Become competitive for gwac and idiq opportunities through certification 2019

https://www.itgonline.com
ISO 9001:2015 ISO 27001:2013 ISO 20000-1:2011 O-TTPS 1.1 (ISO/IEC 20243:2015) CMMI-DEV ML3 CMMI-SVC ML3 NIST 800-171 Compliant
https://consulting.itgonline.com
Become Competitive for GWAC and IDIQ
Opportunities
Presented By: Brent Greene

Agenda
• Significance and History of
Certifications
• IDIQ / GWAC Vehicles Research
• Contracting Trends
• Example of Oasis Case Study
• Path to Certification
2

Why does the government require certifications?
While small businesses are agile and
flexible, they often lack standardization or
controls to provide assurance that the
organization is able to manage requirements
to meet expected levels of quality
ISO9001:2015ISO27001:2013ISO20000-1:2011CMMI-DEVCMMI-SVC
3
Government and Prime Contractors look to certifications for an
acceptable level of evidence of maturity
Standards or frameworks are recognized as
methods to help organizations establish
their processes based on industry best
practices

Credentials are required at all levels to provide assurance
Personal Certifications Organizational Frameworks Compliance Requirements
Examples
• ISO 9001 Lead Auditor
• Certified Manager of Quality &
Organizational Excellence
• ITIL Version 3 Foundations
• Project Management Professional
(PMP)
• COMP TIA A+
• Cisco Certified Network Associate
(CCNA)
• ISO 9001 (Quality)
• ISO 20000 (Service Management)
• ISO 27001 (Information Security)
• CMMI DEV ( Development)
• CMMI SVC (Services)
• ISO 14001 (Environmental)
• NIST 800-53, NIST 800-171, NIST
Cyber Security Framework
• Sarbanes Oxley (SOX)
• Payment Card Industry Data
Security Standard (PCI)
• FEDRamp
• NISPOM DSS
Benefits
Provide education and subject
matter expertise to individuals on
frameworks and techniques for
potential application
Provide guidance on organizational
management and benchmarks for
comparison.
Meets legal and regulatory
requirements to enable ability to
provide services under specific
conditions.
Weaknesses
• Does not ensure that techniques
learned are applied to the
operating environment
• Provides marketable skills to
employees
• Recognition is highly dependent
on the audience.
• Many companies will require
multiple certifications
• Variable focus depending on
desired certification
• Typically “include” components
taught in personal or used in
organizational certifications
• Compliance and performance are
typically separated internally
• Heavily record dependent not
focused on proactive management
4

Organizational Certifications
Quality
Management
ISO
9001:2015
CMMI
Security
ISO
27001:2013
NIST
Services
ISO 20000-
1:2011
CMMI-SVC
ITIL
Software
Development
Agile
Lean
SAFe
CMMI-DEV
Other
ISO 14001
LEED
PS-Prep
5
Organizational frameworks are used to
demonstrate a basic level of control or
commitment to managing a specific area or
domain, such as quality or security, in order to
provide products or services that meet
customer requirements and deliver value.

IDIQ/GWAC Vehicles Research
6

Contract Name Contract Holders
SEWP V 191
JE-RDAP 177
CIO-SP3 155
Alliant 2 SB 80
OASIS 74
CIO-CS 65
Alliant 56
Alliant 2 55
Netcents 2 25
Pro-Tech 22
GTACS II 20
ITES 3H 17
IACs 15
SETI 14
SIA III 11
ITSS-5 9
ADMC-2 9
ETSC 8
US Contact 7
CTRIC III 6
FNLCR 1
FEWS NET 1
Snapshot of IDIQ/GWAC Vehicles
7
List of Contract Vehicles and Total Number of Contract Holders

Types of “Certifications” Required for IDIQ/GWAC Vehicles
• ISO 9001
• ISO 20000-1
• ISO 27001
• ISO 14001
• ISO 17025
• ISO 13485
• AS 9100
• OHSAS 18001
• CMMI for Development (Maturity
Levels 2 - 5)
• CMMI for Services
(Maturity Levels 2 - 5)
• CMMI for Acquisition
• NIST 800-171
• NIST Risk Management
Framework
• ITIL
• PMP
8
Certifications that Government Contractors submit During Proposals

No of Certifications each
Contract Holder has
Average Number of
Contracts Awarded
% of Contractors holding
Certifications (cumulative)
7 2.88 1.10%
6 1.90 1.38% (2,48%)
5 1.71 8.68% (11.16%)
4 1.58 9.78% (20.94%)
3 1.45 10.33% (31.27%)
2 1.32 13.91% (45.18%)
1 1.42 23.28% (68.46%)
0 1.20 31.54%
Snapshot of IDIQ/GWAC Vehicles – No of Certs
9
68% of Government
Contractors have at least
1 Organizational
Certification
Most Government
Contractors have on
average 2-3 (2.64)
Organizational
Certifications
Number of Organizational Certifications Contractors have, compare to how many Awards they have won
More Certifications Gets
More Contracts ???

Certification or
Appraisal
Federal Contractors
Certified in each one
Average Number of
Contracts Awarded
ISO 9001 429 59.09% 1.55
CMMI 290 39.34% 1.57
CMMI DEV 254 34.99% 1.57
CMMI SVC 141 19.42% 1.55
ISO 20000-1 157 21.63% 1.63
ISO 27001 147 20.15% 1.55
AS 9100 46 6.34% 1.61
ISO 14001 40 5.51% 1.85
ISO 17025 16 2.20% 1.81
ISO 13485 14 1.93% 1.50
OHSAS 18000 17 2.34% 2.18
Other ISO 46 6.34% 1.67
NIST 4 0.55% 4.00
Snapshot of IDIQ/GWAC Vehicles – Certifications
10
59% have ISO 9001
39% have CMMI
21% have ISO 20000-1
20% have ISO 27001
Most Companies Get Certified
for
ISO 9001, CMMI, ISO
270001, ISO 20000-1
Analysis of Certifications Government Contractor have , compare to the number of Awards they have won

Certification or Appraisal
Federal Contractors Certified in
Listed
Average Number of
Contracts Awarded
ISO 9001, 27001, 20000-1, CMMI DEV, CMMI SVC 61 8.40% 1.67 (+0.60%)
ISO 9001, 27001, 20000-1, CMMI DEV 96 13.72% 1.66 (+4.40%)
ISO 9001, 27001, 20000-1 118 16.25% 1.59 (+1,92%)
ISO 9001, 27001 140 19.28% 1.56 (+0,65%)
ISO 9001 429 59.09% 1.55
Snapshot of IDIQ/GWAC Vehicles – Drill Down
11
59% that have at least one known Organizational Certification, average 1.42 GWAC/IDIQ
24% that have 2-3 known Organizational Certifications, average 1.45 GWAC/IDIQ
Those with at CMMI-DEV or CMMI-SVC and ISO 9001,
average 1.71 contracts and that is only 13%
Drill Down of top certifications compare to the average number of contracts contractors win
ISO 9001, CMMI (any) 99 13.64% 1.71

Classification
Federal Contractors in
each one
Average Number of Contracts
Awarded
Average Number of
Certifications
8(a) 29 3,99% 1.17 1.93
HUBZone 29 3,99% 1.28 1.17
SDVOSB 66 9,09% 1.30 1.45
WOSB 29 3,99% 1.28 1.52
All Other with at least one
Certification
418 1.52 2.74
All Other without
Certifications
181 1.21 0
Snapshot of IDIQ/GWAC Vehicles – Small Business
12
8(a) Contractors invest in
Getting More Certifications
(usually something additional
to ISO 9001)
If a company is not certified or
doesn’t have any
classification can’t compete in
Federal Contracts
Not Being a Small Business
and have at least one
Certification gets you more
Awards
Small Business Certifications compare to awards they win

Snapshot of IDIQ/GWAC Vehicles
13
Synopsis of Certifications per Contract Vehicle and Average Number of Certifications all Contract Holder have
0% 20% 40% 60% 80% 100%
ADMC-2
Alliant
Alliant 2
Alliant 2 SB
CIO-CS
CIO-SP3
CTRIC III
ETSC
FEWS NET
FNLCR
GTACS II
IACs
ITES 3H
ITSS-5
JE-RDAP
Netcents 2
OASIS
Pro-Tech
SETI
SEWP V
SIA III
US Contact
CMMI
ISO 20000
ISO 27001
ISO 9001
2.67
3.55
3.71
3.03
1.22
2.15
3.67
1.38
1.00
4.00
2.80
4.13
2.47
2.11
1.24
1.88
2.72
2.36
3.57
0.96
2.45
2.57
0 1 2 3 4 5
ADMC-2
Alliant
Alliant 2
Alliant 2 SB
CIO-CS
CIO-SP3
CTRIC III
ETSC
FEWS NET
FNLCR
GTACS II
IACs
ITES 3H
ITSS-5
JE-RDAP
Netcents 2
OASIS
Pro-Tech
SETI
SEWP V
SIA III
US Contact
Average Number of
Certifications

Required
Language from Solicitation 47QTCA-19-Q-0009
2GIT Draft RFP
The Contractor shall be certified to the latest version of International Organization for Standardization (ISO)
9001 for products related requirements, and maintain certification for the entire performance period of
the contract, inclusive of options.
This certification must be held by each CTA team member or Offeror supporting contract performance.
Verification requirements include a copy of the Offeror’s official certification from an approved ISO 9001
independent certification body. The Offeror shall provide the POC information that includes the name of
the Certification body and name, address, phone number, and email of the representative who provided
the ISO 9001 certification.
The offer shall make reference to the page number and paragraph of the certification or letter that
determined the approval of the ISO 9001 Certification.
14

OASIS Case Study
15

OASIS Case Study – Required or Optional?
Section # Title Format or Template Page Limit Example File Name
L.5.5.5.
CMMI Maturity Level 3 or higher, as
applicable
Copy of Certification Body
verification/approval
Limited to the verification
requirements and NTE 1 page
for POC information, page
numbers and paragraph
references If not applying for
these additional points, no file
need be submitted
ABC.VOL5.CMMIcert.pdf and
ABC.VOL5.CMMIref.pdf
L.5.5.6. ISO 9001:2008, as applicable
ABC.VOL5.9001cert.pdf and
ABC.VOL5.9001ref.pdf
L.5.5.7. ISO 17025, as applicable
L.5.5.8. IS0 14001:2004,as applicable
L.5.5.9. AS9100, as applicable
ABC.VOL5.AS9100cert.pdf and
ABC.VOL5.AS9100ref.pdf
L.5.5.6. ISO 9001:2008 Certification
If claiming credit for this scoring element, the Offeror must provide verification of ISO-9001:2008 Certification. Verification requirements
include a copy of the Offeror’s official certification from an approved ISO 9001:2008 certification body. If only part of a Contractor’s
organization is ISO 9001:2008 certified, the Offeror shall make the distinction between which business units or sites and geographic
locations have been certified.
The Offeror shall provide POC information that includes the name of the Certification body and name, address, phone number, and email
of the representative who provided the ISO-9001:2008 Certification. The offer shall make reference to the page number and paragraph of
the certification or letter that determined the approval of the ISO 9001:2008 Certification.
ONE ACQUISITION SOLUTION FOR INTEGRATED SERVICES SMALL BUSINESS (OASIS) - $60 Billion
SECTION L - INSTRUCTIONS, CONDITIONS, AND NOTICES TO OFFERORS OR
RESPONDENTS

OASIS Case Study
Section
#
Title Point Value
No of Potential
Occurences
Total Max Points Max Point Value
CMMI Capability Level 3
Majority
100 1 100
L.5.5.5.
CMMI Maturity Level 3
equivalent or higher
200 1 200 200
L.5.5.6. ISO 9001:2008 200 1 200 200
L.5.5.7. ISO 17025 100 1 100 100
L.5.5.8. IS0 14001:2004 100 1 100 100
L.5.5.9. AS9100 100 1 100 100
Max Total Points 6800
SECTION L – SCORING TABLE

OASIS Case Study
RESULTS
78.38%
59.46%
8.11% 12.16% 17.57% 13.51%
0.00%
15.00%
30.00%
45.00%
60.00%
75.00%
90.00%
ISO 9001 CMMI ISO 17025 ISO 14001 AS 9100 No Certification
86,49% of the Awardees had
at least one of the requested
Certifications

Path to Certification
19

“Certifications” help demonstrate compliance
 Most government bids contain evaluation
criteria that include a business management
plan such as:
 Technical Approach
 Quality Management Plan
 Certifications can not only help provide
evidence of current state, but provides
insight that allows you to quickly develop
plans to execute on new requirements.
 Certifications can be used in proposal to
help define how you will address multiple
technical or performance requirements.
20
 Implementing an ISO standard, NIST
framework, or having a CMMI appraisal
rating may help you better respond to
requirements and define how you will
manage quality, performance, and fulfill
requirements.
 Organizational frameworks or standards are not
only contract requirements but guidelines used for
infrastructure development.
 Key words like resiliency, security, quality, service,
and customer satisfaction are all indicators that an
ISO standard or CMMI rating might be a valuable
differentiator.

Path to certification
Consider market research to determine
what is a best fit based on your business
needs:
• Cybersecurity: NIST or ISO 27001
• Software development or systems
engineering: CMMI for Development
• Program Management or Advisory
Services: ISO 9001 or CMMI
• IT Services: ISO 20000-1 or CMMI for
Services
21
Evaluate options that fit your needs:
• Faster is not necessarily better
• Assess the value of implementing a
customized solution
• Don’t fall into the “I just need a document”
to pass category – you will create a
system that doesn’t meet your business
needs
Evaluate internal and external needs,
resources, budget, and timing
Do your research to define a strategy for
“compliance”

Considerations
Considerations for Contractors:
• Quality demands are likely to continue and increase
• Expect that standards are not just required but implied
• Continued pressure downstream to focus on standardization
• Expectations are increasing even for small businesses within the contractor market
• Don’t wait until it is too late – an RFP requirement is too late. Strategic business planning should
include what certifications bring value to your organization
• Plan for implementation timeline; although certifications can be beneficial, this can put a strain on
resources
• Phase in requirements – take time to integrate or plan for a phased approach
22

Considerations
Benefits of “Certification” Initiatives:
• Increased confidence in sourcing to small business suppliers
• Reduction in time needed to transition vendors
• Increased likelihood of desired contractor engagement in large vehicles
• Potential for less impact of using lowest price technically acceptable contracts
• Focus on standardized process will help you achieve higher performance and provide a path for
scalability
23

Brent A. Greene
Business Development Manager of Quality Standards & Performance
2745 Hartland Road, Falls Church, VA 22043
703 698-8282
571 421-6713
brent.greene@itgonline.com
24
Thank you

Become competitive for gwac and idiq opportunities through certification 2019

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Become competitive for gwac and idiq opportunities through certification 2019

Similar to Become competitive for gwac and idiq opportunities through certification 2019 (20)

Recently uploaded

Recently uploaded (20)

Become competitive for gwac and idiq opportunities through certification 2019