The Cybersecurity and Infrastructure Security Agency (“CISA”) recently released its new Proposed Rule pursuant to the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which was published in the Federal Register on April 4, 2024 and is open for public comment through June 3, 2024. The Proposed Rule will be published in Part 6 of the Code of Federal Regulations, in a new Section 226, as part of the Department of Homeland Security’s regulations on Domestic Security.Continue Reading CISA Cyber Incident Reporting for Critical Infrastructure Will Significantly Impact Government Contractors, Suppliers, and Service Providers

Class Deviation Prohibits DoD from Requiring Contractors to Disclose Emissions

Over the past two years, the FAR Council has been working to develop a rule that would amend the Federal Acquisition Regulation (“FAR”) to require contractors to inventory and report their greenhouse gas (“GHG”) emissions and climate-related financial risk in order to be eligible for Federal awards. (Prior posts are available here and here.)Continue Reading Updates on GHG Emissions Disclosure Requirements

On March 11, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Office of Management and Budget (“OMB”) released the highly-anticipated Secure Software Development Attestation Form (also known as the “Common Form”) and on March 18, 2024 CISA’s repository for the forms went live.Continue Reading CISA Opens Repository for Submission of Software Security Attestation Forms

GSA long has stated that the “MAS program is designed to mirror commercial buying practices.” (Don’t laugh – I’m serious! Slide 12 if you don’t believe me.) In the commercial marketplace, SaaS licenses are sold for set periods of time (typically annual terms) and paid for in advance. Historically, GSA refused to accept this commercial term, explicitly prohibiting customer agencies from paying in advance when acquiring SaaS through the MAS program. Software companies, rejoice, because GSA finally has seen the light!Continue Reading Paid in Full: GSA Approves Advance Payment for SaaS Licenses

In January 2022, we warned software companies selling indirectly against attempting to enforce the terms of their End User License Agreement (“EULA”) directly against the Federal Government based on the decision of the Civilian Board of Contract Appeals (“CBCA”) in Avue Technologies Corp. Earlier this month, the Federal Circuit gave software companies some hope by vacating the CBCA’s decision. Read on, though, before filing your claim.Continue Reading Finally Invited to the Party? Federal Circuit Opens the Door for Software Companies Selling Through Resellers to Bring a Contract Claim Against the Federal Government

In a previous article, we analyzed what made protests successful at the Government Accountability Office (“GAO”) in Fiscal Year 2023 (“FY23”). Now, we want to share some insights we gained while conducting the same analysis of bid protest decisions at the Court of Federal Claims (“COFC” or the “Court”).Continue Reading What Makes a Successful Protest at the Court of Federal Claims

Welcome back to the Cost Corner, where we provide practical insight into the complex cost and pricing requirements that apply to Government contractors. The current topic is Federal Acquisition Regulation (FAR) Cost Principles applicable to contracts with commercial organizations. The previous four Cost Corner articles addressed the Cost Principles pertaining to the general criteria for determining the allowability of costs, direct and indirect costs, accounting for unallowable costs, and penalties for unallowable costs. This article begins coverage of FAR 31.205, Selected Costs, which includes forty-seven Cost Principles, each of which governs the allowability of a particular type of cost. The Cost Corner will not address all of the Cost Principles in FAR 31.205 but instead will focus on those that have, in our experience, generated the most significant questioned and disallowed costs.Continue Reading The Cost Corner: Government Contracts Cost and Pricing – Compensation for Personal Services (Part I)

On January 26, 2024, the Federal Risk and Authorization Management Program (“FedRAMP”) published a draft Emerging Technology Prioritization Framework developed in response to President Biden’s Executive Order 14110 on Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (previously analyzed by our colleague here and discussed in a flash briefing available here). The Executive Order charged FedRAMP with developing a framework to prioritize Emerging Technologies in the FedRAMP authorization process, starting with generative AI.Continue Reading Emerging AI Landscape: FedRAMP Publishes Draft Emerging Technology Prioritization Framework in Response to Executive Order on Artificial Intelligence

In January 2024, the Government Accountability Office (“GAO”) published 31 bid protest decisions, two of which resulted in decisions sustaining the protesters’ challenges. There were also two requests for costs, one of which was denied, and one request for consideration, which was, unsurprisingly, denied. Below is a summary of the notable decisions from January and what potential protesters can learn from them. Continue Reading Bid Protest Hub – January 2024

In a landmark unanimous ruling late last week, Murray v. UBS Securities, LLC, et al. 601 U. S. ____ (2024), the U.S. Supreme Court held that whistleblowers do not need to prove their employer acted with “retaliatory intent” to be protected under the Sarbanes-Oxley Act. Instead, all whistleblower plaintiffs need to prove is that their protected activity was a “contributing factor” in the employer’s unfavorable personnel action. Continue Reading U.S. Supreme Court Endorses Low Burden of Proof for Whistleblowers