DHS awards $30.8M contract for on-demand FedRAMP software and training to Questionmark Corporation

Contract Overview

Contract Amount: $30,872 ($30.9K)

Contractor: Questionmark Corporation

Awarding Agency: Department of Homeland Security

Start Date: 2024-09-29

End Date: 2025-09-28

Contract Duration: 364 days

Daily Burn Rate: $85/day

Competition Type: FULL AND OPEN COMPETITION

Number of Offers Received: 4

Pricing Type: FIRM FIXED PRICE

Sector: IT

Official Description: QUESTIONMARK ONDEMAND FEDRAMP SOFTWARE AND TRAINING/SUPPORT

Place of Performance

Location: CAMP SPRINGS, HOWARD County, MARYLAND, 20588

State: Maryland Government Spending

Plain-Language Summary

Department of Homeland Security obligated $30,871.78 to QUESTIONMARK CORPORATION for work described as: QUESTIONMARK ONDEMAND FEDRAMP SOFTWARE AND TRAINING/SUPPORT Key points: 1. Contract value represents a significant investment in cloud security compliance. 2. Competition dynamics suggest a potentially competitive bidding process for this service. 3. Performance risk appears moderate given the fixed-price nature and defined duration. 4. This contract supports critical cybersecurity infrastructure for USCIS. 5. The IT services sector sees continued demand for compliance and security solutions.

Value Assessment

Rating: good

The contract value of $30.8 million for a one-year period for on-demand FedRAMP software and training appears reasonable within the context of specialized IT security services. Benchmarking against similar contracts for FedRAMP compliance solutions and training is challenging due to the niche nature of the service and the specific vendor. However, the firm fixed-price structure suggests that the government has a clear understanding of the costs involved, and the vendor assumes the risk of cost overruns. The duration of one year also allows for periodic review of value delivery.

Cost Per Unit: N/A

Competition Analysis

Competition Level: full-and-open

This contract was awarded under full and open competition, indicating that all responsible sources were permitted to submit bids. The presence of 4 bidders suggests a healthy level of competition for this specialized IT service. A competitive process generally leads to better price discovery and potentially more innovative solutions as vendors vie for the contract. The government received multiple proposals, allowing for a comparison of technical capabilities and pricing.

Taxpayer Impact: Taxpayers benefit from a competitive process that aims to secure the best value for the government's investment in cybersecurity compliance tools and training.

Public Impact

U.S. Citizenship and Immigration Services (USCIS) personnel will benefit from access to on-demand FedRAMP software and training. The services delivered will enhance the security posture of cloud-based systems used by USCIS. The geographic impact is primarily within Maryland, where the contractor is located, but the benefits extend to federal IT security nationwide. Workforce implications include training for IT professionals on FedRAMP compliance, potentially upskilling federal employees.

Waste & Efficiency Indicators

Waste Risk Score: 50 / 10

Warning Flags

Potential for vendor lock-in if the software becomes deeply integrated into USCIS workflows.
Reliance on a single vendor for critical FedRAMP compliance training could pose a risk if the vendor experiences operational issues.
Ensuring the training content remains up-to-date with evolving FedRAMP requirements will be crucial.

Positive Signals

Awarded through full and open competition, indicating a robust selection process.
Firm fixed-price contract structure shifts cost overrun risk to the contractor.
The contract duration of one year allows for reassessment and potential re-competition.
The vendor, Questionmark Corporation, likely has established expertise in assessment and compliance solutions.

Sector Analysis

The Information Technology (IT) sector, particularly the segment focused on cybersecurity and compliance, is experiencing substantial growth driven by increasing cyber threats and stringent regulatory requirements like FedRAMP. Federal agencies are heavily investing in solutions that ensure the security and compliance of their cloud environments. This contract for on-demand FedRAMP software and training fits within this broader trend, supporting the government's ongoing efforts to secure its digital infrastructure. Comparable spending benchmarks for similar IT security and compliance services can vary widely based on scope, duration, and specific technologies involved.

Small Business Impact

This contract was awarded under full and open competition and does not appear to have a specific small business set-aside. The data indicates the prime contractor is Questionmark Corporation. There is no explicit information regarding subcontracting plans for small businesses within this award notice. The impact on the small business ecosystem would depend on whether Questionmark Corporation engages small businesses as subcontractors for specialized services or support related to this contract.

Oversight & Accountability

Oversight for this contract will likely be managed by the U.S. Citizenship and Immigration Services (USCIS) contracting officer and program managers. Accountability measures are embedded in the firm fixed-price contract terms, requiring the delivery of specified software and training. Transparency is facilitated through the Federal Procurement Data System (FPDS), where contract awards are publicly reported. The Inspector General for the Department of Homeland Security may conduct audits or investigations if concerns regarding performance or misuse of funds arise.

Related Government Programs

FedRAMP Authorization Program
Cloud Security Services
IT Training and Professional Development
Cybersecurity Software Solutions

Risk Flags

Vendor Performance Risk
Technology Obsolescence Risk
Contract Management Oversight

Frequently Asked Questions

What is this federal contract paying for?

Department of Homeland Security awarded $30,871.78 to QUESTIONMARK CORPORATION. QUESTIONMARK ONDEMAND FEDRAMP SOFTWARE AND TRAINING/SUPPORT

Who is the contractor on this award?

The obligated recipient is QUESTIONMARK CORPORATION.

Which agency awarded this contract?

Awarding agency: Department of Homeland Security (U.S. Citizenship and Immigration Services).

What is the total obligated amount?

The obligated amount is $30,871.78.

What is the period of performance?

Start: 2024-09-29. End: 2025-09-28.

What is Questionmark Corporation's track record with federal contracts, particularly for FedRAMP-related services?

Questionmark Corporation has a history of engaging with federal agencies, though specific details on their FedRAMP-related contract performance require deeper analysis of historical procurement data. Their core business often involves assessment and learning solutions, which can be adapted for compliance training. A review of past performance evaluations and any contract modifications or disputes associated with their federal awards would provide a clearer picture of their reliability and expertise in delivering similar services. Examining their prior work with agencies like DHS or USCIS, if any, would be particularly relevant to understanding their suitability for this specific award.

How does the $30.8 million contract value compare to similar FedRAMP software and training procurements?

Directly comparing the $30.8 million value for this one-year contract is challenging without access to a comprehensive database of similar, recently awarded FedRAMP software and training contracts. The market for specialized compliance software and training can be dynamic. Factors such as the scope of the software (e.g., assessment tools, documentation platforms), the depth and breadth of training offered, and the number of users or agencies covered significantly influence pricing. However, for a comprehensive, on-demand solution supporting a major agency like USCIS, this figure appears to be within a plausible range for specialized IT security services, assuming it covers a broad set of capabilities and user access.

What are the primary risks associated with this contract, and how are they mitigated?

Key risks include potential vendor performance issues (failure to deliver timely or adequate software/training), the risk of the software becoming outdated relative to evolving FedRAMP standards, and the possibility of cost overruns if the fixed-price model is not carefully managed. Mitigation strategies include the firm fixed-price structure, which places cost risk on the contractor. The one-year duration allows for regular performance reviews and the opportunity to address deficiencies. USCIS will likely have defined performance metrics and milestones within the contract to monitor progress and ensure compliance with requirements. Strong contract management and clear communication channels are essential.

How effective is the on-demand FedRAMP software and training likely to be for USCIS?

The effectiveness hinges on the quality of Questionmark Corporation's software and training modules, and how well they align with USCIS's specific needs and existing IT infrastructure. On-demand solutions offer flexibility, allowing personnel to access training and resources as needed, which can be highly effective for continuous learning and addressing immediate compliance needs. If the software provides robust tools for managing compliance documentation and the training is comprehensive and engaging, it should significantly aid USCIS in achieving and maintaining FedRAMP authorization for its cloud services. Success will also depend on user adoption and the agency's commitment to integrating the training into its operational workflows.

What are the historical spending patterns for FedRAMP-related services by DHS or USCIS?

Analyzing historical spending patterns for FedRAMP-related services by DHS and USCIS would require accessing detailed procurement data over several fiscal years. Agencies like DHS, with its broad mandate and significant IT footprint, typically invest consistently in cybersecurity and compliance. Spending on FedRAMP can fluctuate based on the agency's cloud adoption strategy, the number of systems seeking authorization, and the maturity of its internal compliance programs. Understanding past investments can reveal trends in technology adoption, vendor relationships, and the overall budget allocated to ensuring cloud security. This specific $30.8 million award suggests a substantial, focused investment in this area for the current period.

Industry Classification

NAICS: Professional, Scientific, and Technical Services › Computer Systems Design and Related Services › Other Computer Related Services

Product/Service Code: IT AND TELECOM - APLLICATIONS

Competition & Pricing

Extent Competed: FULL AND OPEN COMPETITION

Solicitation Procedures: SUBJECT TO MULTIPLE AWARD FAIR OPPORTUNITY

Offers Received: 4

Pricing Type: FIRM FIXED PRICE (J)

Evaluated Preference: NONE

Contractor Details

Address: 333 WEST 39TH ST STE 1003, NEW YORK, NY, 10018

Business Categories: Category Business, Corporate Entity Not Tax Exempt, Foreign Owned, Not Designated a Small Business, Special Designations, U.S.-Owned Business

Financial Breakdown

Contract Ceiling: $30,872

Exercised Options: $30,872

Current Obligation: $30,872

Actual Outlays: $31,343

Contract Characteristics

Commercial Item: COMMERCIAL PRODUCTS/SERVICES

Parent Contract

Parent Award PIID: GS35F0380Y

IDV Type: FSS

Timeline