Performance Systems, LLC; Integrity Management Consulting, Inc.

Decision

Matter of:  Performance Systems, LLC; Integrity Management Consulting, Inc.

File:  B-416374; B-416374.2; B-416374.5; B-416374.6; B-416374.7

Date:  August 13, 2018

DIGEST

1.  Protests that agency misevaluated protester’s quotations as unacceptable are denied where the record shows that the evaluation reasonably found each protester’s key personnel did not demonstrate that their experience met solicitation requirements. 

2.  Protest that evaluation reflected unequal treatment is denied where the evaluation of successful vendor’s personnel as acceptable was supported by relevant differences between the successful vendor’s quotation and the protester’s. 

3.  Protest that successful vendor was ineligible for award because its online registration record did not list the applicable North American Industry Classification System (NAICS) code is denied where record demonstrated that the requirement was unimportant, and the vendor’s omission was properly waived. 

Performance Systems, LLC, of Fredericksburg Virginia, a small business, and Integrity Management Consulting, Inc., of Tysons, Virginia, also a small business, protest the issuance of a Federal Supply Schedule (FSS) order to Dependable Global Solutions, Inc., of Falls Church, Virginia, also a small business, under request for quotations (RFQ) No. HS002118Q0008, issued by the Department of Defense (DOD), Defense Security Service (DSS), for commercial services to provide insider threat, unauthorized disclosure, and enterprise program management office analysts for the Defense Insider Threat Management and Analysis Center, in Crystal City, Virginia.  The protesters argue that their quotations were unreasonably rejected as unacceptable. 

We deny the protests. 

BACKGROUND

The RFQ, issued on February 8, 2018, sought quotations from small business vendors under either the General Services Administration’s 00Corp Professional Services Schedule or the Schedule 70 FSS contracts to provide full-time staff for nine positions for a base period and up to 4 option years.  RFQ at 11.  With respect to small business eligibility, paragraph L.1.1 of the RFQ identified North American Industry Classification System (NAICS) code 541611 and a size standard of up to $15 million, and then stated as follows:

By submission of a quote, the Contractor acknowledges they shall be registered in the System for Award Management (SAM) database (https://www.sam.gov) for the applicable NAICS code in L.1.1., prior to award in accordance with FAR provision 52.204-7. 

Id. at 67. 

The RFQ required vendors to provide personnel for nine key positions:  four senior insider threat analysts, three unauthorized disclosure analysts, a senior enterprise program management office (EPMO) analyst, and an EPMO program analyst.  The RFQ described the evaluation of those key personnel as follows:

Resumes, qualifications, and availability to begin work on the date of award will be evaluated.  Determination will be made on whether the key personnel satisfy the requirements contained within the Performance Work Statement 1.6.11 of the RFQ.  Are Letters of Commitment provided for any key personnel that are not currently employed by the Contractor? 

Id. at 69. 

The RFQ also listed minimum requirements for each position in a section labeled as a performance work statement (PWS).  For the senior insider threat analysts, the PWS described the position generally, followed by 10 requirements--the relevant portions of which were as follows:

Senior Insider Threat Analysts: These individuals must possess a significant amount of analytic experience at the senior level, with demonstrated experience conducting analysis of a non-technical nature in support of the Insider Threat mission:

• Must have an active DoD Top Secret clearance with Sensitive Compartmentalized Information [SCI] eligibility at the time of proposal submission.
• Bachelor’s degree is required, Master’s degree is preferable.
• Minimum of 8 years of experience conducting analysis in a mission space supporting Insider Threat at the tactical and/or strategic levels.
• Minimum of 8 years of Subject Matter Expert [SME] experience in the areas of Personnel Security or Counterintelligence supporting the Insider Threat mission. Knowledge and demonstrated use of research and analytical techniques as applied to difficult and complex assignments in security, law enforcement, and counterintelligence analysis[.]

*  *  *  *  *

• A demonstrated understanding of the DoD population.
• Experience providing support and expertise to a Government or Contractor Insider Threat program is required.

*  *  *  *  *

RFQ at 14. 

The RFQ similarly described the senior unauthorized disclosure analyst position and listed 14 requirements, the relevant portions of which were as follows:

Senior Unauthorized Disclosure Analysts:  These individuals must possess a significant amount of experience in the unauthorized disclosure discipline, with demonstrated experience applying security discipline to unauthorized disclosure issues:

• Must have an active DoD Top Secret clearance with Sensitive Compartmentalized Information eligibility at the time of proposal submission.
• The position requires a minimum of 5 years of security policies and procedures experience used in the information security discipline for DoD, the Defense Intelligence Enterprise, or at the national level.
• Knowledge of the Department’s supporting security functions to include insider threat, operations security, technology protection,
• habeas, declassification, SCI and SAP [system applications products] security policies. . . . 

Id. at 14-15.

The RFQ indicated that an acceptable rating would apply if the proposed key personnel “clearly meet the minimum requirements” and an unacceptable rating would apply if they “clearly do not meet the minimum requirements.”  Id. at 69 (Table 1).  To be eligible for award, a quotation had to be evaluated as acceptable under all non-price factors; so an unacceptable rating under any non-price factor would result in an overall rating of unacceptable.  Id. at 69.  The order would be issued to the vendor that submitted the lowest-priced technically acceptable FSS quotation.  Id.

After evaluating the quotations, DSS determined that 10 of the 11 quotations were unacceptable.  Nine of the 10 were rejected in identical language:

Unacceptable:  In summation, the technical evaluation found the proposal to be unacceptable.  Multiple key personnel nominated in two of the three areas, specifically Unauthorized Disclosure Analysts and Senior Insider Threat Analysts were found to be unacceptable for the reasons listed on the technical evaluation sheet. 

Agency Report (AR) Tab 22, Pricing Memorandum, at 2-3.[1]

With respect to Dependable’s quotation, DSS requested and received a pricing clarification “due to rounding issues.”  Id. at 2.  DSS evaluated Dependable’s past performance as acceptable, determined that its price, as clarified, was fair and reasonable, and issued the order to the firm.  Id. at 4; Contracting Officer’s Statement at 1-2.  Performance and Integrity each filed a protest, which they both supplemented after receiving a brief explanation of the source selection.  Integrity supplemented its protest a second time after its counsel reviewed the documentary record submitted with the agency report, pursuant to a protective order issued by our Office. 

PROTEST

Performance and Integrity both challenge the evaluation of their respective quotations as unacceptable, and argue that the rejection of their personnel was the result of unreasonable application of the PWS requirements to the resumes in their quotations.  Performance Protest at 7-8; Performance Supp. Protest at 5-11; Integrity Protest at 11; Integrity Supp. Protest at 8-12.  Integrity also argues that Dependable benefitted from unequal treatment in the evaluation, and was ineligible for award because it failed to include NAICS code 541611 in its SAM registration as required by the RFQ.  Integrity Protest at 11; Integrity Comments at 10.  We address the protesters’ challenges to the evaluation of their respective quotations, and Integrity’s allegation that Dependable benefitted from unequal treatment.  As explained below, we conclude that the agency reasonably found Performance’s and Integrity’s quotations unacceptable, that the evaluation record does not reflect unequal treatment, and that the omission of the applicable NAICS code from Dependable’s SAM record did not render the firm ineligible for award.  As a result, we deny the protests. 

Evaluation of Performance’s Key Personnel

Performance argues that two of its senior insider threat analysts, and all three of its senior unauthorized disclosure analysts were unreasonably evaluated as unacceptable.  Performance Supp. Protest at 5-10. 

The DSS concluded that Performance’s quotation had not shown that one senior insider threat analyst possessed an active top secret clearance with sensitive compartmentalized information eligibility and that the same individual failed to demonstrate an understanding of the DOD population.  AR Tab 15, Technical Evaluation of Performance, at 1-2.  Performance’s second senior insider threat analyst was evaluated as unacceptable under the requirement to show experience supporting a government or contractor insider threat program.  Id. at 2. 

Performance argues that the first senior insider threat analyst should have been evaluated as acceptable because the individual’s résumé stated “Top Secret, SCI eligible” under the heading of “CLEARANCE,” AR Tab 11, Performance Quotation, at 12, and went on to identify the individual’s work on a counterintelligence task force that included DOD counterintelligence personnel, in addition to the individual’s work for two contractors in support of DOD contracts.  Supp. Protest at 6.  For the second senior insider threat analyst, Performance argues that the individual’s résumé included over 20 years of experience at the Federal Bureau of Investigation (FBI) in overseeing training programs for the counterintelligence division, in supervising counterintelligence investigation teams, and in overseeing leading counterintelligence investigations.  AR Tab 11, Performance Quotation, at 16-17.  Performance argues that the “insider threat” terminology used by DSS is current terminology for what was previously known as counterintelligence, and that it was unreasonable for DSS to conclude that the individual completely lacked experience supporting a government insider threat program.  Supp. Protest at 6. 

DSS responds that Performance’s description of the first individual’s clearance status as “Top Secret, SCI eligible” reasonably led the evaluator to conclude that the individual’s “eligibility was no longer active or within scope,” and that the individual’s résumé never mentioned that his experience had any relationship to DOD.  AR at 15-16; Supp. AR Tab 25, Declaration of Evaluator of Insider Threat Analyst Candidates, at 7-8.  With respect to the second senior insider threat analyst, DSS argues that the individual’s role did not include teaching the subject matter of insider threat, but only that the individual worked at the training center, “conducted training for FBI, CIA [Central Intelligence Agency], and other intelligence matters,” yet never used the specific term “insider threat.”  AR at 16; Supp. AR Tab 25, Declaration of Evaluator of Insider Threat Analyst Candidates, at 8.  Additionally, the evaluator acknowledges that even though the individual had significant counterintelligence experience, the résumé did not provide a nexus from that experience to the insider threat “mission space.”  Id.  DSS argues that Performance did not submit a well-written quotation in these respects, and that the evaluation reasonably concluded that Performance’s candidates did not clearly meet the RFQ requirements, and thus their résumés were deemed unacceptable. 

The evaluation of quotations in a task order competition, including the determination of the relative merits of each, is primarily a matter within the contracting agency’s discretion, because the agency is responsible for defining its needs and the best method of accommodating them.  Engility Corp., Feb. 14, 2017, B-413120.3 et al., 2017 CPD ¶ 70 at 15.  Accordingly, our Office will review evaluation challenges in task order procurements to ensure that the competition was conducted in accordance with the solicitation and applicable procurement laws and regulations.  However, a protester’s disagreement with the agency’s judgment, without more, is not sufficient to establish that an agency acted unreasonably.  Id. at 15-16.

It is an offeror’s responsibility to submit a well-written proposal (or quotation, as here), with adequately detailed information which clearly demonstrates compliance with the solicitation requirements and allows a meaningful review by the procuring agency.  Id. at 16.  The agency is not required to infer information from an inadequately-detailed proposal, or to supply information that the protester elected not to provide.  Id.

The record here adequately supports the agency’s evaluation judgment that two senior insider threat analyst candidates submitted by Performance failed to show that they met the RFQ requirements for that position.  Our review of the record shows that the agency reasonably concluded that the first individual’s résumé did not state clearly that the individual possessed an active top secret security clearance, but rather it left ambiguous whether the individual was merely claiming to be eligible both to obtain a top secret clearance and to be granted SCI access.  The agency also had a reasonable basis for concluding that the same individual had not shown an understanding of the DOD population because, as DSS notes, the résumé did not specifically identify the individual as having interaction with or understanding of DOD personnel.  Regarding the second senior insider threat analyst, DSS has similarly provided a reasonable basis for concluding that the individual’s experience did not include supporting a government or contractor insider threat program, particularly because the quotation never relates that specific requirement to the individual’s lengthy experience in counterintelligence. 

Performance argues that DSS’s explanations for its evaluation judgments are not documented in the contemporaneous record, and that the evaluator’s declaration explaining the evaluation should therefore be viewed skeptically by our Office.  However, the contemporaneous record does identify which criteria were not met by each individual, and the resulting judgment that the candidate was unacceptable.  Our Office will generally consider an agency’s post-protest explanations where they provide a more detailed rationale for contemporaneous conclusions and fill in previously unrecorded details, so long as the explanations are credible and consistent with the contemporaneous record.  ASRC Research & Tech. Sols., LLC, B-406164, B-406164.3, Feb. 14, 2012, 2012 CPD ¶ 72 at 4.  Here, the evaluator’s declaration provides a more detailed explanation for that evaluator’s judgments that Performance’s resumes failed to meet the specific criteria that were already identified in the contemporaneous evaluation record.  The declaration therefore provides a proper basis for our Office to assess the reasonableness of the evaluation. 

Accordingly, we deny Performance’s challenges to the evaluation of its two senior insider threat analyst candidates as unacceptable.  Although, as noted above, Performance also challenges the evaluation of three of its unauthorized disclosure analysts as unacceptable, we do not address those challenges on the merits because Performance cannot show that any errors in those evaluations would result in prejudice.  Our Office will not sustain a protest unless the protester demonstrates a reasonable possibility that it was prejudiced by the agency’s actions, that is, unless the protester demonstrates that, but for the agency’s actions, it would have had a substantial chance of receiving the award.  Interfor US, Inc., B-410622, Dec. 30, 2014, 2015 CPD ¶ 19 at 7; C.L.R. Dev. Group, B-409398, Apr. 11, 2014, 2014 CPD ¶ 141 at 7.  Thus, even if Performance can demonstrate that the evaluation of its unauthorized disclosure analysts was unreasonable, its quotation would remain unacceptable due to the reasonable evaluation of its two senior insider threat analysts as unacceptable. 

Performance nevertheless argues that the evaluation criticized only a few of the requirements applicable to a subset of its key personnel, that its quotation did not “clearly” fail to meet the RFQ minimum requirements, and thus should have been rated as acceptable notwithstanding the evaluation of its key personnel as not meeting the minimum criteria in the RFQ.  Performance Supp. Comments at 4.  We disagree.  The RFQ, as a whole, required each key person to meet all of the minimum requirements for their respective position.  RFQ at 69.  Consequently, DSS properly considered a failure of any one key person under any requirement to merit a rating of unacceptable under the key personnel factor, and adequately justified its judgment that Performance’s quotation was unacceptable. 

Evaluation of Integrity’s Key Personnel

Integrity argues that one of its senior insider threat analysts, one of its unauthorized disclosure analysts, and its senior EPMO program analyst were unreasonably evaluated as unacceptable.  Integrity Supp. Protest at 7-12.  We address its challenges to two of the three, and conclude that the evaluation of each as unacceptable was reasonable, and that any error in the evaluation of the third was not prejudicial. 

With respect to Integrity’s senior insider threat analyst, DSS’s evaluation concluded that the résumé did not show at least eight years of experience conducting analysis in a “mission space supporting Insider Threat at the tactical and/or strategic levels” and lacked at least eight years of SME experience in the areas of personnel security or counterintelligence supporting the insider threat mission.  AR Tab 16, Technical Evaluation of Integrity, at 1.  With respect to the firm’s unauthorized disclosure analyst, the evaluation concluded that the candidate’s résumé did not show at least five years of experience with security policies and procedures that are used in the information security discipline for DOD, the Defense Intelligence Enterprise, or at the national level.  This individual’s résumé also did not demonstrate knowledge of DOD’s supporting security functions “to include insider threat, operations security, technology protection, habeas, declassification, SCI and SAP security policies.”  Id. at 2. 

Integrity argues that the evaluation of the senior insider threat analyst was unreasonable because the résumé identified specific positions and described experience that showed 10 years of the required experience obtained in multiple roles:  as a senior management analyst at two private firms; and as a senior advisor and, before that, as a platoon commander, in the Marine Corps.  Integrity Supp. Protest at 8; AR Tab 12, Integrity Quotation, at 15, 17-21.  With respect to the unauthorized disclosure analyst, the firm argues that the résumé actually showed six years of the required experience, in two roles:  as a counterintelligence liaison agent for the National Guard Bureau, and as a counterintelligence specialist agent for a state National Guard.  Integrity Supp. Protest at 9-11; AR Tab 12, Integrity Quotation, at 38-42. 

DSS argues in response that the résumé actually showed that the senior insider threat analyst’s experience as a senior advisor and platoon commander in the Marine Corps had no tie to conducting analysis in a mission space supporting the insider threat mission or to using research and analytical techniques as an SME.  AR at 28-29.  As such, the agency concluded that the candidate had only three years, rather than the required eight years, of relevant experience under the two requirements at issue.  Id. at 28; Supp. AR Tab 25, Declaration of Evaluator of Insider Threat Analyst Candidates, at 5‑6.  With respect to the unauthorized disclosure analyst, DSS argues that Integrity’s candidate for one of the positions did not mention any experience working with information security policy or procedures at the DOD, Defense Intelligence, or national level, and did not show that the candidate had an understanding of insider threat as a discipline and its connection to information security.  Id. at 29-31.  Additionally, DSS notes that the candidate appeared to claim to have performed the two roles at issue for time periods that overlapped, without explanation.  Id. at 30; Supp. AR Tab 26, Declaration of Evaluator of Unauthorized Disclosure Analyst Candidates, at 6. 

Integrity responds that DSS unreasonably rejected the experience of the senior insider threat analyst as a senior advisor/platoon commander with the Marine Corps.  The firm points out that the quotation stated that the role included “continuous analysis of [i]nsider [t]hreat risks and mitigation techniques,” referred to the individual providing solutions to respond to insider threats for the two private firms, and referred to the individual’s experience serving as an SME for personnel security and counterintelligence in the Marine Corps roles.  Integrity Comments and Second Supp. Protest at 5-6.  With respect to the qualifications of the unauthorized disclosure analyst, Integrity argues that the individual’s role included supporting a program with information technology elements.  Integrity also argues that while the RFQ did not require the candidate to show an understanding of a relationship between insider threat and information security, the candidate’s résumé “demonstrates extensive knowledge in that area.”  Id. at 8-9. 

The record reasonably supports DSS’s evaluation of these two analysts as unacceptable because their résumés did not show that the candidates possessed the experience required in the RFQ.  Our review of the record shows that Integrity’s general assertions about the experience possessed by these two candidates are vague and do not clearly demonstrate how the candidates’ experience met the RFQ’s standards.  For example, the quotation describes the senior insider threat analyst’s experience with the Marine Corps as involving the tracking of operations and training for an operational detachment to train Afghan commandos, the construction and renovation of a water line, the development of programs and courses for combat conditioning as chief instructor, and the leadership of Marines in combat.  AR Tab 12, Integrity Quotation, at 20-21.  Even though Integrity asserted that those roles included continuous analysis of insider threats and mitigation, and continuous activity as an SME for personal security and counterintelligence operations, we do not find unreasonable DSS’s evaluation judgment that, despite those general claims, the roles at issue did not provide the experience specified in the RFQ.  See Supp. AR Tab 25, Declaration of Evaluator of Insider Threat Analyst Candidates, at 5-6. 

Similarly, DSS has shown a reasonable basis for its conclusion that the résumé for the unauthorized disclosure analyst did not show experience working with information security policy or procedures for DOD, Defense Intelligence, or at a national level.  Additionally, the agency reasonably concluded that the résumé lacked knowledge of relevant elements of DOD’s supporting security functions, but instead showed experience specific to the National Guard Bureau and to a state National Guard.  Supp. AR Tab 26, Declaration of Evaluator of Unauthorized Disclosure Analyst Candidates, at 6.  In short, the record supports DSS’s evaluation of Integrity’s quotation as unacceptable under the key personnel factor.[2]

Equal Treatment in Evaluation of Dependable’s Key Personnel

Based on information obtained under our Office’s protective order, which included portions of Dependable’s quotation, Integrity supplemented its protest to argue that a comparison of the evaluations of Integrity’s and Dependable’s key personnel reflected unequal treatment.  Integrity Comments and Second Supp. Protest at 10.  Integrity argued that one of Dependable’s senior insider threat analysts was “[o]nly a supervisor with insufficient demonstrated hands-on information,” that another had “[i]nsufficient experience with insider threat issues,” and that a senior unauthorized disclosure analyst had “[i]nsufficient experience with relevant insider threat requirements.”  Id.

DSS responded that Integrity’s allegation of unequal treatment was factually unsupported, and failed to show that DSS’s evaluation judgment had treated the offerors unequally.  To the contrary, DSS argued, the differences in the evaluation of the two firms’ key personnel were due to material differences in the qualifications of the respective candidates as shown in their résumés.  Supp. AR at 6-9. 

Where a protester alleges unequal treatment in a technical evaluation, it must show that the differences in ratings did not stem from differences between the offerors’ proposals (or quotations, as here).  Paragon Sys., Inc.; SecTek, Inc., B‑409066.2, B-409066.3, June 4, 2014, 2014 CPD ¶ 169 at 8-9.  Our review of the record fails to provide a basis for Integrity’s allegation of unequal evaluation treatment.  We address two examples that relate to the evaluation challenges discussed previously. 

First, Integrity challenges one of Dependable’s senior insider threat analysts as lacking hands-on experience.  DSS notes that the candidate’s résumé showed experience for two agencies over 11 years that involved establishing an insider threat program for multiple bureaus in one federal agency, organizing the agency’s insider threat advisor board, and developing an insider threat and supply chain management security program.  The candidate also provided insider threat awareness, training, and oversight for the second agency, among other things.  Supp. AR at 7-8.  In response to Integrity’s challenge to a second of Dependable’s senior insider threat analysts (as allegedly lacking experience with insider threat issues), DSS points to the candidate’s résumé as showing 8 years of experience in two locales participating in an installation-level threat working group.  Id. at 8-9.  Consequently, Integrity’s argument fails to show that its unacceptable senior insider threat analyst candidate had comparable experience to either of Dependable’s candidates. 

With respect to the qualifications of Dependable’s senior unauthorized disclosure analyst as lacking experience with relevant insider threat requirements, DSS points to the candidate’s résumé, which shows experience at a federal office involving policies and classification processes to prevent unauthorized disclosure of information, ensuring the office’s mission was not adversely impacted by public disclosure, and reviewing material for unclassified public release.  Supp. AR at 9.  Here again, the record confirms DSS’s argument that the qualifications of Integrity’s unauthorized disclosure candidate are not comparable to those of Dependable’s senior unauthorized disclosure analyst.  Thus the different evaluation of the two vendors’ candidates results from the different experience documented in their résumés, not unequal evaluation treatment. 

Dependable’s SAM Record Listing

Finally, Integrity argues that Dependable’s quotation was unacceptable because the RFQ required the successful vendor to have the applicable NAICS code listed in its SAM registration.  Integrity Protest at 11.  DSS argues that although the RFQ specified that the NAICS code be listed in vendors’ SAM records, that instruction was improper.  AR at 11.  Instead, DSS argues, in the context of this order, the NAICS code served merely to establish the size standard for the procurement, and even then, the size status of each vendor was determined at the time of the award of each vendor’s FSS contract, so the omission of the applicable NAICS code in Dependable’s SAM record was irrelevant.  Id. at 12.  Integrity responds that the RFQ stated the NAICS code listing as a requirement, therefore Dependable’s failure to include the NAICS code in its SAM record rendered the firm ineligible for award.  Integrity’s Comments and Second Supp. Protest at 3. 

The RFQ direction for vendors to list the applicable NAICS code in their SAM registrations was an insignificant requirement, and thus its omission did not require DSS to reject Dependable’s quotation.  In the context of this procurement, each vendor’s size status was established in connection with the award of each vendor’s FSS contract, and no size recertification was required by the RFQ.  As such, Dependable’s omission of the applicable NAICS code from its SAM registration was a minor informality, at most, that could be waived.  See S4, Inc., B-299817, B‑299817.2, Aug. 23, 2007, 2007 CPD ¶ 164 at 10 (denying protest that agency improperly waived awardee’s failure to list applicable NAICS code in online records and noting that size status was not disputed and would be determined by Small Business Administration in any event). 

The protests are denied.

Thomas H. Armstrong
General Counsel

---