GSA Ascend (Pool 1): What does it take to win?
What is GSA Ascend?
The GSA Ascend contract will be a collection of three Blanket Purchase Agreements (BPAs), procured on the GSA Multiple Award Schedule (MAS). This collection of BPAs will establish a compliant, secure, efficiently and effectively managed cloud services and cloud-related IT professional services contract vehicle. The contract will be broken into three separate pools:
- Pool 1 (10 awards) – Infrastructure as a Service, Platform as a Service (IaaS, PaaS)
- Pool 2 (number of awards TBD)– Software as a Service (SaaS)
- Pool 3 (number of awards TBD) – Cloud-Related IT Professional Services
When you see terms like IaaS, PaaS, and SaaS, you may assume that companies like AWS, Microsoft Azure, and Salesforce are pursuing GSA Ascend – this is not the case here. Those companies sell through IT Value-Added-Resellers (IT VARs) on contracts like CIO-CS and NASA SEWP and through other large integrators. GSA is looking for cloud-related IT professional services companies to pursue GSA Ascend.
Pool 1 will be the first competition and is anticipated to be released in final RFP format sometime between January and March of 2025. Each pool will have separate RFPs, requirements, and awards.
In this article, we will break down the GSA Ascend proposal response requirements and share what we think it will take to win one of the seats on GSA Ascend.
Proposal Response & Requirements
The Period of Performance for awarded BPAs will be a 3-year base, one 3-year option, and two 1-year options for a total of 8 years.
The response is divided into the following volumes:
- Volume I – Compliance Volume
- Volume II – Technical Volume
- Volume III – Past Performance
- Volume IV – Pricing Submission
Volume I – Compliance
Offerors will need to provide four items in this volume, which will be evaluated on a pass/fail basis. Failure to meet any of these requirements may result in your bid no longer being evaluated. They are as follows:
- Authorization Level – The bidder must show that they meet the FedRAMP/DCAS Authorization Level identified in the PWS for each sub-pool for which an award is being sought. Per the information provided during industry day, this will be done by self-attestation.
- MAS Award 518210C – Schedule Holder – The bidder must provide their existing GSA MAS Cloud SIN contract number associated with the services being provided.
- MAS Award 518210C – Remaining Period of Performance – The bidder must show that the period of performance on their Cloud SIN is longer than the anticipated period of performance of GSA Ascend. This means that your GSA Cloud SIN 518210C end date should be no earlier than calendar year 2034.
- MAS Award 518210C Catalog – GSA is evaluating each bidder’s 518210C Catalog on a pass/fail basis to ensure that a) the BPA catalog is compliant with PWS requirements; b) BPA catalog line items have a corresponding match on the MAS catalog; and c) BPA catalog items are restricted to their FedRAMP/DCAS authorization boundary.
Bidders for GSA Ascend must hold Special Item Number (SIN) 518210C on their GSA MAS. This is the Cloud Computing and Cloud Related IT Professional Services SIN. If your company does not have SIN 518210C, you will not be able to bid on any of the GSA Ascend Pool solicitations. This SIN can be applied and awarded at any time in the year, although it normally takes at least three months to get awarded – so if you don’t have this SIN you need to make that your first priority to pursue.
Find out more information on SIN 518210C.
Volume II – Technical
Volume II will consist of a 100-page Technical Quote. Your Volume II response must support an effective evaluation to substantiate the validity of any stated claims to meet the PWS requirements. In other words, bidders will need to prove that their offer meets or exceeds all PWS requirements.
The evaluation states that the government will assess the contractor’s quote against the acquisition, business, data, cybersecurity, environment and sustainability, operation, and technical requirements documented in the PWS that are relevant for the pool being offered and associated sub-pools. This volume must include all baseline requirements, environmental standards, and every requirement in the PWS.
Volume III – Past Performance
Offerors are required to provide recent examples of work that are similar to the work in the PWS. These examples are limited to 5-page writeups. “Recent” is defined in the Draft RFP as CPARs received in the last five years. Examples of IDIQs and BPAs cannot be submitted for this factor. The Government will not consider the contract examples of subcontractors, CTA members, or affiliated offices of the offeror.
In addition to the write-ups, bidders are required to provide copies of the three most recent CPARs for each example contract with their bid.
Volume IV – Pricing Submission
Attachment 4: Ascend BPA Pricing Template must be submitted for this volume.
Additionally, there is a scenario for IaaS/PaaS services which must be priced. With this section a narrative response must be provided to show how the offeror will meet the requirements of the scenario. All prices provided in the template should be based on prices contained in the price quote/catalog provided in Volume 1 and must be at or lower than the prices provided.
Red Team’s Assessment and What to Do Now
GSA Ascend is a new requirement. The Cloud SIN currently generates $850M annually in revenue annually but does not require the level of technical compliance that these Draft RFPs currently require. The demand at the customer level for this level of strict compliance has not previously been seen. If there is a mandate for DoD, Intelligence, and other agencies to meet the levels of compliance outlined, this could be a very lucrative contract.
Based on information provided during the Pool 1 industry day, the draft RFPs will change slightly. Cybersecurity reporting is no longer required at the contract level and self-attestation will be employed for FedRAMP compliance. Some requirements will move to the Task Order level such as clearances and credentials, but we will need to see a final RFP to determine exactly what those are.
As potential offerors will note in the draft RFP, the PWS areas are extensive with many detailed requirements. While the final RFP will ultimately dictate the level of detail to be covered in the 100-page technical response, offerors can be assured that some requirements will be emphasized including, but not limited to, the following:
- Cybersecurity is one of the most important objectives of the Ascend BPA and is based on meeting the comprehensive cybersecurity and compliance requirements cited in the PWS.
- Disclosures, guarantees, and warranties are important to note. Offerors must demonstrate that they have practices for protecting the marketplace and to identify, authenticate, and authorize the marketplace vendors.
- For supply chain risk management, offerors need to ensure the authenticity and security of hardware and software used to provide cloud services.
- The PWS includes detailed environmental and sustainability requirements. Offerors will need to describe how they will reduce and mitigate negative environmental impacts produced by data centers. This includes using an e-Stewards or R2 Certified Electronic Recycler to remove e-waste and Carbon Pollution-Free Electricity for energy efficiency.
If you believe that your firm can be successful on GSA Ascend post award or have clients that are looking for this level of security and compliance, then you should strongly consider working toward winning a seat on the BPA. That starts with mapping your qualifications against the requirements, assessing your gaps, and filling those gaps. You need to make sure that you have a solid approach to each requirement as well as experience for all areas of the PWS. If you can get past all of that, then it’s time to start preparing for the technical competition.
Written by Joe Salgado. Connect with Joe on LinkedIn!
This information is based on the most recent Draft RFP which was released by GSA on October 1, 2024.