IBM's $22.5M contract for Automated Threat Prioritization shows fair value, but limited competition raises concerns

Contract Overview

Contract Amount: $22,509,424 ($22.5M)

Contractor: International Business Machines Corporation

Awarding Agency: Department of Homeland Security

Start Date: 2009-09-25

End Date: 2013-02-28

Contract Duration: 1,252 days

Daily Burn Rate: $18.0K/day

Competition Type: COMPETITIVE DELIVERY ORDER

Number of Offers Received: 5

Pricing Type: COST PLUS FIXED FEE

Sector: IT

Official Description: AUTOMATED THREAT PRIORITIZATION (ATP) FOR SECURE COMMUNITIES

Place of Performance

Location: BETHESDA, MONTGOMERY County, MARYLAND, 20817

State: Maryland Government Spending

Plain-Language Summary

Department of Homeland Security obligated $22.5 million to INTERNATIONAL BUSINESS MACHINES CORPORATION for work described as: AUTOMATED THREAT PRIORITIZATION (ATP) FOR SECURE COMMUNITIES Key points: 1. Value for money appears reasonable given the services provided, though direct comparisons are challenging. 2. Competition was limited, suggesting potential for higher pricing than a fully open market. 3. Risk indicators are moderate, with a focus on performance and delivery. 4. The contract's performance context is within a critical national security function. 5. This contract positions IBM as a key provider in the federal cybersecurity and data analytics sector.

Value Assessment

Rating: fair

The contract's total value of $22.5 million over approximately four years suggests a moderate annual spend. Benchmarking against similar custom computer programming services for federal agencies indicates that the pricing structure, while not explicitly detailed here, falls within a generally acceptable range for specialized IT solutions. However, without more granular data on specific deliverables and labor rates, a definitive assessment of 'excellent' value is difficult. The Cost Plus Fixed Fee (CPFF) structure can sometimes lead to cost overruns if not tightly managed, but it also allows for flexibility in evolving requirements.

Cost Per Unit: N/A

Competition Analysis

Competition Level: limited

This contract was awarded as a competitive delivery order, implying it was part of a larger indefinite-delivery/indefinite-quantity (IDIQ) contract vehicle. While competitive, the specific number of bidders (5) suggests a focused competition rather than a broad, open-market solicitation. This level of competition can still yield competitive pricing, but it may not achieve the same price discovery as a fully open and unrestricted competition with a larger pool of bidders. The limited number of bidders could indicate a specialized requirement or a pre-qualified list of vendors.

Taxpayer Impact: For taxpayers, limited competition can mean potentially higher costs compared to a scenario with more bidders driving prices down. However, if the limited bidders are highly specialized and efficient, the overall value might still be good.

Public Impact

The primary beneficiaries are U.S. Immigration and Customs Enforcement (ICE) and the Department of Homeland Security (DHS), enhancing their ability to identify and prioritize threats. The services delivered include custom computer programming for an Automated Threat Prioritization system, crucial for national security. The geographic impact is national, supporting federal law enforcement and security operations across the United States. Workforce implications include the need for specialized IT professionals within DHS/ICE and potentially within IBM to develop and maintain the system.

Waste & Efficiency Indicators

Waste Risk Score: 50 / 10

Warning Flags

Limited competition may have resulted in a higher price than a fully open market.
The CPFF contract type requires diligent oversight to prevent cost overruns.
Reliance on a single contractor (IBM) for a critical system could pose long-term dependency risks.

Positive Signals

IBM is a well-established contractor with a significant federal presence.
The contract addresses a critical national security need for threat prioritization.
The delivery order mechanism suggests it was part of a potentially competitive IDIQ vehicle.

Sector Analysis

The federal IT services market is vast and highly competitive, with significant spending allocated to custom computer programming and cybersecurity solutions. This contract falls within the broader category of IT services, specifically focusing on data analytics and threat intelligence for law enforcement and national security. Comparable spending benchmarks in this niche often involve large, complex systems integration and software development projects, where costs can range widely based on complexity and contractor expertise. IBM's position in this sector is strong, given its history of large federal IT contracts.

Small Business Impact

This contract does not appear to have a small business set-aside component (sb: false). Given the nature of the services and the prime contractor (IBM), it is unlikely that significant subcontracting opportunities for small businesses would be mandated or prevalent, unless IBM specifically chose to engage them for specialized tasks. The focus is on a large prime contractor delivering a complex IT solution.

Oversight & Accountability

Oversight for this contract would primarily fall under the Department of Homeland Security (DHS) and U.S. Immigration and Customs Enforcement (ICE) contracting officers and program managers. As a Cost Plus Fixed Fee (CPFF) contract, rigorous financial oversight is crucial to monitor expenditures against the fixed fee and ensure compliance with the contract terms. Transparency is generally maintained through contract reporting mechanisms, though specific details of the threat prioritization system's inner workings are likely classified or sensitive. The DHS Office of Inspector General (OIG) would have jurisdiction for audits and investigations if any irregularities were suspected.

Related Government Programs

Homeland Security Information Network (HSIN)
DHS Cybersecurity Initiatives
Federal Law Enforcement Data Analytics Programs
National Cybersecurity Threat Intelligence Systems

Risk Flags

Limited Competition
Cost Plus Fixed Fee Contract Type
Potential for Cost Overruns

Frequently Asked Questions

What is this federal contract paying for?

Department of Homeland Security awarded $22.5 million to INTERNATIONAL BUSINESS MACHINES CORPORATION. AUTOMATED THREAT PRIORITIZATION (ATP) FOR SECURE COMMUNITIES

Who is the contractor on this award?

The obligated recipient is INTERNATIONAL BUSINESS MACHINES CORPORATION.

Which agency awarded this contract?

Awarding agency: Department of Homeland Security (U.S. Immigration and Customs Enforcement).

What is the total obligated amount?

The obligated amount is $22.5 million.

What is the period of performance?

Start: 2009-09-25. End: 2013-02-28.

What is IBM's track record with similar federal IT contracts, particularly in cybersecurity and threat intelligence?

IBM has a long and extensive history of contracting with the U.S. federal government across various agencies, including the Department of Homeland Security (DHS), Department of Defense (DoD), and others. They have been involved in numerous large-scale IT projects, encompassing areas like cloud computing, data analytics, cybersecurity, and enterprise resource planning systems. Their track record includes both successes and challenges, typical for contractors of their size handling complex, mission-critical systems. For cybersecurity and threat intelligence specifically, IBM's federal engagements often involve providing advanced analytics, security operations center (SOC) support, and threat detection capabilities. While specific performance metrics for past contracts are not detailed here, their continued presence and award of significant contracts suggest a generally satisfactory performance history, though subject to agency-specific evaluations and potential past performance reviews during future solicitations.

How does the $22.5 million contract value compare to other federal spending on Automated Threat Prioritization systems?

Directly comparing the $22.5 million value of this specific contract to 'Automated Threat Prioritization' (ATP) systems across the federal government is challenging due to varying definitions, scopes, and contract structures. Federal spending on cybersecurity and threat intelligence is substantial, often aggregated into broader categories like IT services, software development, or intelligence support. This contract, awarded to IBM by DHS/ICE, represents a significant investment over its duration (approximately 4 years). However, it's one component within a much larger federal cybersecurity apparatus. Other agencies might have similar or larger programs under different names, potentially using different contracting vehicles (e.g., large IDIQs, prime system integrators). Without a standardized federal taxonomy for 'Automated Threat Prioritization' systems and their associated costs, a precise benchmark is difficult. The value appears reasonable for a specialized, custom-developed system for a critical agency like ICE.

What are the primary risks associated with a Cost Plus Fixed Fee (CPFF) contract for a system like Automated Threat Prioritization?

The primary risks associated with a Cost Plus Fixed Fee (CPFF) contract, like the one awarded to IBM for ATP, revolve around cost control and contractor incentive. For the government, the main risk is that the contractor may not be sufficiently incentivized to control costs, as the government agrees to cover all allowable costs plus a predetermined fixed fee. If the contractor's actual costs exceed estimates, the government bears the burden, potentially leading to a higher final price than anticipated. This necessitates robust government oversight to scrutinize all incurred costs and ensure they are reasonable, allocable, and allowable. For the contractor, the risk lies in accurately estimating costs; if actual costs exceed estimates, their profit margin (the fixed fee) is reduced. This can sometimes lead contractors to cut corners on quality or scope if not managed properly. Effective risk mitigation requires diligent contract administration, clear performance metrics, and regular audits.

How effective are Automated Threat Prioritization systems in enhancing national security and law enforcement operations?

Automated Threat Prioritization (ATP) systems are designed to significantly enhance national security and law enforcement operations by processing vast amounts of data from various sources (e.g., network traffic, intelligence feeds, open-source information) to identify, analyze, and rank potential threats. Their effectiveness lies in their ability to automate tasks that would be overwhelming for human analysts alone, allowing security personnel to focus on the most critical and actionable intelligence. By prioritizing threats based on predefined criteria and machine learning algorithms, these systems enable faster response times, more efficient allocation of resources, and a more proactive security posture. For agencies like ICE, this translates to better identification of smuggling networks, potential terrorist activities, or other security risks. The effectiveness is contingent on the quality of the data inputs, the sophistication of the algorithms, the integration with existing systems, and the skill of the analysts using the system's outputs.

What is the historical spending trend for custom computer programming services at DHS/ICE?

Analyzing the historical spending trend specifically for 'Custom Computer Programming Services' at DHS/ICE requires access to detailed historical contract databases and procurement reports. This particular contract with IBM for ATP, awarded in 2009 and ending in 2013, represents a portion of that spending during that period. Generally, agencies like DHS and its components, including ICE, have consistently allocated significant portions of their budgets to IT services, including custom software development, to support their complex missions. Spending in this category often fluctuates based on agency priorities, technological advancements, and the lifecycle of existing systems (i.e., upgrades, replacements, new development). Without specific aggregated data for DHS/ICE's custom programming expenditures over multiple years, it's difficult to establish a precise trend. However, it is reasonable to assume a sustained and potentially increasing investment in such services given the evolving nature of threats and the increasing reliance on technology for law enforcement and security.

What are the implications of awarding a competitive delivery order versus a sole-source contract for this type of service?

Awarding a competitive delivery order, as was done for IBM's ATP system, has significant implications compared to a sole-source contract. A competitive delivery order means that multiple vendors were likely considered or competed for this specific task order under a broader IDIQ contract. This process generally fosters price competition, encouraging vendors to offer their best pricing and technical solutions to win the order. It increases the likelihood that the government obtains fair and reasonable pricing and a solution that best meets its needs. In contrast, a sole-source contract is awarded to a single vendor without competition, typically due to unique capabilities, urgent needs, or lack of alternatives. Sole-source awards often carry a higher risk of inflated pricing and may not result in the most optimal solution. Therefore, the competitive nature of this delivery order, even if limited in the number of bidders, suggests a more favorable outcome for the government in terms of value and selection compared to a sole-source scenario.

Industry Classification

NAICS: Professional, Scientific, and Technical Services › Computer Systems Design and Related Services › Custom Computer Programming Services

Product/Service Code: IT AND TELECOM - INFORMATION TECHNOLOGY AND TELECOMMUNICATIONS › ADP AND TELECOMMUNICATIONS

Competition & Pricing

Extent Competed: COMPETITIVE DELIVERY ORDER

Solicitation Procedures: NEGOTIATED PROPOSAL/QUOTE

Solicitation ID: HSCETC-09-R-00021

Offers Received: 5

Pricing Type: COST PLUS FIXED FEE (U)

Evaluated Preference: NONE

Contractor Details

Address: 6710 ROCKLEDGE DR, BETHESDA, MD, 20817

Business Categories: Category Business, Not Designated a Small Business

Financial Breakdown

Contract Ceiling: $26,407,982

Exercised Options: $23,682,736

Current Obligation: $22,509,424

Contract Characteristics

Commercial Item: COMMERCIAL ITEM PROCEDURES NOT USED

Parent Contract

Parent Award PIID: HSHQDC06D00019

IDV Type: IDC

Timeline