Per the draft RFP, prospective bidders will be allowed to submit information for up to 7 projects to demonstrate their experience in these areas. As noted previously, large volume projects that are highly complex and incorporate a variety of different factors will allow for higher point-scoring. A single project cannot be used to support relevant experience in multiple performance areas. Each Primary Relevant Experience project must be ongoing or have been completed within five years from the proposal due date, and must have at least one year of performance unless it meets certain conditions. Projects must have a project value of at least $1M.
One should note that while NAICS codes are provided to help organize the performance areas that GSA will be looking at for history of IT services performed, NAICS codes will not be a point scoring factor itself (as it has been in previous scorecard solicitations). The draft RFP also allows offerors the opportunity to provide projects (and receive points) with specific scopes in cloud services and cybersecurity services – highlighting the importance of these areas to GSA and federal agencies customers.
As mentioned earlier, the “Breadth of Primary Relevant Experience” will also represent a critical deciding factor when evaluating Relevant Experience. The scorecard allows for an increasing scale of points for offerors that can demonstrate coverage over all five performance areas. Just keep in mind that you will need to be providing a single project for each performance areas – so you will want to identify a set of projects representing a diversity of services.
Past performance ratings for relevant experience projects that are provided to support Performance Areas will also be a very important scoring factor. CPARS are GSA’s preferred means of providing past performance information, and if prior Scorecard RFPs can be used as a basis, it will be important to provide projects where CPARS scores have been high in order to maximize point scoring. A past performance rating form is provided for instances where CPARS do not exist – it is not clear if the same point totals will be possible for projects where a rating form is used instead of a CPARS.
Key relevant experience factors for Polaris: emerging technology areas
Although the Relevant Experience Performance Areas are the main focus of the draft solicitation for the GWAC, Polaris is encouraging contractors to also highlight project information illustrating innovative technological approaches to servicing customer needs. The specific “Emerging Technology” service areas cited in the Draft RFP are as follows:
- Advanced and quantum computing: Advanced computing refers to technical capabilities that support compute and data intensive modeling and simulation. This includes the use of quantum mechanics and information theory to enable faster speeds, better precision, and optimum functionality.
- Artificial intelligence: Artificial intelligence (AI), also known as machine intelligence, is a branch of computer science that aims to imbue software with the ability to analyze its environment using either predetermined rules and search algorithms, or pattern recognizing machine learning models, and then make decisions based on those analyses.
- Automation technology: Automation is the creation and application of technologies to produce and deliver goods and services with minimal human intervention. The implementation of automation technologies, techniques and processes improve the efficiency, reliability, and/or speed of many tasks that were previously performed by humans.
- Distributed ledger technology: Distributed Ledger Technology (DLT) is a type of ledger that is shared, replicated, and synchronized in a distributed and decentralized manner. DLT can be used to decentralize and automate processes in a large number of sectors. The attributes of a distributed ledger technology allow for large numbers of entities or nodes, whether collaborators or competitors, to come to consensus on information and immutably store it.
- Edge computing: Edge Computing brings computation and data storage closer to the devices where it’s being gathered, rather than relying on a central location that can be thousands of miles away. This is done so that data, especially real-time data, does not suffer latency issues that can affect an application’s performance. Processing is done locally, reducing the amount of data that needs to be processed in a centralized or cloud-based location.
- Immersive technology: Immersive technology refers to technology that attempts to emulate a physical world through the means of a digital or simulated world by creating a surrounding sensory feeling, thereby creating a sense of immersion.
Prospective bidders are allowed to submit up to six Emerging Technologies Relevant Experience projects. Each of these projects must have been for the performance of one of the noted Emerging Technologies, and no Emerging Technology project may be used to support relevant experience in more than one Emerging Technology area. However, it is acceptable to use the same project to support one of the Performance Areas and one of the Emerging Technologies. Each Emerging Technology project must be ongoing or have been completed within five years from the proposal due date, and must have at least one year of performance unless it meets certain conditions. Emerging Technology projects must have a project value of at least $150,000. There is no indication in the draft RFP as to whether NAICS codes will be important for Emerging Technology relevant experience.
Additional point-scoring opportunities will exist, related to a number of other factors. While relevant experience is likely to be most important, prospective bidders should be aware of all opportunities in order to maximize their score.
Cybersecurity and supply chain risk management (SCRM)
Many recent GSA-led procurements have included cybersecurity and Supply Chain Risk Management (SCRM) requirements. 8(a) STARS III included similar requirements, as did ASTRO. This has become a growing focus given its importance to national security, and it has only been heightened by recent incidents involving bad-actors looking to access restricted information, either through cyber-based or supply-chain based hacks, or to disrupt the supply chain.
While Cybersecurity Maturity Model Certification (CMMC) is technically a DOD requirement, the Polaris draft RFP highlights it as something that Polaris bidders should prepare for and participate in. The draft RFP also indicates that GSA may survey Polaris awardees from time to time to identify and publicly list each industry partner’s CMMC standing. The draft RFP goes on to state that it reserves the right to require CMMC Level 1 certification as mandatory to be considered for the Polaris option period, as well as for any Open Season On-Ramps.
One of many requirements for companies who are awarded the Polaris GWAC will be to complete and provide a SCRM plan within 30 days of the end of each contract year. The RFP notes that cybersecurity and SCRM are dynamic areas, and refers contractors to NIST 800-161 (a federal government requirement that wasn’t designed for private companies) for guidance in developing a framework for their SCRM plans. GSA, along with DOD and the Intelligence Community have been at the forefront in requiring contractors to understand and manage risks to their supply chains. We have worked with a number of companies to develop these plans, and they can be complex. GSA also notes that it will rely on its Vendor Risk Assessment Program (VRAP), to assess and monitor supply chain risks of critical vendors, and that the Contractor must agree that the Government may, at its own discretion, perform audits of supply chain processes or events. We expect this to be a growing area of concern for or all federal agencies, and as a result for federal contractors. Given the current environment, we also expect that these types of requirements will continue to evolve and expand, possibly under Polaris and likely in many other procurement and rulemaking activities.
Teaming arrangements and joint ventures
Teaming arrangements and Joint Ventures are permitted under Polaris, as is the use of past performance information from parents, affiliates and subsidiaries, but there are a number of restrictions and qualifying factors. The manner in which points will be available in all areas is highly nuanced and varies dependent upon which type of relationship is being employed. Some important things to consider here:
- For teaming arrangements and/or prime-sub bidders, all members must qualify as small businesses
- For JVs, each member must be small, or it may include two business concerns in a mentor-protégé relationship when both the mentor and the protégé are small, or when only the protégé is small and the concerns have received an exception to affiliation pursuant to 13 CFR 121.103(h)(3)(i) or (iii) – which essentially means that Small Business Administration (SBA)-approved mentor-protégé JVs are eligible to bid; however, for the DOD’s Pilot Mentor-Protégé Program, only JVs where both members are small will be eligible to bid
- Meaningful commitment relationship letters will be required to demonstrate the relationship that exists between team members, JV members and parents, affiliates and subsidiaries
Please note that GSA will also conduct an “organizational risk assessment,” favoring those organizations with a history of working together. If organizations come together for the purpose of this procurement with no prior history of working together, they will not receive the points associated with this scoring factor.
We recommend that anyone planning to team, rely on affiliates or form JVs in pursuit of Polaris read the draft RFP carefully to ensure they understand how points will be counted for each of these types of relationships.
How to prepare for Polaris
The list below includes some ways to prepare for Polaris:
1. Identify potential relevant experience projects
Work with key personnel in contracts, finance or program management to find as many projects as possible that:
- Were performed in the past five years
- Have an IT focus and offer a wide range of services and cover at least one of the performance areas and/or emerging technologies
- Have a large annual value (at least $1 million project value, but the larger the better)
- Have a strong CPARS rating (at least an average of “Very Good” [4.0] or above) or are commercial projects for which you believe your customer would be willing to rate your performance very high and give you a positive recommendation
2. Begin accumulating documentation
The administrative burden associated with these proposals is significant. We recommend beginning to accumulate the following documentation:
- For relevant experience projects, identify and organize all contract award documents, statements of work, contract modifications and most recent CPARS. Make sure the contract documents are signed by the cognizant contracting officer.
- Identify and organize documentation to demonstrate DCAA, DCMA or CFA approval for your company’s accounting system and/or purchasing system.
3. Assign roles and determine responsibilities
To avoid confusion when the solicitation is released, it is best to get the personnel question answered first:
- Who is responsible for checking beta.sam.gov and the GSA website for any pre-solicitation updates?
- Who will be the lead program sponsor, contracts manager, finance manager and proposal manager?
- Who will communicate the status of Polaris to leadership?
- Does your team need to outsource support to ensure a compliant proposal?
4. Assess risk/benefit of proposing as all possible “business arrangements” listed above
Have preliminary dialogue with possible JV organizations or prime contractors/subcontractors
5. Read the draft RFP and respond with your firm-specific questions
