquisition planning should consider the government’s “realistic”
+plan B in the event a contractor fails to perform. Modular contracting can help manage such risk.
+Modular contracts can also break complex IT projects into smaller, manageable increments that
+deliver value while reducing overall risk exposure. Agencies may benefit from thorough
+acquisition planning that coordinates program, financial, and contracting perspectives early in
+the process. Many find success incorporating specific contract language for AI governance,
+cybersecurity attestations, and vendor risk assessments. Prototyping line items or contract
+structures can allow testing of technical approaches before committing to full-scale
+implementation. Outcome-focused contracting that emphasizes collaboration between
+government and contractor teams helps ensure both parties work together toward mission
+success rather than simply meeting contract specifications.
+FC 39.102 Modular contracting.
+Breaking down initiatives into manageable components reduces risk while increasing flexibility,
+competition, and opportunities for innovation. These strategies enable incremental capability
+delivery while maintaining system coherence and preventing vendor lock-in. Modular contracting
+is especially critical for piloting, learning from, and iterating with emerging technologies.
+● Managing complex requirements. Prioritize logical separation of concerns, well-
+defined interfaces, and appropriate data exchange standards. This approach reduces
+risk by allowing incremental delivery and creating more opportunities for small, emerging
+technology business participation.
+● Implementing modular contracting. Structure acquisitions into separate, interoperable
+modules rather than monolithic systems. This approach, consistent with FAR 39.102,
+enables incremental development and deployment of functionality, reduces risk
+exposure, and increases opportunities for innovation. Establish a family of contracts with
+complementary scopes that can be awarded to different contractors while maintaining
+integration. This strategy prevents vendor lock-in while providing flexibility to adopt new
+technologies or approaches for individual modules.
+FC 39.70 Innovative solicitation approaches.
+Modernizing solicitation practices make it easier for government and industry partners to
+communicate more clearly and understand each other more deeply. Innovative solicitation
+approaches like challenge-based acquisitions, simplified pitches, and rapid feedback loops help
+attract tech startups and new market entrants. These methods reduce barriers, spark fresh
+ideas, and make it easier for emerging companies to bring cutting-edge solutions into the
+government space.
+● Pre-proposal discovery sessions. Schedule one-on-one discovery sessions after
+solicitation release, but before proposal submission, to clarify requirements and answer
+vendor-specific questions. Conduct these sessions after an appropriate down-select
+process to minimize burden and focus time efficiently. These sessions allow vendors to
+explore their unique solution approaches while learning about agency needs. To
+100
+Federal Acquisition Regulation (FAR) Companion
+maintain fairness, establish clear ground rules prohibiting discussions of pricing, ensure
+consistent time allocations for all offerors, and document session protocols in the
+solicitation. These interactions result in complete proposals that better address agency
+requirements and result in fewer assumptions and exceptions in proposals.
+● Oral presentations. Add oral presentations to the evaluation process to assess vendor
+understanding, team capabilities, and solution approaches more effectively than written
+proposals alone. Structure these as scenario-based problem-solving exercises where
+the vendor might best show their approach to realistic challenges. This technique
+provides valuable insights into how teams think and work together while reducing
+proposal preparation burden and potential AI bias.
+● Technical demonstrations and challenges. Request working prototypes or technical
+demonstrations that show vendors' actual capabilities rather than promised functionality.
+Establish technical challenges that all offerors address under consistent conditions,
+allowing side-by-side comparison of approaches and capabilities. This method reduces
+reliance on written claims and provides evidence of technical competence and
+innovation potential. However, in structuring technical demonstrations and challenges, it
+is important to understand the level of effort they require for industry partners, especially
+small businesses. Therefore, ensure the approach is appropriately structured based on
+the complexity, value and importance of the requirement. Regardless, ensure the
+evaluation criteria clearly communicate how demonstrations will influence award
+decisions.
+FC 39.70 Evaluation and negotiation innovations.
+Modern evaluation approaches recognize that success depends on people, capabilities, and
+contractual commitments more than written proposals or corporate history. These techniques
+help agencies identify partners with the right capabilities and motivations for project success.
+Examples of these or similar techniques are described in the Periodic Table of Acquisition
+Innovations (PTAI).
+● Phased down-select processes. Consider multi-phase evaluation processes that
+progressively narrow the competitive field through increasingly detailed assessments.
+Initial phases might evaluate high-level solution approaches and team qualifications,
+while later phases examine technical details, pricing, and implementation plans from
+down-selected offerors. This approach reduces the proposal preparation burden for
+industry while allowing agencies to focus evaluation resources on the most promising
+solutions. It particularly benefits IT acquisitions where in-depth technical evaluation (for
+instance, of coding challenges or demonstrations) may be more resource intensive.
+● Evaluate team capabilities. Assess the specific capabilities the team brings to the
+contract. Request demos of team problem-solving abilities through technical challenges,
+interviews, or scenario-based exercises. This approach recognizes that in rapidly
+evolving technology areas, the specific knowledge and adaptability of the team members
+matter. Consider how you structure the contract and incentives that maintain strong
+teams under contract performance.
+● Look beyond contract dollars equating to experience. When evaluating a
+contractor’s experience, don’t simply use the size of past contracts or the length of a
+contract as measures for how a contractor may perform on your requirement without
+101
+Federal Acquisition Regulation (FAR) Companion
+understanding what you might lose out on.
+● Negotiate performance commitments into the offer. During negotiations, transform
+vendor claims into contractual commitments with associated metrics and acceptance
+criteria, turning them from promises into part of the contractually binding offer you
+accept. In today's AI-enhanced proposal environment, written claims are increasingly
+polished but may not reflect actual capabilities. In negotiations, test the depth of vendor
+understanding and willingness to stand behind their assertions. Consider implementing
+proof periods with defined acceptance criteria before full deployment under contract.
+This approach protects the government from exaggerated capabilities while giving
+vendors appropriate flexibility in implementation approaches.