GSA retools contract management system
- By John Moore
- Mar 13, 2014
The General Services Administration has embarked on a multiyear restructuring of a system for managing federal contract awards, aiming for greater data accuracy and an improved open user experience among other benefits.
GSA’s System for Award Management, or SAM, went into production in 2012 with the plan of consolidating several procurement management systems into one.
Thus far, the Central Contractor Registration vendor database, the Federal Agency Registration, the Online Representations and Certifications Applications and the Excluded Parties List System have migrated to SAM. The idea is to provide those acquisition tools to all agencies as a shared system.
In rolling out the system, GSA has encountered security and speed irregularities. Last March, agency officials found a security vulnerability in SAM that could let users view other users’ registration information, including Social Security numbers. At the time, the agency said it immediately deployed a software patch, noting that the vulnerability did not appear to have been exploited by hackers.
As for speed, the SAM registration process had been taking longer than a week.
These and other performance problems related to federal contracting databases have drawn the attention of lawmakers. In a March 6 hearing, Sen. Claire McCaskill (D-Mo.) called the systems “shockingly clunky” and expressed concerns a unified system might maintain legacy irregularities.
GSA, however, has been working to bolster the SAM system. Judith Zawatsky, GSA’s director of outreach and stakeholder management, Integrated Award Environment (IAE), said external and internal tests were conducted on SAM and that the security concerns identified during testing were addressed through standard GSA IT security processes.
“The SAM team addressed security bugs through a number of releases through the spring and summer,” Zawatsky said, adding that security updates were rolled out and certified and a new Authority to Operate the system was put in place in November.
SAM has seen speed improvements as well. An individual, business, or government agency that wants to pursue federal government contracts goes through a registration process and three external validations. During 2013, the average registration time was nine days. That process now takes two days, according to Zawatsky.
Common road map
While pursuing the SAM improvements, GSA has also set up a road map for restructuring the system. The agency’s IAE transition plan aims to move away from a single system and toward a set of common services for handling various acquisition functions. The plan aims to achieve an “open and user-centric environment,” according to a Dec. 18 GSA industry presentation.
The agency had considered alternatives to the open environment. One option included rebuilding SAM with existing functionality while halting further system consolidation. Another option focused on rebuilding SAM and integrating the still-to-be consolidated legacy systems.
Those legacy systems include FedBizOpps (FBO), the Electronic Subcontracting Reporting System (eSRS) and the Federal Funding Accountability and Transparency Act Sub-award Reporting System (FSRS).
Zawatsky said the expected benefits of the open design approach include “enhanced transparency of data” and improved ease of use. She also cited improvements in the fluidity and accuracy of data through the “multiple functionalities that the IAE serves across the entire federal award process.”
In addition, the open philosophy encourages the use of third-party application programming interfaces (APIs), Zawatsky noted, which will give users more ways to access procurement data.
The GSAs IAE transition will unfold through fiscal year 2018. During that timespan, legacy systems -- such as FBO, eSRS, FSRS -- will be decommissioned along with the legacy SAM infrastructure, the GSA industry presentation noted. Data from those systems, however, will be extracted for use in the successor environment.
The transfer of data will be evaluated on a case-by-case basis, Zawatsky said.
“Each system has a unique configuration that may require specific extract-transform-load (ETL) techniques to migrate data to the planned central data store,” she said. “Our priority in those migrations will be strong data governance and data quality management that will assure that the migrated data meets business requirements.”
Organizations use ETL approaches and tools to pull data out of various systems and load that data into a target system such as a data warehouse.
GSA, meanwhile, could potentially incorporate another cross-agency system into its IAE strategy. The U.S Postal Service is heading the multi-agency Federal Cloud Credential Exchange (FCCX) pilot, which will provide cloud-based identity management. SecureKey Technologies captured a contract last year to create the infrastructure for the pilot program.
“We are evaluating FCCX as a potential provider of identity for government and non-government identity,” Zawatsky said. “No specific decisions have been made with regards to the use of that capability.”
GSA plans to reinforce its current systems while the transition to the new environment continues. To that end, GSA has launched user acceptance testing. “The IAE team collaborates with both the federal and non-federal user base to improve the effectiveness of system releases,” Zawatsky said.
Federal users are largely coordinated through the interagency IAE Change Control Board, she said. IAE also reaches out to non-federal user communities for acceptance testing. Those groups include grant and loan awardees, large professional services and products companies as well as groups such as the Association of Procurement Technical Assistance Centers, which works with small companies and sole proprietors.