Acquiring cloud products and services is no easy task for government agencies. Business, cybersecurity, data, environmental, operational and technical requirements all play a role, creating a complex landscape for agencies to navigate on their own. GSA’s FAS ITC (Federal Acquisition Service, Information Technology Center) is looking to standardize cloud procurement through its forthcoming GSA Cloud BPA Ascend.
What is climbing?
Ascend, part of the GSA Cloud Marketplace vision, is a multi-award program (MAS) special item number 518210C Cloud and cloud-related IT professional services and 54151S IT professional services, a multi-award package purchase agreement designed to help agencies simplify cloud acquisition, While meeting specific network security requirements.
According to the draft statement of work for performance released in May, “Ascend BPA will focus on supporting the vertical (such as IaaS, PaaS, SaaS) and horizontal capabilities of the entire ecosystem, and will provide more effective system integration and hosting support for the ecosystem. Services. Deliver flexible, diverse and secure cloud solutions.”
BPA task orders can be placed in one or all of three separate main pools identified by the government: Pool 1 – IaaS and PaaS; Pool 2 – SaaS; Pool 3 – Cloud IT Professional Services.
The main special item number for these three tools is 518210C, Cloud Computing and Cloud Related IT Professional Services SIN. All three pools will have a secondary SIN or “any additional awarded MAS contract SIN determined to be necessary,” the GSA said. In addition, Pool 3 will include 54151S, the Information Technology Professional Services SIN, as a secondary SIN.
GSA stated in the PWS, “It is recommended that any additional awarded MAS SINs be used to address complex or unique customer needs related to hybrid cloud solutions, or ‘on-premises’ needs not supported by SIN 518210C or SIN 54151S. Relative to the overall solution Cost estimates, they should not represent significant effort or cost of goods purchased.”
Given this primary SIN and restrictions on the use of other SINs, cloud service providers should take special care to ensure that the cloud service offerings (CSOs) they wish to include in the upcoming BPA are awarded on the cloud SIN. If the CSO is not currently awarded under the Cloud SIN, taking action now to prepare and submit an amendment to add the product to the SIN 518210C will ensure that the CSP is ready for the upcoming Ascend BPA.
How will it be structured?
With a focus on Cloud Intelligence/Security Intelligence goals, Ascend aims to establish minimum baseline requirements that meet Cyber Enforcement Order 14028, NIST Best Practices, Cyber Security Supply Chain Risk Management (C-SCRM) and Resilience, and Zero Trust Architecture (ZTA) A cybersecurity baseline leveraging development, security, and operations (DevSecOps) and continuous integration/continuous deployment (CI/CD) agile processes.
Why are CSPs bringing their products to Ascend?
Agencies will be able to procure cloud products and services in a simplified procurement environment by ensuring cloud products on Ascend BPA comply with cybersecurity legislation, regulations and policies. Reducing the complexity of cloud procurement gives cloud service providers the opportunity to deliver their IaaS, PaaS, and SaaS solutions to client organizations more quickly, provided that CSPs are in the GSA MAS contract (Information Technology category, IT Solutions subcategory, and Cloud Computing and cloud-related IT professional services SIN 518210C).
Along with a draft statement of work for performance in May and a market research RFI in July, the GSA said they are gathering industry feedback and developing a draft RFQ for Ascend, which they hope to publish in the second quarter of 2023. Stay tuned for government agencies wanting to ease the burden of cloud procurement, and interested CSPs looking to deliver their cloud solutions to government customers with streamlined tools.