Resources

The ITVMO has developed and collected helpful resources to make government IT acquisitions smarter and faster. Review these knowledge cases to learn more about specific topics. We will regularly update and add to the resources posted to this page.

Don’t see what you are looking for?

If you are unable to find the information you are looking for please Contribute. For any other questions or help please Contact us.

AbilityOne Program

Providing employment opportunities to approximately 40,000 people who are blind or have significant disabilities, including more than 2,500 veterans, the AbilityOne Program is among the nation’s largest providers of jobs for people who are blind or have significant disabilities.

Acquisition Analytics

Acquisition Analytics from cost management, manufacturer analysis, vendors, order size, and price analysis. Includes acquisition data such as: Category overview, Manufacturer analysis, Price Analysis, Vendor analysis, Order size analysis, Cost avoidance.

Acquisition Gateway

A platform for information sharing about Government-wide Acquisition programs, policies, initiatives and tools.A workspace for acquisition professionals and federal buyers to connect with information and resources to improve acquisition governmentwide.

ACT IAC Small Business Alliance

ACT-IAC is committed to fostering the growth of small businesses and ensuring that they continue to play an important role in the government information technology marketplace - which is why ACT-IAC launched the Small Business Alliance in March 2014. This member-focused group is chartered to promote the interests and contributions of Small Business through programs and events designed to increase member engagement, enable stronger liaison across ACT-IAC offerings and provide an in-depth Community of Interest specific to the affinity of small business, tailored to the varying levels of maturity of our members.

Adobe Agency Challenges & Proposed Resolutions

In 2021, the ITVMO began evaluating Adobe through the OEM Assessment Process. As a result of the Assessment, the ITVMO identified common challenges for Federal agencies focused on a perceived lack of support from Adobe in supporting Federal Agencies with sufficient explanations on how to leverage the Adobe products best suited for their unique environments.

Adobe Buyers Vendor Assessment Guide

Review this Adobe Vendor assessment guide for the full documentation on guidance provided for agencies procuring Adobe.

Adobe Close Out Flyer

The ITVMO categorized agency challenges and worked with Adobe to provide solutions. The resulting resources and trainings provided significantly reduced the challenges and impacts previously identified.

Adobe Executive Close Out Memo

In 2021, the ITVMO launched an OEM assessment of Adobe. This memo serves as an executive summary of the engagement.

Adobe OEM Assessment Summary

The ITVMO supports agency acquisitions by providing subject matter expertise on IT vendors. This document highlights common challenges agencies identifies when acquiring Adobe products and services.

Adobe Presentation: Modernizing the Mission of the Government

Adobe has been supporting government since 1985. Review this presentation to learn more about how they are modernizing the mission of government through digital experiences that put people first.

Advanced Persistent Threat Buyer's Guide

Advanced Persistent Threat Buyer's Guide: helps organizations evaluate potential products and solutions that detect, respond to, and recover from APTs. It provides guidance on engaging capable, proven industry partners to minimize APTs and enhance the overall resilience of the nation's cybersecurity.

Agency for International Development (USAID) Small Business Program

The Office of Small and Disadvantaged Business Utilization (OSDBU) is responsible for monitoring USAID’s implementation and execution of the small business programs and advising the Administrator and senior leadership.

Army CHESS Government-wide Strategic Solutions (GSS) for Desktops and Laptops

The GSS systems were implemented for purchase in 2015. A comprehensive refresh process has been deployed every year since in which Agencies provide updates to their requirements, and industry shares its directions and feedback. GSS Version 8 systems have been available since July 2022. GSS Version 9 systems are now available. GSS Version 8 systems will still be offered until they reach end-of-life or are no longer available from the manufacturer.

AWS Acquisition Best Practices

This AWS presentation reviews best practices for Government Cloud Acquisitions. Review AWS recommendations to help better procure your next AWS need.

AWS Acquisitions Guide

Review this AWS Vendor assessment guide for the full documentation on guidance provided for agencies procuring AWS.

AWS Agency Challenges & Proposed Resolutions

In August 2021, the ITVMO began evaluating AWS through the OEM Assessment Process. As a result of the Assessment, the ITVMO identified common challenges for Federal agencies focused on monitoring and managing consumption and improved invoice management.

AWS Close Out Flyer

The ITVMO categorized agency challenges and worked with AWS to provide solutions. The resulting procurement related best practices series significantly reduced the challenges and impacts previously identified.

AWS Executive Close Out Memo

In 2021, the ITVMO launched an OEM assessment of AWS. This memo serves as an executive summary of the engagement.

AWS OEM Assessment Summary

The ITVMO supports agency acquisitions by providing subject matter expertise on IT vendors. This document highlights common challenges agencies identifies when acquiring AWS products and services.

Category Management Basics, Policies, and Guidance

Provides an overview of common category management (CM) principles and policies. Scroll to mid-page for several attachments on amendments and updates to CM and acquisition policies, to include new small business utilization requirements.

Cisco Agency Challenges & Proposed Resolutions

In August 2022, the ITVMO began evaluating Cisco through the OEM Assessment Process. As a result of the Assessment, the ITVMO identified common challenges for Federal agencies focused on price escalation and budget planning, license management, end user license agreement confusion, and extended lead times for hardware.

Cloud and Infrastructure Community Guides & Resources

Provides resources for federal agencies to consolidate and modernize their IT infrastructure.

Cloud Information Center (CIC)

The CIC is designed to educate on all aspects of the acquisition lifecycle, including business, technical, and contractual aspects of cloud solutions.

Coalition for Government Procurement: Small Business Committee

Through our Small Business Committee, the Coalition provides updates on small business-related acquisition rules, regulations, programs, and Federal contract opportunities for small businesses. Agencies include DoD, GSA, OMB, SBA, and the VA.

Consumer Financial Protection Bureau (CFPB) Small Business Program

The CFPB works to help small businesses access the credit they need and deserve by increasing awareness in the small business lending marketplace. Visit this page for added agency resources.

Contract Data (Formerly FPDS)

The FPDS reports transition is complete and the DataBank is the only place to go to create and run contract data reports. If you are searching for contract data (i.e., searching for specific contracts), you must do so at FPDS.gov , which remains the authoritative source for contract data.

Contracting Officer Representative Toolkit

The Contracting Officer Representative Toolkit is a knowledge base tool, developed by a Spring 2020 LEAP team in partnership with FAI. Some of the links provided require an additional user ID and password to access the material.

Contracting Officers Toolkit

The Contracting Officer Toolkit is a knowledge based, ready reference guide, developed by the Fall 2020 LEAP team in partnership with FAI. Some of the links provided may require you to register and login in order to access the material.

Contracting Professionals Smart Guide

The Contracting Professionals Smart Guide is organized into two sections: Contract Formation and Contract Administration. The tables below link to the Activities and their corresponding flow charts.

Data to Decisions: Small Business Dashboard

Small Business Dashboard pulls from the Federal Procurement Database System (FPDS) plus Category Management data augmentations.Note that DOD and military branch obligation data may be delayed up to 90 days; other departments' reporting is through date indicated within dashboard

Data to Decisions Dashboard

The D2D Portal is the gateway to data-driven decisions. It is a data analytics portal that is used to share business insights, including visualizations, reports and datasets. The D2D Portal enables users to search for, access, and share dashboards, datasets, and other content supporting data-driven decision-making across a broad range of stakeholders. Some dashboards are limited to government-only, others are open to industry and the public.

Department of Commerce’s National Institute of Standards and Technology (NIST) Manufacturing Extension Partnership (MEP)

Providing any U.S. manufacturer with access to resources they need to succeed.

Department of Commerce (DOC) Small Business Program

The Office of Small and Disadvantaged Business Utilization (OSDBU) is an advocacy and advisory office responsible for promoting the use of small, small disadvantaged, 8(a), women-owned, veteran-owned, service-disabled veteran-owned, and HUBZone small businesses within the U.S. Department of Commerce's acquisition process. This involves promoting small business prime and subcontracting opportunities in accordance with Federal laws, regulations, and policies and the utilization of products from the National Industries for the Blind and services provided by SourceAmerica.

Department of Defense (DoD) Small Business Program

The DoD’s Office of Small Business Programs maximizes opportunities for small businesses to contribute to national security by providing combat power for our troops and economic power for our nation.

Department of Education (Ed) Small Business Program

The Office of Small and Disadvantaged Business Utilization (OSDBU) works as an advocate to maximize participation of small businesses in Department contracts, through outreach to the business community and partnerships with Department offices to develop and implement acquisition strategies for achieving ED’s mission.

Department of Energy (DoE) Small Business Program

The Office of Small and Disadvantaged Business Utilization OSDBU maximizes contract opportunities for small businesses while advancing the Agency’s missions. The office works to make it easier for small businesses to do business with the DOE, maximizing business opportunities and awards and improving socio-economic category performance.

Department of Health and Human Services (HHS) Small Business Program

HHS’ Office of Small Disadvantaged Business Utilization (OSDBU) has the information and resources to guide your small business to support HHS.

Department of Homeland Security (DHS) Small Business Program

At DHS, we understand that small businesses are vital to our national strength. We ensure that small businesses have a fair opportunity to compete for our contracts.

Department of Interior (DOI) Small Business Program

The Department of the Interior's Office of Small and Disadvantaged Business Utilization (OSDBU) advises the Secretary of the Interior on all matters related to small business and collaborates with leadership throughout the Department to maximize opportunities for small businesses in our acquisitions. The OSDBU implements policies, procedures, and training programs for the Department to emphasize our commitment to contracting with small businesses. Our mission also includes outreach to small and disadvantaged business communities, including Indian economic enterprises, small disadvantaged, women-owned, veteran-owned, service disabled veteran owned, and small businesses located in historically underutilized business zones (HUBZone) areas.

Department of Justice (DoJ) Small Business Program

The DoJ works to ensure that small businesses, including small, disadvantaged businesses, woman owned small businesses, service disabled veteran owned small businesses and HUBZone certified businesses have the maximum practicable opportunity to participate as prime contractors and subcontractors.

Department of Labor (DoL) Small Business Program

The Office of Small and Disadvantaged Business Utilization (OSDBU) administers the U.S. Department of Labor's responsibility to ensure procurement opportunities for small businesses, small, disadvantaged businesses, women-owned small businesses, HUBZone businesses, and businesses owned by service-disabled veterans.

Department of State Small Business Program

How small businesses can do business with the Department of State.

Department of Transportation (USDOT) Small Business Program

The United States Department of Transportation (USDOT), Office of Small and Disadvantaged Business Utilization (OSDBU) mission is to ensure Small Business policies and goals of the Secretary of Transportation are implemented in a fair, efficient and effective manner.

Digital Dashboard

Enables agencies to monitor and improve their digital capabilities

DoD Army Computer Hardware, Enterprise Software and Solutions (CHESS) IT Best-in-Class Vehicle

CHESS provides architecturally sound standards and policy-compliant IT enterprise solutions from more than 20 prime industry IT providers to all Army activities and organizations.

Environmental Protection Agency (EPA) Small Business Program

The EPA Small Business Solutions and Opportunities (SBSO) team is responsible for the implementation of Section 15(k) of the Small Business Act to ensure that small businesses are afforded the maximum practicable opportunity to participate in EPA’s acquisitions.

FAR 16.505 Ordering vs FAR 15.3 Negotiated Procurements

Article explaining typical mistakes to avoid when ordering off a Governmentwide Acquisition Contract (GWAC) and other indefinite delivery/indefinite quantity (IDIQ)-type contracts. Refer to Pages 3 and 4 providing a comparative analysis of the major differences between FAR 16.505 and FAR 15.3.

FAR Part 19 -- Small Business Programs

This part implements the acquisition-related sections of the Small Business Act ( 10 U.S.C. 3063-3064 and 3203), applicable sections of the Armed Services Procurement Act ( 10 U.S.C. 2302, et seq.), 41 U.S.C. 3104, and Executive Order 12138, May 18, 1979.

FAR Smart Matrix

Searchable and filterable interactive tool to view or research information within the FAR.

February 2023 Monthly Bulletin: OEM Solutioning

In late FY 2021, the ITVMO developed the Original Equipment Manufacturer (OEM) Vendor Assessment Offering to provide a coordinated voice representing all agencies to the vendor community. The ITVMO performs governmentwide deep dives of top OEMs identified and prioritized through a Federal IT Buyer Survey and using agency input provided in OMB’s Integrated Data Collection (IDC) Survey. The vendor assessment approach uses a repeatable process that engages agency buyers, vehicle solution holders (e.g., Best-in-Class vehicles), and the OEMs. Continuing reading...(government-only)

Federal Deposit Insurance Corporation (FDIC) Small Business Program

Small business ownership can help individuals and families nationwide achieve financial stability and build long-term wealth. Access to credit and participation in the banking system among existing or aspiring small businesses is vital to the success of communities and the broader economy. The FDIC offers a wide range of resources and tools to consumers and bankers that help plan, launch, manage and grow small business initiatives in their communities. The FDIC also supports small business lending through technical assistance, education, and access to government guaranteed loan programs.

Federal Emergency Management Agency (FEMA) Small Business Program

FEMA’s Small Business Program’s (SBP) mission is to assist small businesses in the pursuit of federal procurements. The SBP office actively engages with FEMA’s procurement personnel to ensure that small businesses have the maximum practicable opportunity to participate in contracts.

Federal IT Dashboard

The IT Portfolio is a management tool that contains budgetary data for Federal IT investments and displays key performance indicators (KPI), metrics and key data points to monitor the health of different investments.

Federal Register

Official journal of the federal government of the United States that contains government agency rules, proposed rules, and public notices. It is published every weekday, except on federal holidays.

Federal Risk and Authorization Management Program (FedRAMP®)

The Federal Risk and Authorization Management Program (FedRAMP®) provides a standardized approach to security authorizations for Cloud Service Offerings.

Data to Decisions: Federal Supplier Base Dashboard

Helps agencies evaluate and compare the composition of their contractor base (including specific market segments of interest) to those at other agencies and the government at large. This tool was developed as part of the Administration's Strategy Priority 3, Strategy 1, Goal 1 for beginning using benchmarking to evaluate opportunities for strengthening supplier diversity.

FedRAMP Baselines Rev 5 Transition Guide

The purpose of this document is to facilitate a structured approach to completing security assessments and reports required to meet FedRAMP compliance based on NIST SP 800-53, Rev. 5. In addition, it defines the required deadlines for transitioning from Revision 4 (Rev. 4) to Rev. 5.

Forecast of Contracting Opportunities Tool

The goal of this tool is to provide a nationwide dashboard of upcoming federal contracting opportunities. All projected procurements are subject to revision or cancellation. Final decisions on the extent of competition, small business participation, estimated value, or any aspect of the procurement are made if/when a solicitation is posted to SAM.gov. Forecast data is for planning purposes only and is not a commitment by the Government to purchase the described products and/or services. Address questions regarding a planned procurement to the point of contact listed in the record.

Future of Workstations Whitepaper

This white-paper informs how the Federal Acquisition Programs join forces to produce annual standards for procuring end user solutions for desktops and laptops.

FY 2021 ITVMO Industry Day

The ITVMO hosted an Industry Day to engage industry as an ITVMO partner to inform acquisition trends and priorities.

FY 2021 ITVMO Open House

THe ITVMO hosted an Open House for government IT buyers and program managers to increase understanding and awareness of the program's capabilities.

General Services Administration (GSA) Small Business Program

The resource page will help small businesses learn more about doing business with GSA, government contracting opportunities, and marketing your contract.

Governmentwide Acquisition Contracts (GWACs)

Using pre-competed Governmentwide Acquisition Contracts (GWACs) will help your agency buy total IT solutions more efficiently and economically. Federal contracting officers must follow these steps to begin using GSA's GWACs.

Governmentwide Technology Playbooks

Comprehensive guides to various technical topics from both a tactical and a strategic perspective. Includes: Application Rationalization, Technology Business Management, Robotic Process Automation, Database Transformation, 18F User Experience, Federal IT Accessibility, and Digital Services.

Govt-wide CM oversight & Performance Management Tools

Govt-wide CM oversight & Performance Management Tools, which includes links to: Exec Summary dashboard, Agency Profile 2.0, Small business dashboard, BIC dashboard, Common Defense centric spend data tables.These reports collectively enable CM KPIs to be tracked and analyzed by agency, department, category, sub category, and vendors, and contracts.

GSA 8(a) STARS III IT Best-in-Class Vehicle

8(a) STARS III is a small business set-aside GWAC that provides flexible access to customized IT solutions from a large, diverse pool of 8(a) industry partners. This next-generation GWAC builds upon the framework of 8(a) STARS II and expands capabilities for emerging technologies and outside the continental United States (OCONUS) requirements.

GSA Alliant 2 IT Best-in-Class Vehicle

Alliant 2, a Best-in-Class GWAC that is preferred governmentwide solution, offers artificial intelligence (AI), distributed ledger technology (DLT), robotic process automation (RPA), and other types of emerging technologies.

GSA Complex Commercial Satellite Communications (SATCOM) IT Best-in-Class Vehicle

Complex Commercial Satellite Communications (SATCOM) Solutions allows federal agencies to build large, complex, custom satellite solutions. Solutions include satellite transport (bandwidth), fixed or mobile satellite service, and service-enabling components such as terminals, handsets, and tail circuits with engineering services to integrate, operate, and maintain the solution

GSA Contact information for small business support

GSA's small business contacts provide access to GSA’s nationwide procurement opportunities through outreach, training, and counseling. They are advocates for small businesses, including small disadvantaged businesses, women-owned small businesses, service-disabled veteran-owned small businesses, HUBZone small businesses, and veteran-owned firms.

GSA Enterprise Infrastructure Solutions (EIS) IT Best-in-Class Vehicle

Enterprise Infrastructure Solutions (EIS) is the go-to contract for enterprise telecommunications and networking solutions.

GSA FAS GWAC Sales Dashboard

The GWAC dashboard displays obligated sales and task orders by agency, bureau and by industry partner for three GWAC programs: 8A Stars II, Alliant 2 and VETS 2.

GSA Federal Acquisition Service Government-wide Strategic Solutions (GSS) for Desktops and Laptops

GSA Multiple Award Schedule (MAS) IT Best-in-Class Vehicle

Buying through MAS Information Technology shortens procurement cycles, ensures compliance, and delivers the best value on over 7.5 million innovative IT products, services, and solutions from over 4,600 pre-vetted vendors.

GSA Polaris Vehicle

Polaris will be a small business governmentwide acquisition contract (GWAC) for acquiring customized information technology (IT) services and IT services-based solutions.

GSA Training Resources for Small Businesses

This page provides a list of available training materials and opportunities for small businesses, which help them to do better business with government.

GSA Vendor Support Center

Whether you're looking at getting your first contract, researching contract maintenance/compliance, or reporting your contract sales. The Vendor Support Center is here to provide you with the information necessary to help your business be successful.

GSA VETS2 IT Best-in-Class Vehicles

The VETS 2 GWAC is the only GWAC set aside exclusively for Service-Disabled, Veteran-Owned Small Businesses (SDVOSB). It's designed to meet diverse agency IT services requirements, including new and emerging technologies.

Housing and Urban Development (HUD) Small Business Program

The HUD OSDBU is responsible for ensuring that small businesses are treated fairly and that they have an opportunity to compete and be selected for a fair amount of the Agency's prime and subcontracting opportunities.

How OEMs Operate: Module-2: Structure

Understanding the various teams and support functions within the OEM organization helps customers be better prepared for acquisitions and be better positioned to maintain a beneficial relationship with the OEM over the course of the contract. .gov/.mil audience only

How OEMs Operate: Module-3: Sales Roles

The forward-facing part of product companies is in their sales organization. The OEM’s salespeople approach all parts of your IT organization to explain their value proposition for their products. They are also instrumental in approaching your acquisition personnel on how to purchase their products. .gov/.mil audience only

How OEMs Operate: Partners

The OEM has a partner network to expand its reach to all potential customers. Often referred to as the channel, these partners are an extension of the sales arm of the OEM.

How OEMs Operate: Recap

Recap of understanding how OEMs are organized and operate. .gov/.mil audience only

How OEMs Operate: Sales Cadence

Understanding the OEM sales processes requires a better understanding of two complementary concepts: account planning and customer relationship management (CRM). .gov/.mil audience only

How OEMs Operate: Sales Support

OEMs have several different functions to support the sales arm of its operations. Many of these functions may be in the background hidden from your organization, but others are front and center when executing a purchase. This overview focuses on the sales support areas that your team will likely encounter during the sales process. .gov/.mil audience only

How OEMs Operate: Sales Support -- Continued

The OEM has a partner network to expand its reach to all potential customers. Often referred to as the channel, these partners are an extension of the sales arm of the OEM.

IT Acquisitions and Contracts Management

STATE OF FEDERAL IT REPORT / PUBLIC RELEASE VERSION 1.0. Provides a state of the IT Portfolio, many of these policies and guidance still relevant today.

IT Buyers Agency Knowledge Sharing

As a broker of IT acquisition intelligence requests, the ITVMO works across the community and fellow agency IT Buyers to gather and increase the availability of standards, best practices, and guides. To further support the growing increase in agency specific requests, the ITVMO provides an agency knowledge sharing forum on Connect.gov. This is for government-only.

IT Buyers MAX Portal

All IT Buyers Community of Practice materials will be posted on the ITB CoP MAX page. This MAX page link will be shared via the CoP meetings and email correspondences.Includes: Trainings/ Webinars, ITB Resources, ITB Tools, ITB Knowledge Sharing, Cohorts, SME POCs

IT Category Management Reports

Includes CM IT Key Performance Indicators (KPI) across agency, expiring awards and contracts, market landscape, price analysis, and spend channel analysis: IT Agency Profile and GSA FAS acquisitions analytics - IT category.

June 2023 Monthly Bulletin: Contract Review Service

The ITVMO is thrilled to announce the establishment of its newest service offering, Contract Review as a Service (CRaaS). Over the last several years, the ITVMO has worked with dozens of agencies to identify and resolve common Original Equipment Manufacturer (OEM) related challenges, ranging from customer service issues to product deficiencies to contractual “gotchas”. Our collaboration with customer agencies and top OEMs has led to enhanced communication and industry partnership commitments that will certainly help agencies get the most out of their IT investments. Continuing reading...(government-only)

Manufacturing USA Program

National network created to secure U.S. global leadership in advanced manufacturing through large scale public-private collaboration on technology, supply chain and workforce development.

Microsoft Agency Challenges & Proposed Resolutions

In July 2021, the ITVMO began a deep dive of Microsoft to support Agencies with specific procurement issues including transitioning from G3 to G5, negotiating terms and conditions, and contract lifecycle management.

Microsoft G5 Transition Guide

This guide assessed the risks associated with Microsoft G5 migrations. It was developed to provide agencies with effective acquisition strategies, identify major milestones for contract renewals, and help agencies identify and prioritize relevant factors when considering an upgrade to G5. .gov/.mil audience only

Microsoft Webinar 1: Negotiating Terms and Conditions

The first training session on Negotiating Terms and Conditions presented the latest knowledge and best practices on negotiating with Microsoft including licensing agreements, pricing and cost information, and discount approaches.

Microsoft Webinar 2: Infrastructure and Security Management

The second session covered IT Infrastructure and Security best practice from an acquisitions perspective and focused on the suite of Microsoft cloud products, best practices for managing these services, and recommendations on how to implement them effectively.

Microsoft Webinar 3: IT Contract Lifecycle Management

The final session addressed Microsoft Contract and Lifecycle Management best practices including how to manage requirements, ensure audi readiness, and recommendations on how to centralize Microsoft services within an agency.

Minority Business Development Agency (MBDA)

The U.S. Department of Commerce, Minority Business Development Agency (MBDA) is the only federal agency solely dedicated to the growth and global competitiveness of minority business enterprises.

NASA SEWP Government-wide Strategic Solutions (GSS) for Desktops and Laptops

NASA SEWP Small Business Contract Holders

This tool shows small business on vehicle with NASA SEWP.

NASA Solutions for Enterprise-Wide Procurement (SEWP) IT Best-in-Class Vehicle

The NASA SEWP (Solutions for Enterprise-Wide Procurement) GWAC (Government-Wide Acquisition Contract) provides the latest in Information and Communications Technology (ICT) and Audio-Visual (AV) products and services for all Federal Agencies and their approved contractors.

National Aeronautics and Space Administration (NASA) Small Business Program

The mission of the NASA Office of Small Business Programs is to promote and integrate small businesses into the industrial base of contractors and subcontractors that support the future of space exploration, scientific discovery, and aeronautics research.

National Institute of Health (NIH) Small Business Program

If you're a small business interested in contracting at NIH, please start by reading the information provided by our parent Agency, the Department of Health and Human Services.

National Science Foundation (NSF) Small Business Program

The National Science Foundation (NSF) Office of Small and Disadvantaged Business Utilization (OSDBU) helps increase contract and subcontract awards to small and disadvantaged businesses and identifies potential businesses to support NSF.

Networx Security Services

The Networx contracts require a basic level of security management for its contractors that ensures compliance with Federal Government generally accepted security principles and practices, or better. The contracts employ adequate and reasonable means to ensure and protect the integrity, confidentiality, and availability of Networx services, Operational Support Systems (OSS), and Government information transported or stored in the contractors Networx services infrastructure. These requirements are detailed in Section C.3.3.2 of the Networx contracts.

NIH NITAAC Government-wide Strategic Solutions (GSS) for Desktops and Laptops

NIH NITAAC Small Business Search Tool

This tool provides guidance on identifying small business and set-aside categories through the NITAAC website.

NIH NITAAC University

Welcome to NITAAC University, where you can begin your education on Information Technology (IT) acquisitions and find trainings that cover the basics of using our Government-Wide Acquisition Contracts (GWACs). Our hope is to simplify the complexities of acquisitions enough to assure our clients enjoy the faster, easier procurements that are available through NITAAC.

NIST Computer Security Resource Center

NIST Computer Security Resource Center: has information on many of NIST's cybersecurity- and information security-related projects, publications, news and events. CSRC supports people and organizations in government, industry, and academia—both in the U.S. and internationally.

NIT NITAAC CIO Commodity Services (CIO-CS) IT Best-in-Class Vehicle

Every IT commodity you can think of and any IT commodity-enabling solution you can imagine, can be procured through the CIO-CS contract. From Cloud Computing, Cyber Security and Mobility CIO-CS contractors have a solution.

NIT NITAAC CIO IT Services and Solutions (CIO-SP3) IT Best-in-Class Vehicle

With more than 137 labor categories and 10 task areas, the CIO-SP3 contract is designed to give federal agencies a streamlined ordering process to acquire a wide range of IT services and solutions

NIT NITAAC CIO IT Services and Solutions (CIO-SP3)Small Business IT Best-in-Class Vehicle

The CIO-SP3 vehicle provides federal or civilian agencies a mechanism for efficiently ordering IT solutions and services at equitable and reasonable prices while helping to achieve their socio-economic contracting goals.

NITAAC Contract Holder Directory

Search 450+ contract holders using the NITAAC contract holder directory tool.

NITAAC Independent Government Cost Estimate (IGCE ) Template

The NITAAC Independent Government Cost Estimate (IGCE ) is used to assist in the determination of the acquisition strategy, as well as an estimated cost for the proposed effort.

NOAA Small Business News Page

This page provides a compilation of recent and past articles related to NOAA's efforts to increase small business and opportunities for small businesses to support NOAA.

North American Industry Classification System (NAICS) Search Tool

This official U.S. Government Web site provides the latest information on plans for NAICS revisions, as well as access to various NAICS reference files and tools. Additional information on the background and development of NAICS is available in the History section of this Web site.

Nuclear Regulatory Commission (NRC) Small Business Program

The U.S. Nuclear Regulatory Commission (NRC) is committed to ensuring that small businesses are afforded the maximum practicable prime and subcontract opportunities in support of agency mission operations. The Small Business Program takes the lead in this effort by serving the NRC and the business community by advocating for small businesses, including businesses owned by the disadvantaged, women, veterans, and service-disabled veterans, as well as companies located in Historically Underutilized Business Zones (HUBZones).

Office of Personnel Management (OPM) Small Business Program

OPM has established a world-class small business program at OPM by using the authorities of small business legislation to expedite the acquisition process in order to maximize the use of small businesses that provide the best value to OPM.

Open FAR Cases Report (updated bi-weekly)

This agency provides an updated bi-weekly report of open Federal Acquisition Regulation (FAR) cases. Visit the site and click open cases for the latest bi-weekly PDF report.

Oracle Vendor Assessment Playbook

This training resource provides an 8-part information series on OEM operating practices to educate agency IT buyers and help them achieve a stronger negotiating position challenges. .gov/.mil audience only

Part 39 - Acquisition of Information Technology

This part prescribes acquisition policies and procedures for use in acquiring— (a) Information technology, including financial management systems, consistent with other parts of this regulation, OMB Circular No.A-127, Financial Management Systems and OMB Circular No.A-130, Management of Federal Information Resources; (b) Information and communication technology (see 2.101(b)).

Periodic Table of Acquisition Innovations

The governmentwide acquisition knowledge management portal for innovative business practices and technologies.

Product Service Code (PSC)Selection Tool

This tool allows users to search for the right PSC by keyword search, code search, or using the Federal Government's category management (CM) spend categories. These categories, as established by the Office of Management and Budget (OMB) and the cross-agency Category Management Leadership Council (CMLC), group together like products or services to enable the government to buy smarter and more like a single enterprise, delivering more savings, value, and efficiency for Federal Agencies. The tool also allows searches by DOD's legacy sixteen portfolio groups that were established under the Better Buying Power initiative.

Public CM Dashboards and Analytics

A similar collection as the Govt-wide CM tools with the addition of: Awards Exploration, Contract Inventory Exploration, Vendor Managed Spend.

SBA's Contracting Guide for Small Businesses

The federal government contracts with small businesses to buy products and services. This page provides access to several resources, tools, and guidance reports to help small businesses navigate the Federal Marketplace.

SBA’s Small Business Investment Company (SBIC) program

Seeks to stimulate and supplement the flow of private equity capital and long-term loan funds to small businesses, which small business concerns need for the sound financing of their business operations and for their growth, expansion, and modernization when such capital is not available in adequate supply.

ServiceNow Agency Challenges & Proposed Resolutions

In February 2022, the ITVMO began evaluating ServiceNow through the OEM Assessment Process. As a result of the Assessment, the ITVMO identified common challenges for Federal agencies focused on best practices and operations and maintenance.

ServiceNow Close Out Flyer

The ITVMO categorized agency challenges and worked with ServiceNow to provide solutions. The resulting procurement related best practices series significantly reduced the challenges and impacts previously identified.

ServiceNow Executive Close Out Memo

In 2021, the ITVMO launched an OEM assessment of ServiceNow. This memo serves as an executive summary of the engagement.

ServiceNow Webinar 5: Implementing a Citizen Development Program

Low- and no-code development can help your organization expand its application development to include citizen developers. With effective management in place, citizen development boosts your digital transformation efforts and delivers more innovation because it extends your development potential beyond the IT developer team, generating flexibility and efficiency.

ServiceNow Webinar 6: Understanding the Licensing Model and Pricing Framework

As a critical platform for many agencies, ServiceNow acquisition and growth strategy requires careful planning and preparation. Watch this webinar to learn best practices for how to purchase ServiceNow to ensure your agency can effectively manage its ServiceNow footprints and receive the best value for your investment.

Small Business Administration Site Page

Continues to help small business owners and entrepreneurs start, grow, expand, and recover in the federal marketplace. SBA is the only cabinet-level federal agency fully dedicated to small business and provides counseling, capital, and contracting expertise as the nation’s only go-to resource and voice for small businesses.

Small Business Census Data

Here you will find detailed statistics about U.S. businesses that are essential to help small businesses succeed and grow.

Small Business Frequently Asked Questions (GSA)

OSDBU has compiled a list of Frequently Asked Questions from several webinars and events. Visit each event page to learn more.

Small Business Innovation Research Program (SBIR)

Small Business Innovation Research Program (SBIR) and Small Business Technology Transfer (STTR) programs are highly competitive programs that encourage domestic small businesses to engage in Federal Research/Research and Development (R/R&D) with the potential for commercialization.

Small Business Mentor-Protégé Programs Congressional Research Services Report

This is a CRS report from 2021. This report provides an overview of the federal government’s various small business mentor-protégé programs. All of these programs are intended to assist small businesses in performing as contractors, subcontractors, or suppliers on federal or federally funded contracts, but the programs differ in their scope and operations. The federal government currently has several mentor-protégé programs to assist small businesses in various ways. Other agencies also have agency-specific mentor-protégé programs designed to assist various types of small businesses or other entities in obtaining and performing subcontracts under agency prime contracts.

Social Security Administration (SSA) Small Business Program

The Social Security Administration (SSA), is committed to advancing the small business procurement program, by provide maximum practicable opportunities in SSA acquisitions to small business, veteran-owned small business, service-disabled veteran-owned small business, HUBZone small business, small disadvantaged business, and women-owned small business concerns.

System for Award Management (SAM)

U.S. Department of Treasury Small Business Program

The following links are provided for reference and information. The Federal OSDBU Council does not endorse any non-government websites, companies, or applications—and cannot attest to the accuracy of the information provided by third-party websites or any other linked websites.U.S.

US Trade Representative Small Business Report

This site page provides an overview of the US Trade Representative's Office for Small Business to include its domain experts evaluating small business performance. Refer to this page for added access to small business reports and analysis.

Veteran Affairs Small Business Program

The office of Small & Disadvantaged Business Utilization programs implement the requirements to aid, counsel, assist, and protect the interests of small and Veteran business concerns.

White Paper: Analysis of Small Business Utilization within the Information Technology Category

The Data Analytics and AI Working Group recently published a White Paper on their findings from a lab project, where the Government could leverage and understand the potential of state of the art Analytics and AI tools, as applied to Agency provided use cases.

8(a) STARS III Pricing Tool

All 8(a) STARS III contracts provide for an annual price escalation of 2.06%; so awarded labor rates beyond contract year 5 can be calculated by escalating year 5 rates by 2.06% annually.

AI.gov Use Cases

The United States stands to benefit significantly from harnessing the opportunities of AI to improve government services. The federal government is leveraging AI to better serve the public across a wide array of use cases, including in healthcare, transportation, the environment, and benefits delivery. The federal government is also establishing strong guardrails to ensure its use of AI keeps people safe and doesn’t violate their rights.

AI Use Cases Department of Agriculture

The USDA's AI inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases Department of Commerce

The Department of Commerce's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases Department of Education

The Department of Education's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases Department of Energy

The Department of Energy's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases Department of Health and Human Services

The HHS inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases Department of Homeland Security

The Department of Homeland Security inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases Department of Housing and Urban Development

HUD's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases Department of Justice

The Department of Justice's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases Department of Labor

The Department of Labor's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases Department of State

The Department of State's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases Department of the Interior

The Department of Interior's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases Department of the Treasury

The Department of Treasury's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases Department of Transportation

The Department of Transportation's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases Department of Veteran Affairs

The VA's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases Export-Import Bank of the United States (EXIM)

EXIM's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases National Aeronautics and Space Administration

NASA's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases National Archives and Records Administration

NARA's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases National Institute of Standards and Technology

NIST's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases National Science Foundation

NSF's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases National Transportation Safety Board

NTSB's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases Small Business Administration

SBA's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases Social Security Administration

SSA's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases U.S. Agency for International Development

USAID's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases U.S. Department of Personnel Management

OPM's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases U.S. Environmental Protection Agency

EPA's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

AI Use Cases U.S. General Services Administration

GSA's inventory encompasses both existing and prospective AI applications, aligning with the agency's mission. This initiative reflects the broader commitment to adopting AI in a manner that is responsible, transparent, and aligned with the nation's values and legal frameworks.

ARTIFICIAL INTELLIGENCE: Agencies Are Implementing Management and Personnel Requirements

AI is rapidly changing the world and has significant potential to transform society and people’s lives. According to the Administration, agencies are already using AI operationally in various areas. Further, agencies have requested $1.9 billion for research and development investment in AI for fiscal year 2024. Given the rapid growth in capabilities and widespread adoption of AI, the federal government must responsibly manage its use.

Artificial Intelligence and Its Potential Effects on the Economy and the Federal Budget

The Congressional Budget Office (CBO) released a report on December 20, 2024, analyzing how artificial intelligence (AI) could impact the U.S. economy and federal budget. The report suggests that AI adoption may boost economic growth by enhancing productivity and enabling new products and services. However, it also notes potential disruptions in employment and wage structures, leading to shifts in income distribution. These economic changes could influence federal revenues and expenditures, though the exact effects remain uncertain. Additionally, the government's use of AI might improve operational efficiency and revenue collection but could also require significant initial investments. The CBO emphasizes the unpredictability of AI's future trajectory and its complex implications for economic and budgetary outcomes.

Artificial Intelligence: GAO's Work to Leverage Technology and Ensure Responsible Use

This U.S. Government Accountability Office (GAO) report discusses how GAO is leveraging Artificial Intelligence (AI) internally to improve efficiency, effectiveness, and depth of its work for Congress and taxpayers. It mentions the deployment of a large language model for tasks such as synthesizing past reports and scanning congressional documents. The report outlines eight AI use cases GAO is exploring, from organizing large volumes of text to assisting with editorial tasks, and how these initiatives help GAO gain insights into AI's benefits and risks.

Bipartisan House Task Force Report on Artificial Intelligence

The Bipartisan House Task Force on Artificial Intelligence, established in February 2024 and co-chaired by Representatives Jay Obernolte (R-CA) and Ted Lieu (D-CA), has released a comprehensive report addressing AI's multifaceted impact on society. The report offers recommendations across various domains, including government use, national security, civil rights, education, and intellectual property. Key suggestions include developing federal AI guidelines, enhancing cybersecurity, promoting AI education, and ensuring ethical AI deployment to protect civil liberties. The Task Force emphasizes the importance of balancing innovation with safeguards to maintain the United States' leadership in AI while mitigating potential risks.

BOD 25-01: Implementing Secure Practices for Cloud Services Required Configurations

On December 17, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) issued Binding Operational Directive (BOD) 25-01: Implementing Secure Practices for Cloud Services. Through the Secure Cloud Business Applications (SCuBA) project, CISA has developed Secure Configuration Baselines to provide consistent, effective, and manageable cloud security configurations, as well as assessment tools that allows agencies and CISA to improve the security of Federal Civilian Executive Branch assets hosted in cloud environments. BOD 25-01 requires all Federal Civilian Executive Branch agencies to comply with a defined set of these Secure Cloud Baselines, deploy automated configuration assessment tools to check compliance, and to remediate deviations from these policies under BOD 25-01. Although BOD 25-01 only requires action by Federal Civilian Executive Branch agencies, CISA strongly recommends all stakeholders implement these policies and leverage CISA’s SCuBA assessment tool and the information on this page. Doing so will reduce significant risk and enhance collective resilience across the cybersecurity community.

CISA Names First Chief Artificial Intelligence Officer

The Cybersecurity and Infrastructure Security Agency (CISA) appointed Lisa Einstein as its first Chief Artificial Intelligence Officer. This move emphasizes CISA's commitment to responsibly using AI to enhance its cyber defense mission and support the secure development and adoption of AI in critical infrastructure across the U.S. Einstein, who has been leading CISA’s AI efforts since 2023, will focus on building AI expertise within the agency and ensuring safe AI practices.

CISA Services Portal

CISA provides a secure means for constituents and partners to report incidents, phishing attempts, malware, and vulnerabilities.

CISA’s Roadmap for Artificial Intelligence

The Cybersecurity & Infrastructure Security Agency (CISA) addresses artificial intelligence (AI) security, emphasizing the need for AI to be secure by design. CISA's Roadmap for Artificial Intelligence outlines a whole-agency approach to promote AI's beneficial uses in cybersecurity, protect AI systems from cyber threats, and prevent the malicious use of AI against critical infrastructure. The Roadmap includes five key lines of effort: responsibly using AI in CISA's mission, assuring AI systems, protecting critical infrastructure from AI threats, collaborating on AI efforts, and expanding AI expertise within the workforce.

Cloud Computing: Agencies Need to Address Key OMB Procurement Requirements

In 2019, the Office of Management and Budget established 5 key requirements for agencies related to procuring secure, cost-effective cloud services. As of July 2024, the 24 major agencies set policies and guidance that addressed some of these requirements but not others. For example, all the agencies had established guidance to ensure their chief information officer oversees agency modernization efforts. But most hadn't established guidance on service level agreements—which define the levels of service and performance the agency expects its cloud providers to meet.

Cloud Operations Best Practices & Resources Guide

GSA's guide supports a federal agency’s journey to optimize its cloud operations. Whether purchasing new cloud services, migrating applications, or simply managing your current IT investments, your agency’s ability to manage the cost, capability, security and quality of your cloud impacts how well it serves its mission and its stewardship of taxpayer dollars. The guide is not a how-to or training document; it is not meant to be read cover to cover. Rather, it is organized to allow readers to quickly find the relevant best practices, useful resources, and agency templates on a specific topic of interest.

Critical Infrastructure Protection: Agencies Need to Enhance Oversight of Ransomware Practices and Assess Federal Support

This U.S. Government Accountability Office (GAO) report highlights the critical need for enhanced oversight of ransomware practices within four key sectors: manufacturing, energy, healthcare and public health, and transportation systems. It points out that although federal agencies have assessed or plan to assess risks associated with ransomware, they have not fully evaluated the adoption of leading cybersecurity practices or the effectiveness of federal support in mitigating these risks. The report underlines the devastating impacts of ransomware, including significant financial losses and disruptions to essential services, and makes 11 recommendations to improve the situation.

Cyber Resiliency: CrowdStrike Outage Highlights Challenges

Challenges in supply chain risk management, testing, contingency planning, and cyber information sharing make it more difficult to mitigate cybersecurity risks to IT systems. GAO’s work in these areas highlights the need to mitigate them.

Cybersecurity: An overview of cyber challenges facing the nation, and actions needed to address them.

Federal agencies and our nation’s critical infrastructure—including energy, transportation systems, communications, and financial services—rely on IT systems to perform operations and process essential data. Ensuring the security of these systems and data is crucial for protecting individual privacy and national security. However, risks to IT systems are on the rise, with malicious actors becoming more willing and capable of launching cyberattacks. Additionally, the frequency and cost of cyberattacks across the United States are increasing.

Cybersecurity: Improvements Needed in Addressing Risks to Operational Technology

The U.S. Government Accountability Office (GAO) report, published on March 7, 2024, addresses the cybersecurity risks to operational technology (OT) systems, which are crucial for controlling processes and production in critical infrastructure, such as oil pipelines. The report highlights the significant threat cyberattacks pose to these systems. It evaluates the Cybersecurity and Infrastructure Security Agency's (CISA) efforts in providing technical assistance to critical infrastructure owners and operators to mitigate these risks. Despite some positive feedback, challenges persist, including insufficient staffing with the necessary skills at CISA and delays in addressing reported vulnerabilities. The GAO recommends that CISA improve its workforce planning and customer service measurement to better address OT cybersecurity risks. Additionally, the report identifies challenges in collaboration between CISA and other agencies, noting that CISA has not fully adopted leading collaboration practices. To enhance its support for OT cybersecurity, the GAO makes four recommendations aimed at improving CISA's products, services, and collaboration efforts. The Department of Homeland Security (DHS) has concurred with these recommendations and outlined plans for their implementation.

Cybersecurity: National Cyber Director Needs to Take Additional Actions to Implement an Effective Strategy

This U.S. Government Accountability Office (GAO) report, evaluates the National Cybersecurity Strategy and its implementation plan, led by the Office of the National Cyber Director (ONCD). The strategy aims to protect federal information systems and the nation's critical infrastructure against cyberattacks. While the strategy and plan establish a solid foundation, the GAO identifies gaps in detailing how to consistently and effectively implement the strategy across the government. The report highlights the need for the ONCD to incorporate more specific performance measures and estimate implementation costs to enhance the strategy's execution. The strategy and plan address four of six desirable characteristics identified by the GAO but only partially meet the remaining two. The gaps include a lack of outcome-oriented performance measures and detailed resource and cost estimates for implementation initiatives. The GAO emphasizes that addressing these shortcomings is crucial for understanding plan outcomes and managing the funding of activities effectively. The report concludes with two recommendations for the ONCD: to develop outcome-oriented performance measures and to estimate the costs of implementation activities. While the ONCD agrees with the first recommendation, it disagrees with the second, highlighting a divergence in views on the strategy's execution.

De-Risking Government Technology 2.0 Guide

The De-risking Government Technology Guide 2.0 offers 18F’s expertise on lowering the risk of project failure at any stage, from budgeting to post award. This is the first update since the guide was published in 2020.

Department Of Homeland Security Artificial Intelligence Roadmap 2024

The Department of Homeland Security (DHS) is actively incorporating artificial intelligence (AI) into its operations to enhance national security and efficiency across various domains. AI's role in DHS's mission has expanded significantly, with the department leveraging this technology for over a decade. Initially, AI was used for tasks requiring human intelligence, but it now includes systems capable of reasoning, inference, and learning. The sophistication of AI systems has notably increased, especially in recent years, making them more accessible through internet-based interfaces and integrated software. DHS's AI applications span across border security, cybersecurity, immigration, trade, transportation safety, and workforce productivity. The department has been pioneering in using machine learning (ML) technologies since 2015, starting with identity verification tasks. Currently, DHS has documented 41 different AI use cases, with plans to expand this inventory as AI usage grows.

Digital Experience: Agency Compliance with Statutory Requirements

Public-facing federal websites should be user-friendly. To achieve this, the 21st Century Integrated Digital Experience Act requires federal agencies to ensure their websites meet 8 modernization requirements. For example, websites should be accessible, mobile-friendly, and searchable. How did agencies do in 2023? We looked at 24 large agencies that provide high-impact services through their websites. About a third of them reported making progress on all the requirements. The rest either reported progress on some requirements, none, or didn't submit reports.

Federal Acquisition Regulation

Browse Federal Acquisition Regulations (FAR) Part/Subpart or download in various formats. Complete FAR also available for download.

Federal Civilian Executive Branch (FCEB) Operational Cybersecurity Alignment (FOCAL) Plan

As the operational lead for federal cybersecurity, CISA uses the FOCAL Plan to guide coordinated support and services to agencies, drive progress on a targeted set of priorities, and align collective operational defense capabilities. The end result is reducing the risk to more than 100 FCEB agencies. CISA developed this plan in collaboration with FCEB agencies to provide standard, essential components of enterprise operational cybersecurity and align collective operational defense capabilities across the federal enterprise. The FOCAL Plan is not intended to provide a comprehensive or exhaustive list that an agency or CISA must accomplish. Rather, it is designed to focus resources on actions that substantively advance operational cybersecurity improvements and alignment goals.

Federal Software Licenses: Agencies Need to Take Action to Achieve Additional Savings

Annually, the U.S. federal government allocates over $100 billion to IT and cybersecurity initiatives, a significant portion of which is dedicated to acquiring software licenses. With thousands of these licenses procured from various vendors each year, the Government Accountability Office (GAO) was tasked to scrutinize the procurement of these software licenses by federal agencies. To achieve this, the GAO examined self-reported data from agencies under the Chief Financial Officers Act of 1990, focusing on their five most used and costliest software licenses. These were then ranked based on the frequency of specific vendors and products mentioned across the government. Furthermore, the GAO conducted a detailed review of nine agencies, chosen based on their IT budget sizes. This review involved comparing the agencies' most used licenses against established federal guidelines and conducting interviews with officials from all 24 agencies. As a result, the GAO has put forward 18 recommendations for nine agencies, urging them to meticulously track software license usage and align their inventories with the licenses purchased.

Federal Zero Trust Data Security Guide

This document was developed by the Zero Trust (ZT) Data Security Working Group in furtherance of its directive under the Office of Management and Budget (OMB) Memorandum M-22-09, Moving the U.S. Government Towards Zero Trust Cybersecurity Principles. The Working Group is a joint committee comprised of members from the Federal Chief Data Officer (CDO) Council and Chief Information Security Officer (CISO) Council, as well as other Federal stakeholders. OMB M-22-09 charges the Working Group with developing a guide for Federal agencies that addresses how existing Federal information categorization schemes can support effective data categorization in a security context. It also focuses on developing enterprise-specific data categories not addressed by existing Federal categories, identifying members to act as leads or designate leads within their agencies to convene a community of practice (CoP) for specific areas of focus, and supporting pilots of emerging approaches and best practices among agencies. This document is intended to assist agencies on their ZT journey as they continue to implement ZT principles year-to-year and across Administrations.

FedRAMP Modernization Overview

Provides an overview of the FedRAMP Modernization initiative, detailing the steps being taken to upgrade technology and processes to better meet the future needs of FedRAMP’s stakeholders. The modernization efforts are in response to legislation codifying FedRAMP and align with OMB budget’s draft memo on modernizing FedRAMP. The goal is to improve federal cloud cybersecurity by reducing the time, cost, and effort for initial assessments of commercial cloud service offerings (CSOs), improving customer experience, increasing the quality and accuracy of security artifacts through standardization, and refining the continuous monitoring program. Efforts are being made to evaluate and optimize security assessment and monitoring processes to reduce authorization timelines and costs. This includes addressing backlogs and streamlining the flow of security packages. The focus is on strengthening collaboration and engagement with the stakeholder community (agencies and commercial partners) to meet their needs and achieve program goals. The modernization efforts aim to make it easier for stakeholders to create, submit, and process assessment and continuous monitoring documentation.

FinOps - Agency Case Study: U.S. Army - CAMO

In 2019, the U.S. Army stood up the EnterpriseCloudManagementAgency (ECMA) to kickstart cloud migration. ECMA identified and satisfied the requirement for a prototype process to help the Army effectively plan, budget, and consume commercial cloud services. In March 2021, ECMA awarded the CloudAccount ManagementOptimization (CAMO) Agreement to begin the Army’s cloud journey by providing Cloud Service Provider (CSP) reselling services to the Army. CAMO was initiated as an Other Transaction Authority (OTA) to experiment with industry partners to bring multi-cloud products and services to the Army with best possible pricing and without excessive toil by the customer. CAMO demonstrates the value of an enterprise solution which incentivizes appropriate behaviors, provides tangible value to the user base and Army, creates visibility of utilization and investments, and creates long term cost avoidance when compared to alternatives.

FinOps Assessment Tool

This tool allows the user to evaluate their cloud cost management maturity against the standard FinOps domains. This utility provides both a current state and future state assessment.

FinOps Best Practices

Delves into the operational model and management of unused or underutilized resources.

FinOps Cloud Cost Reporting Template

This tool can read multiple months of Azure billing data and generate spend trend reports.

FinOps ForeCast Spreadsheet

This tool can help forecast 24 months of future spend with only 6 months of data. It also can show savings plan discount coverage.

FinOps Optimization through discounts

A document that describes savings available from vendor savings plans, reserved instances and consolidated billing.

Frequently Asked Questions for Contractors

The IT Governmentwide Category, under the principles of Category Management (CM), engages in activities to increase small business utilization across the Federal Government. These activities raise awareness of and support contract improvements and opportunities via the IT Best-In-Class (BIC) contract solutions and how they benefit small businesses. This FAQ is intended to assist small businesses with finding contracting opportunities with the IT BIC vehicles and increase the number of small businesses in the federal IT marketplace.

Frequently Asked Questions for IT BIC Solution Owners

The IT Governmentwide Category, under the principles of Category Management (CM), engages in activities to increase small business utilization across the Federal Government. These activities raise awareness of and support contract improvements and opportunities via the IT Best-In-Class (BIC) contract solutions that benefit small businesses to the acquisition workforce. CM has a role in promoting small business utilization through the following OMB Policy Memos: Increasing the number of new and recent entrants (M-22-03); Increasing the Share of Contract Dollars Awarded to Small Disadvantaged Businesses for Fiscal Year (FY) 2024 and in Subsequent FYs (M-24-01)and Increasing Small Business Participation on Multiple-Award Contracts (OMB Memo 1/25/24).

GSA - OEM and VAR Vendor Assessment Initiative - Market Research RFI Only

The ITVMO is conducting research as part of an assessment of the challenges OEMs, VARs, and Agencies face in using small business VARs and the development of guidance and recommendations on how to increase the number and utilization of small and SDB business VARs in the federal IT marketplace.

GSA Polaris Vehicle Information Brochure

Planned for 2023, Polaris will be a multiple-award indefinite-delivery/indefinite-quantity (MA-IDIQ) Governmentwide Acquisition Contract (GWAC). Polaris will provide access to customized information technology (IT) services and IT service-based solutions from small businesses.

Hi-Def Initiative

The Hi-Def Initiative is a government-wide effort to promote Hi-Definition (Hi-Def) acquisitions by enabling agencies to leverage government-wide acquisition data that is relevant, easily accessed, and available at the time of need. This will help agencies more efficiently and effectively acquire products and services as well as gain key acquisition insights.

Internet of Things: Federal Actions Needed to Address Legislative Requirements

The Internet of Things (IoT) generally refers to the technology and devices that allow for the connection and interaction of devices throughout such places as buildings, vehicles, and the transportation infrastructure. The National Institute of Standards and Technology (NIST) and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency have issued guidance for securely procuring IoT. For example, NIST has issued cybersecurity guidance for agencies to use in mitigating risk with the acquisition, procurement, and use of IoT at all stages of a system's life cycle.

Leading The Way in a Complex Industry with Kyra Stewart

ITVMO Program Manager KyraStewart talks with the IMPACT podcast about leveraging her passion for process improvement to help drive impactful, whole-of-government change.

Modernization - Automating FedRAMP's Technology

Discusses the ongoing efforts by FedRAMP to modernize its technology through automation and stakeholder engagement. Stakeholder Engagement: FedRAMP continues to emphasize the importance of ongoing dialogue and engagement with stakeholders to leverage their experience and expertise. This is aimed at informing and revising the modernization strategy to ensure it meets the needs for an automated FedRAMP. Agency stakeholders will be able to review the cybersecurity posture of cloud service offerings (CSOs) on demand via dashboards to continuously monitor and evaluate risk to their own agency, improving threat and risk awareness. FedRAMP also invites stakeholders to join their monthly Office Hours session to discuss technology modernization priorities. Attendees are encouraged to come prepared with questions and to submit them ahead of time.

NIST AI Fact Sheet

The National Institute of Standards and Technology (NIST) is dedicated to fostering confidence in the creation, deployment, management, and use of Artificial Intelligence (AI) technologies and systems. This commitment aims to bolster economic security and enhance the quality of life. NIST's efforts are centered on advancing measurement science, technology, standards, and associated tools, including assessment and data.

NIST AI RMF Playbook

The AI Risk Management Framework (AI RMF) is designed for voluntary adoption with the aim of enhancing the capacity to integrate trustworthiness factors into the creation, advancement, application, and assessment of AI products, services, and systems. As a collaborative reference, the AI RMF Playbook was formulated through an open, transparent, and multidisciplinary approach, spanning an 18-month period of development. This endeavor was conducted in cooperation with over 240 participating entities hailing from private industry, academia, civil society, and government. Valuable feedback received throughout the AI RMF's development phase is openly accessible on the NIST website for public commentary. The Playbook is also availible to all through the NIST website.

NITAAC Assisted Acquisition Request Form

Use this form to request NITAAC Assisted Acquisition support.

NSA Publishes Guidance for Strengthening AI System Security

The NSA has released new cybersecurity guidance to enhance the security of AI systems, particularly for National Security System owners and Defense Industrial Base companies. This guidance, developed by the NSA's Artificial Intelligence Security Center in collaboration with multiple international cybersecurity agencies, addresses various security aspects of AI systems, such as data security and model integrity. The initiative also aims to foster international cooperation on AI security standards and practices, to protect against and respond to potential cyber threats.

Office of Personnel Management FinOps – Agency Case Study

The United States Office of Personnel Management (OPM) established a FinOps program in 2021 with the existing CCOE (Cloud Center of Excellence) dedicated to maturing OPM’s cloud management activities and aligning them to the FinOps Foundation maturity model. The mission of the FinOps team is tied directly to OPM’s Cloud First strategy and helped establish a cross-functional team responsible for ensuring more financial control and predictability. OPM has embraced FinOps and is a thought leader with the FinOps Foundation. OPM is a member of the FinOps Foundation Governing Board and has led the public sector working group along with other government employees and industry professionals. The group is tasked with developing processes and procedures to help government agencies implement FinOps.

Oracle Agency Challenges & Proposed Resolutions

In May 2021, the ITVMO began evaluating Oracle through the OEM Assessment Process. As a result of the Assessment, the ITVMO identified common challenges for Federal agencies focused certification and audit clauses, price holds, maintenance and support caps, and virtualization.

Pilot for Artificial Intelligence Enabled Vulnerability Detection

The Cybersecurity and Infrastructure Security Agency (CISA) conducted a pilot program to evaluate the effectiveness of AI-enabled tools for vulnerability detection in federal networks. The pilot found that AI is best used to enhance, not replace, existing detection tools, though it requires significant time for analysts to adapt. Some AI tools were found to be unpredictable and challenging to troubleshoot. CISA will continue monitoring and testing AI tools to ensure their detection capabilities remain cutting-edge.

Product Service Code (PSC) Guide

Welcome to the Product and Service Code (PSC) manual page, where you can find the archive version in multiple formats along with supporting documentation.

Secure Cloud Business Applications (SCuBA) Project

The Secure Cloud Business Applications (SCuBA) project, initiated by the Cybersecurity & Infrastructure Security Agency (CISA), aims to bolster the security of cloud business applications and protect federal information within these environments. SCuBA focuses on providing guidance and capabilities to secure cloud environments used by Federal Civilian Executive Branch (FCEB) agencies, ensuring consistent, modern, and manageable security configurations. CISA actively seeks public feedback to refine these frameworks and ensure they effectively address cybersecurity and visibility gaps in cloud-based business applications.

SmartBUY Blanket Purchase Agreements

Through SmartBUY government-wide blanket purchase agreements, agencies can (1) order commercial off the shelf software with pre-negotiated terms and conditions; (2) reduce risks, costs, and administrative burden. support the SmartBUY Federal Strategic Sourcing Initiative, (3) a partnership with the Department of Defense Enterprise Software Initiative, GSA, and software vendors.

Software Acquisition Guide for Government Enterprise Consumers: Software Assurance in the Cyber-Supply Chain Risk Management (C-SCRM) Lifecycle

The Software Acquisition Guide for Government Enterprise Consumers: Software Assurance in the Cyber-Supply Chain Risk Management (C-SCRM) Lifecycle product was developed in response to the core challenges of software assurance and cybersecurity transparency in the acquisition process, focusing primarily on software lifecycle activities. The Software Acquisition Guide focuses on the Secure by Demand elements by providing recommendations for agency personnel, including mission owners and contracting staff or requirements office to engage in more relevant discussions with their enterprise risk owners (such as CIOs and CISOs) and candidate suppliers such that better, risk-informed decisions can be made associated with acquisition and procurement of software and cyber-physical products.

Tech Trends 2025

The promised potential of AI and quantum technologies has been touted for decades, but the actualization of those promises has never been closer than it is now. The transformative capabilities of these exponential technologies are becoming more real each day – early understanding and adoption of these technologies is key for mature IT organizations forging future strategies. In this year’s Tech Trends report, we examine three trends in simulated futures with new possibilities and three trends in knowledge assurance that must be considered to mitigate risks.

The Dos and Don’ts of Artificial Intelligence Procurement

Governments across the U.S. are powered by information technology and increasingly dependent on cutting-edge commercial technologies that enhance government efficiency and public service. With the rapid pace of innovation, government procurement processes must evolve. While the government has a diverse set of tools in place for purchasing commercial technology, emerging technologies — such as artificial intelligence (AI) — will require the right blend of traditional and non-traditional procurement strategies.

The Manufacturing Institute

Grows and supports the industry’s skilled workers for the advancement of modern manufacturing. The MI’s diverse initiatives support all American workers, including emerging workers, women, veterans and students, through skilled training programs, community building and career growth.

The NIST Cybersecurity Framework (CSF) 2.0

The Cybersecurity Framework (CSF) 2.0 is crafted to assist entities across various sectors—industry, government, academia, and nonprofits—in managing and mitigating cybersecurity risks, irrespective of their cybersecurity program's maturity or technical sophistication. It acknowledges the diversity of organizations' risks, risk appetites, missions, and objectives, advocating for a tailored implementation rather than a one-size-fits-all solution. The CSF aims to integrate cybersecurity risk management with other organizational risks such as financial, privacy, and supply chain risks. It outlines broad, sector-agnostic outcomes to guide executives and practitioners alike, offering flexibility to address unique organizational needs. This latest version, CSF 2.0, introduces enhancements focusing on governance, supply chains, and accessibility for smaller organizations, complemented by Implementation Examples and Informative References available online. This framework encourages organizations to evaluate their cybersecurity stance contextually and adapt the CSF accordingly, facilitating a more efficient assessment and implementation of security controls.

United States Coast Guard FinOps – Agency Case Study

The US Coast Guard (USCG) spent the last year standing up a cloud financial management program to support its multi-cloud environment, which includes Amazon Web Services (AWS) and Microsoft Azure. To best manage this cloud environment, the USCG set up a Cloud Center of Excellence (CCoE) to meet the demands and needs required for mission execution. The CCoE began working with the Army Cloud Account Management Optimization (CAMO) team to procure cloud services under their umbrella contract vehicle. Through this relationship, the USCG was introduced to cloud cost management concepts, the FinOps framework, and the Army’s cloud tracking software, which helps identify optimization opportunities.

VMWare acquisition by Broadcom

Broadcom's acquisition of VMware introduced several changes, including a shift to subscription-based licensing, product bundling, and an overhaul of the partner network. Perpetual licenses are no longer offered, with products consolidated into three bundles: VMware Cloud Foundation, VMware vSphere Foundation, and VMware Add-on Services. Agencies face challenges adapting to the new model, with increased costs and less flexibility but additional embedded value. Alternatives to VMware are being explored, though migration is technically complex. Agencies are advised to rightsize their environments, evaluate multi-year contracts for discounts, and plan budgets to accommodate escalating costs.

Filters

Don’t see what you’re looking for?
We are constantly updating our resources but if you can’t find what you’re looking for or would like to work with us on developing artifacts, white papers, templates, or other resources, please reach out to us by email at itvmo@gsa.gov.

Resources

Don’t see what you are looking for?

Topic Area

Audience

Resource Type

Source