CGI Federal awarded $8.1M for Nuclear Regulatory Commission SOC services under full and open competition

Contract Overview

Contract Amount: $8,072,469 ($8.1M)

Contractor: CGI Federal Inc.

Awarding Agency: Nuclear Regulatory Commission

Start Date: 2022-09-29

End Date: 2027-01-31

Contract Duration: 1,585 days

Daily Burn Rate: $5.1K/day

Competition Type: FULL AND OPEN COMPETITION

Number of Offers Received: 3

Pricing Type: FIRM FIXED PRICE

Sector: Other

Official Description: GLINDA SECURITY OPERATIONS CENTER (SOC) SERVICES

Place of Performance

Location: WASHINGTON, DISTRICT OF COLUMBIA County, DISTRICT OF COLUMBIA, 20555

State: District of Columbia Government Spending

Plain-Language Summary

Nuclear Regulatory Commission obligated $8.1 million to CGI FEDERAL INC. for work described as: GLINDA SECURITY OPERATIONS CENTER (SOC) SERVICES Key points: 1. The contract value of $8.1 million over approximately 5 years suggests a moderate annual spend for critical security operations. 2. Full and open competition indicates a potentially competitive bidding process, which can lead to better pricing. 3. The firm-fixed-price contract type shifts performance risk to the contractor, providing cost certainty for the government. 4. The North American Industry Classification System (NAICS) code 541519 covers 'Other Computer Related Services,' a broad category. 5. The contract's duration of 1585 days (approx. 4.3 years) aligns with typical service contract lengths. 6. The award was made via a BPA Call, suggesting it was placed against an existing Blanket Purchase Agreement.

Value Assessment

Rating: good

The contract value of $8.1 million over nearly five years averages to approximately $1.6 million annually. Benchmarking this against similar Security Operations Center (SOC) services contracts is challenging without more specific service details. However, the firm-fixed-price structure provides a degree of cost predictability. The number of bids received (3) suggests some level of interest, but a more robust competition might have yielded better value.

Cost Per Unit: N/A

Competition Analysis

Competition Level: full-and-open

This contract was awarded under full and open competition, meaning all responsible sources were permitted to submit a bid. Three offers were received, indicating a moderate level of competition for these services. While three bidders is better than a sole-source award, a higher number of bids could potentially drive prices down further and encourage more innovative solutions.

Taxpayer Impact: The full and open competition, despite receiving only three bids, suggests that taxpayers likely benefited from a competitive pricing environment, avoiding the premium often associated with sole-source procurements.

Public Impact

The primary beneficiary is the Nuclear Regulatory Commission (NRC), which receives essential cybersecurity monitoring and incident response capabilities. The services delivered are critical for protecting the NRC's IT infrastructure and sensitive data from cyber threats. The contract's geographic impact is centered in the District of Columbia, where the NRC is headquartered. This contract supports specialized IT security roles, contributing to the cybersecurity workforce.

Waste & Efficiency Indicators

Waste Risk Score: 50 / 10

Warning Flags

Limited competition (3 bidders) may not have fully explored the market's pricing potential.
The broad NAICS code (541519) could encompass a wide range of services, making precise value assessment difficult without further detail.
Reliance on a BPA Call might indicate pre-existing relationships or limitations on the scope of competition.

Positive Signals

Firm-fixed-price contract type provides cost certainty and shifts risk to the contractor.
Full and open competition, even with limited bidders, is generally favorable for price discovery.
The contract duration allows for stable service provision and potential for contractor expertise development.

Sector Analysis

The IT services sector, particularly cybersecurity, is experiencing significant growth and demand. Contracts for Security Operations Center (SOC) services are crucial for government agencies to defend against increasingly sophisticated cyber threats. The annual spending for this contract, estimated at around $1.6 million, falls within the moderate range for specialized IT security support, reflecting the critical nature of protecting sensitive government operations.

Small Business Impact

There is no indication that this contract included a small business set-aside. Given the specialized nature of SOC services, it is possible that larger, more established companies are better positioned to compete. Subcontracting opportunities for small businesses may exist, but are not explicitly detailed in the award information provided.

Oversight & Accountability

The Nuclear Regulatory Commission (NRC) is responsible for overseeing this contract. As a civilian agency, its procurement processes are subject to federal acquisition regulations and oversight by bodies like the Government Accountability Office (GAO) and potentially the Office of Inspector General (OIG) for fraud, waste, or abuse. Transparency is facilitated through contract award databases like FPDS.

Related Government Programs

Cybersecurity Services
IT Operations Support
Information Security
Network Monitoring
Incident Response

Risk Flags

Limited Competition
Broad NAICS Code
BPA Call Award Mechanism

Frequently Asked Questions

What is this federal contract paying for?

Nuclear Regulatory Commission awarded $8.1 million to CGI FEDERAL INC.. GLINDA SECURITY OPERATIONS CENTER (SOC) SERVICES

Who is the contractor on this award?

The obligated recipient is CGI FEDERAL INC..

Which agency awarded this contract?

Awarding agency: Nuclear Regulatory Commission (Nuclear Regulatory Commission).

What is the total obligated amount?

The obligated amount is $8.1 million.

What is the period of performance?

Start: 2022-09-29. End: 2027-01-31.

What is the specific scope of services included under the 'Other Computer Related Services' (NAICS 541519) for the Glinda Security Operations Center?

The provided data indicates the NAICS code is 541519, which broadly covers 'Other Computer Related Services.' For the Glinda Security Operations Center (SOC) services, this likely encompasses a range of cybersecurity functions such as 24/7 monitoring of network traffic and systems, threat detection and analysis, incident response coordination, vulnerability management, and potentially security device management. Without a detailed Statement of Work (SOW), the precise deliverables and service level agreements (SLAs) remain unspecified. However, the context of an SOC implies a focus on proactive and reactive measures to safeguard the Nuclear Regulatory Commission's IT infrastructure and data against cyber threats.

How does the $8.1 million contract value compare to typical spending for similar SOC services at federal agencies?

The total contract value of $8.1 million over approximately 5 years equates to an average annual spend of roughly $1.6 million. This figure is considered moderate for dedicated SOC services within a federal agency. Larger agencies with more extensive IT infrastructures and higher threat profiles might spend significantly more, potentially in the tens of millions annually. Conversely, smaller agencies or those with less complex systems might spend less. The NRC's specific IT footprint and risk posture would influence whether this amount represents optimal value or if it's on the higher or lower end for its particular needs. Benchmarking requires detailed comparison of service scope, performance metrics, and contract duration.

What are the potential risks associated with having only three bidders for this contract?

Having only three bidders for this contract presents several potential risks. Firstly, it suggests a potentially limited pool of qualified contractors, which could mean less innovation or fewer specialized capabilities available in the market. Secondly, reduced competition can lead to less downward pressure on pricing, potentially resulting in the government paying more than it might have if more bidders were involved. Thirdly, it might indicate barriers to entry for other potential contractors, such as complex requirements, specific security clearances, or the need for pre-existing relationships (e.g., via a BPA). This limited competition could impact the government's ability to secure the best possible value and service.

What is CGI Federal Inc.'s track record with government contracts, particularly for cybersecurity services?

CGI Federal Inc. is a well-established government contractor with a significant history of awards across various federal agencies. While specific details on their cybersecurity contract performance require deeper analysis of contract databases, CGI generally holds numerous contracts related to IT services, systems integration, and professional services. Their experience likely includes providing security-related support, though the scale and specialization for SOC services would need further investigation. Past performance reviews and any reported issues or successes on similar contracts would provide a clearer picture of their capabilities and reliability in this specific domain.

How does the firm-fixed-price (FFP) contract type impact the government's risk and potential for cost overruns?

The firm-fixed-price (FFP) contract type is generally advantageous for the government in terms of cost control and risk mitigation. Under an FFP contract, the contractor, CGI Federal Inc., assumes the primary responsibility for all costs incurred in performing the work. The price is set at the outset and does not change unless the contract scope is formally modified. This shifts the risk of cost overruns from the government to the contractor. For the Nuclear Regulatory Commission, this means a high degree of cost certainty for the $8.1 million award. The main risk for the government shifts towards ensuring the contractor meets the defined performance standards and quality requirements within the agreed-upon price.

What does the use of a BPA Call signify in the context of this contract award?

The award being made via a BPA Call indicates that this contract was placed against an existing Blanket Purchase Agreement (BPA). BPAs are established with vendors to streamline the process of purchasing commonly needed supplies or services. They are not contracts in themselves but rather agreements that set terms, conditions, and pricing for future orders. A 'BPA Call' signifies a specific order or task placed under that overarching BPA. This method can expedite procurement, especially for recurring needs like SOC services. However, it might also imply that the competition was limited to vendors already holding the parent BPA, potentially restricting the pool of bidders compared to a standalone full and open competition.

Industry Classification

NAICS: Professional, Scientific, and Technical Services › Computer Systems Design and Related Services › Other Computer Related Services

Product/Service Code: IT AND TELECOM - INFORMATION TECHNOLOGY AND TELECOMMUNICATIONS › IT AND TELECOM - DELIVERY

Competition & Pricing

Extent Competed: FULL AND OPEN COMPETITION

Solicitation Procedures: SUBJECT TO MULTIPLE AWARD FAIR OPPORTUNITY

Solicitation ID: 31310022Q0006

Offers Received: 3

Pricing Type: FIRM FIXED PRICE (J)

Evaluated Preference: NONE

Contractor Details

Parent Company: THE Timken Company

Address: 12601 FAIR LAKES CIR, FAIRFAX, VA, 22033

Business Categories: Category Business, Corporate Entity Not Tax Exempt, Not Designated a Small Business, Special Designations, U.S.-Owned Business

Financial Breakdown

Contract Ceiling: $13,769,871

Exercised Options: $11,308,618

Current Obligation: $8,072,469

Subaward Activity

Number of Subawards: 9

Total Subaward Amount: $450,000

Contract Characteristics

Commercial Item: COMMERCIAL PRODUCTS/SERVICES

Parent Contract

Parent Award PIID: NRCHQ1017A0004

IDV Type: BPA

Timeline