Acquiring cloud products and services is no easy feat for government agencies. Business, cybersecurity, data, environmental, operational, and technical requirements come into play creating a complex field that agencies can navigate on their own. GSA’s FAS ITC (Federal Acquisition Service, Information Technology Center) is looking to standardize cloud acquisition with its upcoming GSA Cloud BPA release, Ascend.
What is Ascende?
Ascend, part of GSA’s Cloud Marketplace vision, is a multi-award global purchase agreement under Multiple Award Schedule (MAS) special item numbers 518210C cloud and IT services or cloud-related IT professional services and 54151S IT professional services which they will be aimed at helping agencies simplify cloud acquisition by meeting specific cybersecurity requirements.
According to the draft performance work statement released in May, “Ascend BPA will focus on enabling support for both vertical (e.g., IaaS, PaaS, SaaS) and horizontal capabilities across the ecosystem and will provide seamless more effective system and managed support services to deliver flexible, diverse and secure cloud solutions.”
BPA work orders can be entered into any or all of three independent primary pools identified by the government: Pool 1 – IaaS and PaaS; Group 2 – SaaS; Pool 3 – cloud IT professional services.
The main special article number for the three groups is 518210C, Cloud Computing and Cloud Related IT Professional Services SIN. GSA says all three pools will have a secondary SIN of “any additional assigned MAS contract SIN deemed necessary.” In addition, pool 3 will also include 54151S, Information Technology Professional Services SIN, as a deprecated SIN.
The GSA states in the PWS that “The use of any additional assigned MAS SIN is proposed to address complex or unique customer requirements associated with hybrid cloud solutions or ‘on-premise’ requirements that are not supported by SIN 518210C or SIN 54151S. They should not represent a significant level of raw material procurement effort or cost relative to the estimated overall cost of the solution.
Given this primary SIN and the restrictions placed on the use of additional SINs, cloud service providers should take special care to ensure that their cloud service offerings (CSOs) hoping to be included in the next BPA are assigned on the cloud SIN. If CSOs are not currently assigned under the SIN cloud, taking action now to prepare and submit a change to add offerings to SIN 518210C will ensure the CSP is prepared and ready for the upcoming Ascend BPA.
How will it be structured?
With a focus on cloud smart/security smart goals, Ascend aims to establish baseline minimum requirements that address Cyber Executive Order 14028, NIST best practices, cyber security supply chain risk management (C-SCRM ) and the resiliency and cybersecurity of zero trust architecture (ZTA) baselines that leverage agile development, security and operations (DevSecOps) and continuous integration/continuous deployment (CI/CD) processes.
Why should CSPs bring their offerings to Ascend?
With the assurance that the cloud offerings on Ascend BPA meet cybersecurity legislation, regulations and policies, agencies will be able to procure cloud products and services in a streamlined procurement environment. Reducing the complexity of cloud acquisition gives cloud service providers the opportunity to get their IaaS, PaaS and SaaS solutions into the hands of their client agencies faster, provided the CSP has its solutions on a GSA contract MAS (Information Technology Large Category, IT Solutions Subcategory, and Cloud Computing and cloud-related IT professional services SIN 518210C).
With the draft performance work statement released in May and a market research RFI released in July, the GSA said it is gathering industry feedback and is working on a draft RFQ for Ascend which it hopes to release in the second quarter of 2019. 2023. Government agencies looking to ease the burden of cloud acquisition and interested CSPs who want a lean and streamlined vehicle to get their cloud solutions into the hands of their government customers should stay tuned.