New fed incubator, OASIS on-ramps and NIST guidance

Fed-focused incubator opens in Crystal City

Small IT companies hoping to work with federal agencies face daunting barriers to entry, and feds often have trouble finding the right small businesses for their contracts. Eastern Foundry, a veteran-owned technology and innovation incubator that unveiled its Crystal City, Va., facilities on Dec. 16, aims to help both groups clear those hurdles.

According to co-founder and CEO Geoff Orazem, Eastern Foundry offers companies the standard services found at incubators from Boston to Silicon Valley -- affordable office space, mentoring from industry leaders and a community of like-minded entrepreneurs -- and much-needed help in navigating the "bewildering" world of federal contracting.

"The inspiration for Eastern Foundry came from our own frustration breaking into the government contracting space," Orazem said at the ribbon-cutting ceremony, which also featured Sen. Mark Warner (D-Va.).

In a statement, Eastern Foundry promised to provide agencies with a "single point of access" to a diverse cluster of small businesses, both for "rapid collection of market data...and in-person dissemination of procurement information." The incubator has already filled more than three-quarters of its 21,000-square-foot office space.

OASIS ponders vendor on-ramps

As its $60 billion One Acquisition Solution for Integrated Services contracting vehicle matures, the General Services Administration said it could add on-ramps for other vendors to enter it.

In a Dec. 17 post on GSA's OASIS Interact Community page, Program Manager Jim Ghiloni said the agency could "refresh" the pool of contractors by giving other vendors access to the contract. Any additions would be announced via the interactive OASIS site or the FedBizOpps website, he added.

"At this point in time, we are not ready to announce any specific on-ramps," he wrote, adding that the blog post was spurred by questions from federal customers.

The OASIS contracts, which were awarded in May, are broken into pools and subpools of providers, and an on-ramp could be added to either type of group, Ghiloni said.

"We made approximately 40 awards in each competitive pool because we believe that this will result in approximately three to five bids per task order," he said. "That's a healthy level of competition [that] will ensure innovation and competitive pricing without overwhelming contracting officers."

As OASIS and its OASIS SB small-business counterpart mature and task orders are issued, GSA will be watching the numbers of bids received. "If we do not achieve the desired level of competition, we will execute on-ramps to refresh the group of industry partners in a particular pool," he wrote.

He added that the agency fully expects to use on-ramps when the initial OASIS contract period expires in 2019 and as many successful OASIS SB vendors migrate to the main OASIS contract.

NIST revises guidance on security, privacy assessments

The National Institute of Standards and Technology has revised Special Publication 800-53A — "Assessing Security and Privacy Controls in Federal Information Systems and Organizations," GCN reports. The fourth revision of the document contains significant changes to the 2010 version in content and format, according to NIST.

The publication provides guidelines for building security and privacy assessment plans and offers a comprehensive set of procedures for assessing security and privacy controls used in information systems and organizations.