Acquisition Policy & IT Category
The ITVMO as part of the larger Federal Category Management Framework, works in tandem with the Governmentwide IT Category Program to drive down federal IT costs through compliance, spend under management, and cost avoidance.
IT Category Management
Overview
The IT Category is one of ten categories in the Federal Governmentwide Category Management Framework. The government implemented category management to think more like an enterprise to buy smarter and more efficiently as a government.
Category Management is the practice of buying common goods and services that everyone already buys, but buying them smarter. Examples of these goods and services include office supplies, travel and lodging, information technology, and more.
The practical reason for category management is that because the government buys so much of these, it should buy like an enterprise, rather than independently operating agencies and components. Doing so is a more efficient use of taxpayer dollars.
For more on the federal framework, visit the
Acquisition Gateway
.
IT Category Management
Primarily the Governmentwide IT Category Management Program works in tandem with the governmentwide ITVMO to drive change in federal procurements and strengthen our vendor relationship management practices.
We are striving to advance category management principles at the market, agency, and vehicle level, breakdown barriers for small business and small disadvantaged businesses, as well as improving our use of made in america vendors, and we are also strengthening our supply chain by mitigating vendor concentration risks and increasing knowledge on top OEMs, buying trends, and emerging technologies to inform agency acquisition strategies.
Focusing initiatives to enable aid and support in federal and marketplace compliance by:
- Racial Equity -- boosting small business participation in the marketplace to improve market equity and diversity of suppliers, products, and services.
- Buy American -- increasing use of American-made products through stronger vendor relations and market confidence reporting and analysis.
- Supply Chain -- establishing standards across IT vehicles as well as increased agency awareness to reduce risks of vendor concentration, cybersecurity attacks, and other vulnerabilities.
- Climate Crisis -- analyzing IT spend and consumption costs to focus on sustainability.
- Cybersecurity -- translating cyber policies into acquisition best practices and strategies to eliminate use of products or vendors more susceptible to bad actors.
Brokering federal IT acquisition intelligence and resources by:
- Category Management Principles -- leveraging established best practices to ensure agencies are acquiring IT equitably, efficiently, and securely.
- Vendor Management Principles -- building strong relations with original equipment manufacturers (OEM) and small businesses to help maximize the likelihood that agencies are getting a good deal for the taxpayer by avoiding unnecessary costs and ensuring compliant solutions.
Category-wide Performance (Key Performance Indicators)
The core key performance indicators (KPI) are spend under management (SUM), cost avoidance, and small business utilization (SBU).
The IT Category sets annual targets and tracks monthly on how we are doing against that target. One of the primary goals of category management is to increase spend under management or “SUM” by decreasing use of Tier 0 solutions (or as we commonly call these types of solutions, Open Market).
Read more about measuring and evaluating your SUM and SBU KPIs on the Acquisition Gateway.
Federal targets as well as historical and year to date performance
against Category Management KPI measures can be found on the
Executive
Summary Dashboard (ESD). There are views for governmentwide, category-specific, and department
performance in the ESD.
Additionally, the ITVMO’s domain experts, analysts, and category program team are available to help. Annually, the program seeks out to meet with agencies. Interested in being one of those agencies? Contact us today at ITVMO@gsa.gov.
Governmentwide Cost Avoidance Methodology
There are many variations used to calculate Cost Avoidance amounts for services, which creates an inconsistent approach across contract vehicles. A standard methodology was created and maintained by the Governmentwide IT Category Program so that the federal IT Governmentwide Acquisition Contracts (GWACs) can be evaluated objectively and with confidence.
The Governmentwide Cost Avoidance Methodology provides an approach that uses the mid-point as identified as Previous Prices Paid by Functional Grouping. This method uses last fiscal year pricing data as a basis of comparison against current pricing instead of using published rates (Master Contract Ceiling) compared against current pricing, as in prior practices. The methodology also uses the concept of categorizing the costs by functional groups as defined by the newly updated Product Service Codes (PSCs), which were derived from the IT Financial Management industry best practice framework Technology Business Management (TBM).
The combination of using the immediate previous price paid for similar services and grouping costs by category provides several benefits such as:
- Realistic and conservative estimates - baseline measures are recent and consistent with best practices.
- Scalability - the methodology may be used by unpriced contracts.
- Standardization - results and data may be used for comparison across contracts and industry benchmarks.
The Governmentwide IT Category Program maintains the model and associated tools for running. The team is available for analysis of your vehicle solution. Contact us at ITVMO@gsa.gov.
Policy
Overview
Governmentwide IT policy provides the rules, regulations, and guidelines that govern the use, management, and acquisition of IT within the federal government. The goal is to ensure that IT resources are used efficiently, securely, and in a manner that best serves the public interest.
Executive orders (EO) play a crucial role in shaping these policies, as they are directives issued by the President of the United States to manage operations within the federal government. Over the years, various EOs have been issued to improve cybersecurity, promote transparency, enhance digital service delivery, strengthen market equity, and more. These orders influence how federal agencies invest in, adopt, and leverage IT to fulfill their missions and serve the American public.
The Governmentwide IT Category Program in collaboration with the ITVMO and its partners helps translate the Administration Priorities and respective Executive Orders as it pertains to IT and acquisitions. The following are some relevant policies and linked resources.
Please email us at ITVMO@gsa.gov for additional guidance and help meeting your IT acquisition goals in compliance with the following policies.
Goal 1.1: Create a diverse and resilient Federal marketplace.
Federal Supplier Base Dashboard (Tool)
Goal 1.2: Ensure interoperability and sharing of acquisition data and tools.
Goal1.3: Build our best by developing an inspired, engaged acquisition workforce.
Purpose
Goals
- Provide a whole-of-government equity agenda that matches the scale of opportunities and challenges.
- Develop a systematic approach to embedding fairness in decision-making processes by readdressing inequities in current policies and programs that serve as barriers to equal opportunities
- Create opportunities for the improvement of communities that have been historically underserved.
Responsible Office:
-
Small Business Administration
Continues to help small business owners and entrepreneurs start, grow, expand, and recover in the federal marketplace. SBA is the only cabinet-level federal agency fully dedicated to small business and provides counseling, capital, and contracting expertise as the nation’s only go-to resource and voice for small businesses.
-
SBA’s Office of Advocacy
Independent voice for small businesses within the federal government.
-
Interior Business Center
Established by the SBA the Interior Business Center is a federal shared service provider and supports the vendor and federal customer partnerships.
Additional Contacts:
-
Federal Office of Small and Disadvantaged Business
Utilization (OSDBU)
The OSDBU Council is an informal organization of Federal small business program officials that exchanges and discusses information on acquisition methods, issues and strategies; small business program initiatives and processes; and small business related outreach events.
-
OMB Equity Learning Community (For Agencies)
Provides a community of equity leaders that meet weekly to ask questions and share knowledge on implementing the new executive order.
Responsible Office:
-
M-23-11 Creating a More Diverse and Resilient Federal
Marketplace
- Issued guidance directing agencies to use a common definition for “new entrant” as they take steps to find small disadvantaged businesses and other contractors and measure progress in diversifying the federal supplier base.
-
GSA’s Office of Shared Solutions and Performance Improvements created a Supplier Base Dashboard
for managers to track the size of the supplier
base and the mix of new entrants, recent
entrants, and established vendors in the
supplier base using definitions from memorandum.
-
M-22-03 Advancing Equity in Procurement
-
Sets a goal of increasing the percentage of federal contracts awarded to small disadvantaged businesses (SDBs) to 15% by 2025. Agencies are instructed to negotiate higher SDB contracting goals for 2022 to help meet this target.
-
Category management practices, which help agencies buy common goods and services more efficiently, will be updated to provide more opportunities for SDBs and other small businesses. This includes automatic credit for socioeconomic small business awards and ensuring small business goals take priority over "Best in Class" contracts.
-
-
M-21-17 Revocation of Executive Order 13950, M-20-37,
and M-20-34
-
Executive Order 13950, which restricted diversity and inclusion training for federal employees and contractors, has been revoked. Agencies must cease implementing policies tied to the now-rescinded order.
-
Agencies should remove any EO 13950-related contractual provisions, notify contractors these clauses will not be enforced, and take steps to eliminate related grant conditions. Enforcement activities stemming from EO 13950, such as investigations or debarment, must cease.
-
Purpose
Goals
- Help American businesses compete in strategic industries and ensure America’s workers thrive.
- Maximize the government’s use of goods, products, and materials produced in, and services offered in, the U.S.
- Strengthen applicable Made in America provisions in the Federal Acquisition Regulation (FAR).
Responsible Office:
Additional Contacts:
-
Manufacturing USA Program
National network created to secure U.S. global leadership in advanced manufacturing through large scale public-private collaboration on technology, supply chain and workforce development.
-
Manufacturing USA Federal Sponsors
-
Department of Commerce’s National Institute of Standards
and Technology (NIST) Manufacturing Extension
Partnership (MEP)
Providing any U.S. manufacturer with access to resources they need to succeed.
-
The Manufacturing Institute
Grows and supports the industry’s skilled workers for the advancement of modern manufacturing. The MI’s diverse initiatives support all American workers, including emerging workers, women, veterans and students, through skilled training programs, community building and career growth.
Responsible Office:
-
M-21-26, Increasing Opportunities for Domestic Sourcing
and Reducing the Need for Waivers from Made in America
Laws
-
Agencies must designate a Senior Accountable Official (SAO) to oversee implementation of Made in America laws and work with the new Made in America Office (MIAO) on waiver reviews and domestic sourcing strategies.
-
MIAO will conduct phased-in reviews of certain waivers, beginning with non-availability and Jones Act waivers from CFO Act agencies. Agencies must provide standardized information to justify waivers.
-
-
Memorandum for Senior Accountable Officials, Improving
the Transparency of Made in America Waivers
-
Agencies must submit proposed non-availability waivers to a new public website, MadeInAmerica.gov, prior to awarding contracts to foreign suppliers. This promotes transparency.
-
Certain waiver information will be public, allowing domestic manufacturers to better understand federal needs. The goal is to expand the supplier base and reduce the need for waivers.
-
OMB's Made in America Office will review waivers, focusing on mission impact, market research, and public feedback. Reviews aim to avoid unnecessary waivers while not unduly delaying awards.
-
Purpose
Goals
- Use Federal procurement to support robust climate action including a carbon pollution-free electricity sector, no later than 2035 and clean and zero-emission vehicles for Federal, State, local, and Tribal government fleets.
- Drive the assessment, disclosure and mitigation of climate pollution and climate-related risks in every sector of our economy.
- Promote the flow of capital towards climate-aligned investments and away from high-carbon investments.
Responsible Office:
Additional Contacts:
-
National Climate Task Force
Mobilizing every agency to prioritize acting on climate change throughout the entire federal government.
-
Office of Global Change
Responsible for implementing and managing U.S. international policy on climate change, and representing the United States in negotiations under the United Nations Framework Convention on Climate Change (UNFCCC) , and in many other international fora focused on climate change, including the International Civil Aviation Organization and the International Maritime Organization.
-
Council on Environmental Quality
Coordinates the federal government’s efforts to improve, preserve, and protect America’s public health and environment and assists the FAR in developing regulatory amendments to promote increased contractor attention on reduced carbon emission.
Related Memoranda/Guidance:
-
EO 14030 Climate Financial Risk
-
Establishes a policy for the federal government to advance consistent, clear, and accurate disclosure of climate risks and act to mitigate risks while spurring job creation.
-
Directs the development of a government-wide strategy on measuring, mitigating, disclosing, and financing climate risks across federal assets, programs, and operations.
-
Instructs financial regulators to assess climate risks to the financial system and economy. Regulators are also asked to consider enhancing climate risk disclosures and incorporating climate risks into their oversight activities.
-
-
EO 14057 Catalyzing Clean Energy Industries and Jobs
Through Federal Sustainability
-
Sets government-wide goals for the federal government to reach 100% carbon pollution-free electricity by 2030, 100% zero-emission vehicle fleets by 2035, and net-zero emissions buildings by 2045.
-
Agencies are directed to issue targets and plans to reduce greenhouse gas emissions, increase renewable energy, electrify fleets, and make buildings more efficient. Performance contracts can help fund improvements.
-
Establishes working groups on topics like clean electricity, zero-emission vehicles, and net-zero buildings. Agencies must track and report on progress, with OMB and CEQ overseeing implementation.
-
-
M-21-28, Interim Implementation Guidance for the
Justice40 Initiative
-
Sets a goal that 40% of overall benefits from federal investments in areas like clean energy and climate resilience should go to disadvantaged communities.
-
Provides an initial definition of disadvantaged communities and identifies over 20 pilot programs that must develop plans to maximize Justice40 benefits.
-
Agencies managing covered programs must identify benefits, develop methodologies to track benefits to disadvantaged communities, and report data to OMB on meeting the 40% goal.
-
Purpose
Goals
- Mitigate risks of limitations of critical manufacturing capacity and the availability and integrity of critical goods, products, and services through a more resilient, diverse, and secure supply chain.
- Support small businesses, promote prosperity, advance the fight against climate change, and encourage economic growth in communities of color and economically distressed areas.
- Facilitate a greater domestic production, a range of supply, built-in redundancies, adequate stockpiles, safe and secure digital networks, and a world-class American manufacturing base and workforce.
Responsible Office:
Additional Contacts:
-
National Counterintelligence and Security Center
Partners to assess and mitigate the activities of foreign intelligence entities and other adversaries who attempt to compromise the supply chains of our government and industry.
-
Information Technology Information Council
Promote public policies and industry standards that advance competition and innovation worldwide.
-
Food and Drug Administration
Oversees the nation’s medical products and actively monitors the status of medical products that are in shortage or appear likely to go into shortage (AskMCMi@fda.hhs.gov).
Purpose
Goals
- Improve government efforts to identify, deter, protect against, detect, and respond to cyber campaigns and threats; in addition, apply lessons learned from cyber incidents.
- Adapt to the continuously changing threat environment to ensure federal marketplace products are built and operate securely.
- Foster a more secure cyberspace.
Responsible Office:
-
General Services Administration (GSA)
Through the Federal Risk and Authorization Management Program (FedRAMP
).
-
Department of Homeland Security (DHS)
Through the Cybersecurity and Infrastructure Security Agency (CISA
).
-
Department of Commerce
Through the National Institute of Standards and Technology (NIST
).
-
National Telecommunications and Information
Administration (NTIA)
Many of these responsibilities involve coordination among the above named agencies to develop standards and guidance that will serve as the basis for updating cybersecurity policies and procedures at the individual agency level. Consult the executive order and the related guidance to understand the full scope of responsibilities.
Related Memoranda/Guidance:
-
M-22-18 Enhancing the Security of the Software Supply
Chain
The NIST Guidance provides “recommendations to federal agencies on ensuring that the producers of software they procure have been following a risk-based approach for secure software development.”12 Federal agencies must only use software provided by software producers who can attest to complying with the Government-specified secure software development practices, as described the NIST Guidance.
-
M-22-09, Moving the U.S. Government Toward Zero Trust
Cybersecurity Principles
Requires agencies to achieve specific zero trust security goals by the end of Fiscal Year (FY) 2024.
-
National Security Memorandum/NSM-8 on Improving the
Cybersecurity of National Security, Department of
Defense, and Intelligence Community Systems
Establishes cybersecurity requirements for National Security Systems (NSS) that are equivalent to or exceeds those outlined in E.O. 14028.
-
M-22-05, Fiscal Year 2021-2022 Guidance on Federal
Information Security and Privacy Management Requirements
-
Directs agencies to implement specific zero trust security goals by the end of Fiscal Year (FY) 2024, organized around five pillars:
- Identity
- Devices
- Networks
- Applications and Workloads
- Data
-
Creates development of a strategy to enable agencies to report performance and incident data in an automated and machine-readable manner.
-
Allows agencies to use the CISA standardized playbook, including any updates, for planning and conducting cybersecurity vulnerability and incident response activities for agency information systems.
-
Directs All agencies to update their CIO metrics quarterly and to take appropriate measures to comply with privacy requirements and manage privacy risks.
-
Baselines how well the organization internally communicates the effectiveness of its security testing.
-
Shifts the focus of FISMA assessments from compliance -based processes to risk-based processes that will provide agencies with sufficient information to consider threat, capability, and impact.
-
-
M-22-01, Improving Detection of Cybersecurity
Vulnerabilities and Incidents on Federal Government
Systems through Endpoint Detection and Response
-
Aligns with section 7 of the E.O.
-
Improved agency capabilities for early detection, response, and remediation of cybersecurity incidents on their networks, using advanced technologies and leading practices.
-
Agency enterprise-level visibility across components/bureaus/sub-agencies to better detect and understand threat activity.
-
Government-wide visibility through a centrally located EDR initiative, implemented by the Cybersecurity and Infrastructure Security Agency (CISA), to support host-level visibility, attribution, and response across Federal information systems.
-
-
M-21-31 Improving the Federal Government’s Investigative
and Remediation Capabilities Related to Cybersecurity
Incident
-
Addresses the requirements in section 8 of the Executive Order.
-
Establishes a maturity model for logging, log retention, and log management, with a focus on ensuring centralized access and visibility for the highest-level enterprise security operations center (SOC) of each agency.
-
Establishes requirements for agencies to increase the sharing of such information, as needed and appropriate, to accelerate incident response efforts and to enable more effective defense of Federal information and executive branch departments and agencies.
-
-
M-21-30 Protecting Critical Software Through Enhanced
Security Measures
Provides instructions for the implementation of those fundamental measures required to secure the use of software falling within NIST’s definition of critical software and directs executive departments and agencies to implement those measures in phases.
