Photo of Daniel Alvarado

Daniel J. Alvarado is an associate in the Governmental Practice in the firm's Washington, D.C. office.

It’s been a hot summer so far but Federal Risk and Authorization Program (“FedRAMP”) is just starting to heat up. In June, FedRAMP (the Federal government’s program for security authorizations for cloud solutions) released the final Emerging Technology Prioritization Framework, which outlines the prioritization of certain artificial intelligence capabilities. In mid-July, FedRAMP announced its Agile Delivery pilot program, which is a new process for reviewing significant changes without the need for advanced approval. FedRAMP also announced a new technical documentation hub (automate.fedramp.gov) that focuses on provided support to cloud service providers in the development of digital authorization packages. Lastly, just as the heat wave in Washington, D.C. ended, FedRAMP published the final version of the FedRAMP OMB Memo (“OMB Memo”) on July 26, 2024. The OMB Memo revamps FedRAMP through changes to the authorization paths and continuous monitoring and incident response processes, as well as enhancements through automation. Below are key points to know about each FedRAMP update released this summer.Continue Reading Summer Heat Ramping Up: FedRAMP Releases Final OMB Memo and Announces Update on Roadmap Progress, Automation Site Launch, and the Agile Delivery Pilot Launch

On March 28, 2024, the Office of Management and Budget (“OMB”) issued Memorandum M-24-10, Advancing Governance, Innovation, and Risk Management for Agency Use of Artificial Intelligence (the “Memo”). This is the final version of a draft memorandum OMB released for public comment on November 1, 2023. The Memo primarily focuses on agency use of AI and outlines minimum practices for managing risks associated with the use of AI in the federal government. The Memo also provides recommendations for managing AI risks in federal procurement of AI that industry should keep in mind, specifically entities developing AI tools to sell to the federal government.Continue Reading Better Safe Than Sorry: OMB Releases Memorandum on Managing AI Risks in the Federal Government

In January 2022, we warned software companies selling indirectly against attempting to enforce the terms of their End User License Agreement (“EULA”) directly against the Federal Government based on the decision of the Civilian Board of Contract Appeals (“CBCA”) in Avue Technologies Corp. Earlier this month, the Federal Circuit gave software companies some hope by vacating the CBCA’s decision. Read on, though, before filing your claim.Continue Reading Finally Invited to the Party? Federal Circuit Opens the Door for Software Companies Selling Through Resellers to Bring a Contract Claim Against the Federal Government

In a previous article, we analyzed what made protests successful at the Government Accountability Office (“GAO”) in Fiscal Year 2023 (“FY23”). Now, we want to share some insights we gained while conducting the same analysis of bid protest decisions at the Court of Federal Claims (“COFC” or the “Court”).Continue Reading What Makes a Successful Protest at the Court of Federal Claims

On January 26, 2024, the Federal Risk and Authorization Management Program (“FedRAMP”) published a draft Emerging Technology Prioritization Framework developed in response to President Biden’s Executive Order 14110 on Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (previously analyzed by our colleague here and discussed in a flash briefing available here). The Executive Order charged FedRAMP with developing a framework to prioritize Emerging Technologies in the FedRAMP authorization process, starting with generative AI.Continue Reading Emerging AI Landscape: FedRAMP Publishes Draft Emerging Technology Prioritization Framework in Response to Executive Order on Artificial Intelligence

To kick off the New Year, Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2023 Recap (including links to all of the resources the team has put out over the past year) and 2024 Forecast (that previews what we expect to see in 2024). This Recap & Forecast covers the following five high-interest topic areas related to cybersecurity and data protection:Continue Reading Governmental Practice Cybersecurity and Data Protection, 2023 Recap & 2024 Forecast Alert

Since the beginning of Fiscal Year 2024, the Government Accountability Office has published 35 decisions, but only two of which resulted in decisions sustaining the challenge. As contracting activities are busy awarding new contracts, it is important to follow the trends related to successful and effective protests as you consider filing your own bid protest, or as you defend your award as an intervenor. Below we dive into recent bid protest decisions and identify what won, what did not win, and why.Continue Reading Bid Protest Hub – November 2023

Ever wonder what it takes to win a protest? 

With GAO’s statistics for Fiscal Year 2023 (“FY 23”) just released, we thought now is the perfect time to share some insights we gained by reading every published decision in which GAO sustained a protest during FY 23. GAO saw a rise in cases in Fiscal Year 2023 – up 22% from last year, or 2,025 cases, and it conducted hearings in 22 cases, compared to only two last year. GAO’s statistics from Fiscal Year 2022 showed a relatively steady sustain rate percentage hovering between 13% and 15% of the decisions on the merits. This year GAO reports a sustain rate of 31%, listing the number of sustained cases at 188, versus 59 last year. GAO explains the higher number of sustains is, at least in large part, due to “an unusually high number of protests challenging a single procurement,” namely the Department of Health and Human Services’ (“HHS”) Chief Information Officer-Solutions and Partners 4 (“CIO-SP4”) acquisition, in which GAO sustained 119 protests on primarily one ground. Taking this one procurement out of the mix, there are 69 remaining sustains, which would equate to a sustain rate of about 14% – much more in line with GAO’s historic rate over the prior 4 years of 13% to 15%.Continue Reading If Past is Prologue – What Made Protests Successful in Fiscal Year 2023?

On October 27, 2023, the Office of Management and Budget (“OMB”) released a draft memorandum for public comment regarding Modernizing the Federal Risk and Authorization Management Program (“FedRAMP”) (the “Draft Memo”). The Draft Memo comes almost one year after Congress passed the FedRAMP Authorization Act (the “Act”) as part of the Fiscal Year 2023 National Defense Authorization Act, which codified FedRAMP.Continue Reading Time for An Upgrade: OMB Releases Draft Memorandum Modernizing FedRAMP

Welcome back to the Cost Corner, where we provide practical insight into the complex cost and pricing requirements that apply to Government contractors. The March 2023 Cost Corner introduced the three principle categories of Government contracts cost and pricing requirements: (1) the Truthful Cost or Pricing Data Statute, also known as the Truth in Negotiations Act (TINA), which defines a contractor’s obligation to disclose cost or pricing data to the Government; (2) the Federal Acquisition Regulation (FAR) Cost Principles, which prescribe principles and procedures for determining the allowability of costs; and (3) the Cost Accounting Standards (CAS), which provide standards to ensure uniformity and consistency in the measurement, assignment, and allocation of costs. The September 2023 Cost Corner concluded a three-part series on TINA. We now move on to the FAR Cost Principles, specifically FAR Subpart 31.2, which applies to contracts with commercial organizations. This article addresses the applicability of the FAR Cost Principles and their general criteria for determining the allowability of costs. Subsequent articles will address the allowability of selected items of cost.Continue Reading Government Contracts Cost and Pricing: Introduction to the Federal Acquisition Regulation Cost Principles (Part 1)

While you were asking ChatGPT to create a 3-course menu for the upcoming book club you’re hosting or to explain the Rule Against Perpetuities, several federal government agencies announced initiatives related to the use of artificial intelligence (AI) and automated systems, focusing on the potential threats stemming from the misuse of this powerful technology. As the development and use of AI becomes integrated into our daily lives and employee work routines, and companies begin to leverage such technology in their solutions provided to the government, it is important to understand the developing federal government compliance infrastructure and the potential risks stemming from the misuse of AI and automated systems.Continue Reading ChatUSG: What Companies Doing Business with the Government Need to Know About Artificial Intelligence