Knight Point Systems, LLC

Decision

Matter of:  Knight Point Systems, LLC

File:  B-414183.3; B-414183.5

Date:  May 31, 2017

DIGEST

Protest challenging agency’s technical evaluation is sustained where the agency failed to evaluate whether the services proposed by the protester fell within the scope of its General Services Administration Federal Supply Schedule contract.

Knight Point Systems, LLC, of Reston, Virginia, protests the issuance of blanket purchase agreements (BPAs) to three vendors[1] under request for quotations (RFQ) No. HSHQDC-16-Q-00195 issued by the Department of Homeland Security (DHS) for agency-wide enterprise computing services and cloud computing services.  Knight Point challenges the agency’s evaluation of its technical quotation.

We sustain the protest.

BACKGROUND

On June 24, 2016, DHS issued the RFQ, which was limited to vendors holding General Services Administration’s (GSA) Federal Supply Schedule Contract 70, General Purpose Commercial Information Technology, Equipment, Software and Services.  Memorandum of Law (MOL) at 1‑2; RFQ at 3.  The Special Identification Numbers (SINs) applicable to this acquisition were SIN 132-52, Electronic Commerce and Subscription Services, and SIN 132-40, Cloud Computing Services.  RFQ at 3.  The purpose of the acquisition was to provide DHS components with the ability to acquire commercial, commodity-based Infrastructure-as-a-Service (IaaS) cloud services[2] and to access these “cloud services, either directly from Cloud Service Providers (CSP) or through their Resellers.”[3]  RFQ at 6.  

The solicitation contemplated the award of three to five BPAs and envisioned that task orders issued under the BPAs would be fixed-price, time and material, or a combination of the two.  RFQ at 13, 64.  Each BPA would have a 5-year term comprised of five 12‑month ordering periods.  RFQ at 34-35.  The solicitation provided that the maximum value of all task orders to be issued under the BPAs would be $1.6 billion.  RFQ at 13.

The solicitation provided for award on a best-value basis, considering price and the following four non-price evaluation factors, in descending order of importance:  (1) breadth of IaaS cloud services solutions offered; (2) cloud service solutions experience; (3) customer service approach; and (4) past performance.  RFQ at 64‑65.  The non-price factors, when combined, were significantly more important than price.  RFQ at 65.  As the non-price ratings become more equal, however, the solicitation stated that price would become more important in the award determination.  Id.  In the event that the agency found two or more quotations to be technically equal, the agency reserved the right to award a BPA to the vendor that provided the greatest discount from its GSA schedule pricing.  Id.

Relevant to the protest, under technical factor 1 (breadth of IaaS cloud services solutions offered), vendors were instructed to list the IaaS cloud systems being offered.  RFQ at 49, 51.  The solicitation provided that all IaaS services offered “must be authorized by Federal Risk Authorization and Management Program (FedRAMP), as demonstrated by FedRAMP Provisional Authorization to Operate (PATO) or Agency Authorization to Operate (ATO).”[4]  RFQ at 6.  See also RFQ at 8, 49 (requiring listed cloud systems to be FedRAMP authorized).

Also relevant here, the solicitation permitted vendors to structure their quotations as either a GSA Multiple Award Schedules (MAS) Contractor Teaming Arrangement or as a GSA Prime Contractor/Subcontractor arrangement.  RFQ at 54.  If a vendor opted for the latter arrangement, which Knight Point did, the solicitation provided as follows:

If a GSA Prime Contractor / Subcontractor Arrangement(s) is proposed, only the Prime Contractor must have a GSA Schedule 70 IT contract.  GSA authorized subcontractors may fulfill requirements under the Prime Contractor’s GSA Contract number and pricing table.  The Prime may not delegate responsibility for performance to subcontractors.  The Prime cannot contract to offer services for which it does not hold a Schedule contract.

Id. (emphasis added).  The proper interpretation and application of the final sentence in this provision is the crux of this protest. 

DHS received 18 quotations in response to the solicitation.  Contracting Officer’s Statement (COS) at 2.  On November 30, DHS announced BPA awards to Knight Point and three other vendors, Four Points, Govplace, and InfoReliance.  Id. at 3.  The results of the technical evaluation of these four vendors’ quotations were as follows:

Agency Report (AR), Tab 12, Initial Award Decision, at 4.  Following protests of these awards before our Office, DHS announced that it would take corrective action by conducting a new evaluation and making a new source selection determination.  Id.

On February 13, 2017, DHS announced awards to three vendors:  Four Points, Govplace, and InfoReliance.  COS at 3.  Knight Point did not receive a BPA award in the reevaluation.  The results of the reevaluation of the vendors’ technical quotations were as follows:

AR, Tab 16, Final Award Decision, at 4.  The downgrading of Knight Point’s technical quotation was due to the agency’s conclusion that the majority of the services Knight Point offered were not on its GSA schedule contract.  AR, Tab 13, Final Technical Evaluation Report, at 14. 

As permitted by the solicitation, Knight Point indicated that its solution was structured as a GSA Prime/Subcontractor arrangement.  AR, Tab 7b, Knight Point Business and Price Quote, Vol. II, Tab B, at 1.  Additionally, in its technical quotation, under factor 1 (breadth of IaaS cloud services solutions offered), Knight Point offered [DELETED] FedRAMP authorized IaaS cloud service solutions.  AR, Tab 7a, Knight Point Technical Quote, Vol. I, Tab B & Table A.  One of the offerings, Cloudseed, is a cloud system owned by Knight Point.  Id., Table A, at 1.  The remaining [DELETED] offerings are cloud systems offered by Knight Point’s subcontractors.  Id. at 2-17.

In its initial evaluation, DHS gave Knight Point credit for all [DELETED] IaaS cloud service solutions, and rated its quotation exceptional under factor 1 (breadth of IaaS cloud services solutions offered).  AR, Tab 9, Initial Technical Evaluation Report, at 14.  In the reevaluation, the agency’s evaluators gave Knight Point credit for only one cloud system‑‑the cloud system owned by Knight Point.[5]  AR, Tab 13, Final Technical Evaluation Report, at 14.  With respect to the other [DELETED] cloud systems offered by Knight Point, the evaluators concluded as follows:

Although the quote identified [DELETED] [cloud service providers], [DELETED] of the [DELETED] [cloud service providers] were available through subcontracting.  In accordance with the instructions in the solicitation, no credit for these [DELETED] [cloud service providers] was given . . . as they were not on the quoter[’s] GSA schedule contract[.]”

Id.  On February 13, the agency notified Knight Point that it was not selected for award.  This protest followed.

DISCUSSION

Knight Point challenges DHS’s technical evaluation.  Specifically, Knight Point challenges DHS’ conclusion that the [DELETED] cloud systems offered by Knight Point had to be listed by brand name on its GSA schedule contract.  Comments at 1.  Knight Point contends that such a requirement is not set forth in the solicitation, nor is it consistent with prior decisions of our Office.  Id. at 14-21.  We sustain Knight Point’s protest for the reasons discussed below.  We deny the remainder of Knight Point’s allegations.[6]

The evaluation of quotations is a matter within the discretion of the procuring agency.  Innovative Mgmt. & Tech. Approaches, Inc., B-413084, B‑413084.2, Aug. 10, 2016, 2016 CPD ¶ 217 at 4.  Our Office does not independently evaluate quotations; rather we review the agency’s evaluation to ensure that it is consistent with the terms of the solicitation and applicable statutes and regulations.  Id.  A vendor’s disagreement with the agency’s judgment, by itself, is not sufficient to establish that the agency acted unreasonably.  Id.

When a concern arises that a vendor is offering services outside the scope of its schedule contract, the relevant inquiry is whether the services offered are actually included on the vendor’s contract, as reasonably interpreted.  KPMG et al., supra, at 7.  In this regard, our Office will consider whether the function being sought under a particular solicitation is the same as the function covered under a vendor’s schedule contract.  Id.  Here, as we explain below, we sustain the protest because the record demonstrates that DHS did not reasonably consider whether the cloud services offered by Knight Point through its subcontractors were within the scope of Knight Point’s GSA schedule contract.  Rather, the agency considered only whether the cloud systems offered by Knight Point were listed by brand name on Knight Point’s GSA schedule contract, which was not a requirement of the solicitation.

It is undisputed that Knight Point’s GSA schedule contract does not list, by brand name, the [DELETED] cloud systems offered by Knight Point’s subcontractors.  See AR, Tab 7c, Knight Point GSA Pricing Schedule, Vol. III, Tab B, 49-54.  See also Protest at 2 (Knight Point’s “GSA schedule contract does not define its cloud service on a brand-name basis[.]”).  Although Knight Point recognizes that some schedule holders offer the services of FedRAMP authorized cloud service providers by brand name, Knight Point does not structure its approach in this manner.  Comments at 15 n.3.  Rather, as Knight Point explained in its quotation, it adopts a “[DELETED]” approach, which allows “[DELETED].”  AR, Tab 7b, Knight Point Business and Price Quote, Vol. II, Tab C, at 1.  In other words, Knight Point’s schedule contract includes [DELETED].  AR, Tab 7a, Knight Point Technical Quote, Vol. I, Sec. 2.3, at 2. 

Knight Point further explains its GSA schedule contract as follows: “[DELETED][.]”  Protest at 15.  As a result, “[DELETED].”  AR, Tab 7c, Knight Point GSA Pricing Schedule, Vol. III, Tab B, at 49.  In this regard, “[DELETED].”  Protest at 16.  Knight Point asserts that this flexible approach enables it to include all [DELETED] FedRAMP authorized cloud systems provided by its subcontractors while obviating the need to make constant updates to its GSA schedule contract.[7]  AR, Tab 7a, Knight Point Technical Quote, Vol. I, Sec. 2.3, at 2; Protest at 1.  

With respect to the subject acquisition, Knight Point contends that the services and functions offered by its proposed subcontractors fall within the item numbers and categories on its schedule contract.  Comments at 15.  As noted above, the solicitation sought commercial, commodity-based IaaS cloud computing services.  RFQ at 6; MOL at 3-4.  Knight Point points out that its schedule contract lists generic product names and descriptions of cloud computer services that include the services the agency solicits here, such as:  bandwidth to customer; data transfer; public IP; LAN to LAN IPSEC Tunnel; Gb storage; a la carte CPU and a la carte RAM; bundled compute resources; installation services, etc.  Comments at 15.  For this reason, Knight Point represents that the services and functions it offers in this acquisition are the same as those included on its schedule contract.  Id. at 15-16.

In response, the agency does not dispute that the relevant inquiry is whether the services offered--as opposed to the brand names--are included on the vendor’s contract.  Supp. MOL at 7 (“It is not a question of brand name, but more critically a review of the types of services that Knight Point is permitted to offer on their GSA Schedule contract.”); id. at 6 (“The specific inquiry by the Agency in this protest is not the brand name, but as provided in KMPG, a review of the GSA Schedule contract to determine if ‘the services offered are actually included on the vendor’s contract, as reasonably interpreted.’”) (citing KPMG et al., supra, at 7).  The agency then contends, without further explanation, that its technical evaluation was reasonable because “Knight Point’s proposed subcontractor cloud services that are not offered on their schedule contract.”  Supp. MOL at 6 (citing COS at 12). 

Despite the agency’s contention, the record reflects that DHS failed to determine, or failed to document its determination of, whether the proposed subcontractors’ cloud services are within the scope of Knight Point’s schedule contract.  Rather, the agency’s evaluators merely examined whether the [DELETED] cloud systems offered by Knight Point and its subcontractors were listed by brand name on Knight Point’s schedule contract, and, finding that they were not, the evaluators declined to credit Knight Point for [DELETED] of its [DELETED] FedRAMP authorized IaaS cloud systems.[8]  AR, Tab 13, Final Technical Evaluation Report, at 14 (concluding that “no credit for these [DELETED] [cloud service providers] was given under the factor for [cloud service providers], as they were not on the quoter[’s] GSA schedule contract[.]”).

To the extent that the agency is contending that “services” in the context of cloud computing services should be defined not as services, but rather as discrete brand name cloud systems, we note that the agency does not explicitly make this argument.  Nor does the agency provide any authority for viewing cloud computing services in this manner.  Moreover, we could not identify any support for defining cloud computing services in this manner in the solicitation.[9]  Importantly, GSA also does not make this argument, despite providing input on three occasions regarding this matter.[10]  See AR, Tab 17, Email from GSA Sr. Contracting Officer, Dec. 16, 2016; Tab 23, Email from GSA Sr. Contracting Officer, Mar. 23, 2017; Tab 24, GSA Comments, May 11, 2017.[11]

We sustain the protest because the agency has failed to identify any requirement--either within the solicitation or otherwise--that would restrict a vendor’s use of IaaS cloud systems to those systems that were listed by brand name on the vendor’s GSA schedule contract.  Instead, the agency simply assumes, without support, that in order for a GSA schedule holder to offer services through a subcontractor, it must include the brand name of the subcontractor’s services on its schedule contract.  We have previously explained, however, that the relevant inquiry is whether the services offered are actually included on the vendor’s contract, as reasonably interpreted.  KPMG et al., supra, at 7. The record here does not demonstrate that the DHS evaluators undertook this analysis. 

Competitive Prejudice

Prejudice is an essential element of a viable protest.  MicroTechnologies, LLC, B‑413091, B‑413091.2, Aug. 11, 2016, 2016 CPD ¶ 219 at 15.  Here, the agency has not undertaken the required analysis to determine whether the services proposed by Knight Point are within the scope of its GSA schedule contract.  We note, however, that the agency initially issued a BPA to Knight Point based upon its [DELETED] IaaS cloud system offerings.  Accordingly, were the agency to conclude that the services offered by Knight Point fall within the scope of Knight Point’s schedule contract, there is a substantial chance that Knight Point may receive an award of a BPA.  In any event, we resolve doubts regarding competitive prejudice in favor of the protest; where, as here, the protester has shown a reasonable possibility that it was prejudiced by the agency’s action, we will sustain its protest.  SRA Int’l, Inc., B‑410973, B‑410973.2, Apr. 8, 2015, 2015 CPD ¶ 32 at 8.

RECOMMENDATION

For the reasons discussed above, we conclude that DHS’s technical evaluation of Knight Point’s quotation was unreasonable.  We further conclude that Knight Point was prejudiced by this evaluation.  We recommend that DHS conduct and document a new technical evaluation and prepare a new source selection decision.  We also recommend that the agency reimburse the protester’s reasonable costs associated with filing and pursuing its protest, including attorneys’ fees.  Bid Protest Regulations, 4 C.F.R. § 21.8(d).  The protester’s certified claims for costs, detailing the time expended and costs incurred, must be submitted to the agency within 60 days after the receipt of this decision.  4 C.F.R. § 21.8(f).

The protest is sustained.

Susan A. Poling
General Counsel