Intrepid Solutions and Services, Inc.

DOCUMENT FOR PUBLIC RELEASE
The decision issued on the date below was subject to a GAO Protective Order. This redacted version has been approved for public release.

Decision

Matter of: Intrepid Solutions and Services, Inc.

File: B-410431.5

Date: December 30, 2014

DIGEST

Protest that agency unreasonably evaluated protester’s proposal as technically unacceptable is denied where the record shows that the evaluation was reasonable and consistent with the solicitation.

Intrepid Solutions and Services, Inc., of Reston, VA protests the award of multiple indefinite-delivery/indefinite-quantity contracts under request for proposals (RFP) W911W4-13-R-0005, issued by the Department of the Army, U.S. Army Intelligence and Security Command, for global intelligence services.[1] Intrepid challenges the evaluation of its proposal as technically unacceptable.

We deny the protest.

BACKGROUND

The RFP, issued on March 15, 2013, contemplated the award of multiple indefinite‑delivery/indefinite-quantity (IDIQ) contracts with a 5-year ordering period. RFP at 1. Task orders are to be awarded on a competitive basis for intelligence, security, information operations, mission support, and sustainment services in support of the U.S. Army Intelligence and Security Command (INSCOM), the Army, and intelligence community partners worldwide. RFP at §§ A and F.1. The RFP provided for two pools of awards, a restricted pool, set aside for small businesses, and an unrestricted pool. RFP at 3. Intrepid competed for an award within the restricted pool. Agency Report (AR) at 5. The RFP established a best value source selection process, considering technical, small business participation, past performance and cost/price factors. RFP § M.5.

As it relates to the protest, the technical approach factor for the restricted pool included four subfactors, each corresponding to a sample task order: (1) Task Order Echo (Futures Capabilities Integration); (2) Task Order Foxtrot (Futures System Integration); (3) Task Order Golf (Signals Intelligence Technical Development Activity (STDA)); and (4) Task Order Hotel (Offensive Information Operations). For each sample task order, the RFP established that the agency would evaluate the offerors’ technical approaches in terms of how well their innovative solutions met the statement of objectives (SOO) set forth under the task order. RFP § M.5.3.1.

Under Task Order Hotel, the SOO required offerors to, among other things, develop and propose a comprehensive performance work statement (PWS) for the task of providing information operations equipping and training support “including research, development, [contractor furnished material] procurement, testing, evaluation, rehearsal, operational and replicated environments.” RFP § J.2.8.2.0. Within the PWS, offerors were required to include a performance requirement summary (PRS), addressing, at a minimum, four performance objective categories: (1) provide test and evaluation, independent verification, and product/capability analysis; (2) operational and technical support; (3) analytical tools; and (4) technical solutions. RFP § J.2.8.2.2.2. The RFP also permitted offerors to expand upon the categories as needed to align with their technical approaches. Id.

Additionally, the SOO for Task Order Hotel directed offerors to include a description of their methodologies for conducting twelve specific tasks pertaining to the conduct of decisive action information operations. RFP § J.2.8.2.1.1. The RFP listed the twelve tasks as follows:

[1] Conduct cyber operations across a contractor provided [internet protocol] network with special task order itemized considerations.

[2] Review, dissect, engineer, and build safe products from the task order identified system or software.

[3] Provide isolated network access.

[4] Conduct and document [radio frequency] studies as defined by individual task orders.

[5] Analyze, engineer and document gaps in [internet protocol] or [radio frequency] connected sensors (hardware and software.)

[6] Provide worldwide network connectivity with special identified considerations.

[7] Develop tools and applications, document, train, test, provide engineering support to products.

[8] Develop, document and test tools and applications, train, and provide engineering support to estimate [information operations] results.

[9] Develop, document and test tools and applications, train, and provide engineering support to monitor the [information operations] network against hostile actions, and use of automation to actively defend.

[10] Develop, document and test tools and applications, train and provide engineering support to identify threats on the [information operations] network and track to origin.

[11] Provide life cycle support to developed capabilities.

[12] Provide forensics analysis, and threat neutralization.

Id.

Intrepid submitted a timely proposal on July 1, 2013. AR at 4. As relevant here, the Source Selection Evaluation Board (SSEB) reviewed Intrepid’s proposal and assigned Intrepid a rating of acceptable or better for three of the four technical approach subfactors.[2] Protest at 4. The SSEB, however, assigned Intrepid’s proposal one weakness and one deficiency under the Task Order Hotel subfactor, resulting in an unacceptable rating for the subfactor and the technical approach factor overall. [3] Id.

In assigning Intrepid’s proposal a deficiency, the agency found that the proposal did not meet the requirements of the Task Order Hotel and did not demonstrate a thorough understanding of the task order. AR, Tab 17, Source Selection Decision Document (SSDD) at 8. Specifically, the agency concluded that Intrepid’s proposal “represents a material failure of the Offeror’s proposal to meet a Government requirement that increases the risk of unsuccessful contract performance to an unacceptable level because the proposal focuses mostly on Test [and] Evaluation/Validation [and] Verification oversight service evaluations.” Id. In particular, the agency found that Intrepid did not substantially describe its methodologies for the tasks that involved conducting radio frequency studies; actively defending the network; building safe products; providing isolated network access; providing forensic analysis and threat neutralization; rapidly engineering and developing cyber capabilities; and conducting cyber network information operations. AR, Tab 17, Source Selection Decision Document (SSDD) at 8-9. Further, the agency explained that before entering the test and evaluation phase, the RFP required offerors to create or reengineer existing tools/products necessary to conduct detection, defensive, exploitation activities against the adversary and found that Intrepid’s proposal lacked a discussion of how it would create or reengineer existing tools and products needed for those activities.[4] Id. Ultimately, the agency concluded that “the omission of an innovative technical solution containing the required tools, techniques, and procedures to satisfy the Government’s SOO” raised questions about the offeror’s ability to successfully conduct the mission. Id.

Based on its unacceptable technical approach factor rating, the agency eliminated the protester’s proposal from the competition. RFP § M.5.3.2. On September 12, the agency awarded contracts to ten offerors in the restricted pool. Id. Intrepid received a debriefing on September 25, and this protest followed.

DISCUSSION

Intrepid challenges the agency’s evaluation of its technical approach, arguing that the agency unreasonably assigned a deficiency for failing to address all the requirements of technical approach subfactor Task Order Hotel and its resulting unacceptable technical approach rating. The protester contends that it sufficiently addressed the twelve tasks listed in section J.2.8.2.1.1 of the RFP, including a discussion of how it would create or reengineer existing tools and products needed to conduct detection, defensive, exploitation activities against the adversary, and that it provided an innovative technical solution containing the required tools, techniques and procedures to satisfy the government’s SOO. Intrepid’s Comments at 2, 9, and 16-17.

The evaluation of an offeror’s proposal is a matter largely within the agency’s discretion. Johnson Controls, Inc., B-407337, Nov. 20, 2012, 2012 CPD ¶ 323 at 3. In reviewing a protest that challenges an agency’s evaluation of proposals, our Office will not reevaluate the proposals, but, rather, will examine the record to determine whether the agency’s judgment was reasonable and consistent with the stated evaluation criteria and applicable statutes and regulations. Ocean Servs., LLC, B-406087, B-406087.2, Feb. 2, 2012, 2012 CPD ¶ 62 at 5.

It is an offeror’s responsibility to submit a well-written proposal, with adequately detailed information which clearly demonstrates compliance with the solicitation and allows a meaningful review by the procuring agency. Mike Kesler Enters., B‑401633, Oct. 23, 2009, 2009 CPD ¶ 205 at 2-3. An offeror that does not affirmatively demonstrate the merits of its proposal risks rejection of its proposal. HDL Research Lab, Inc., B-294959, Dec. 21, 2004, 2005 CPD ¶ 8 at 5. Proposals with significant informational deficiencies may be excluded, whether the deficiencies are attributable to either omitted or merely inadequate information addressing fundamental factors. American Gov’t Servs., Inc., B-292242, Aug. 1, 2003, 2003 CPD ¶ 163 at 4. A protester’s disagreement with the agency’s evaluation provides no basis to question the reasonableness of the evaluators’ judgments. Mike Kesler Enters., supra.

Based on our review of the record, we conclude that the agency reasonably found Intrepid’s proposal technically unacceptable for failing to adequately address the Task Order Hotel subfactor. Specifically, as noted above, the agency found that Intrepid’s proposal failed to substantially describe its methodologies for conducting many of the twelve tasks associated with performance of the SOO and specifically outlined under section J.2.8.2.1.1 of the RFP. In this regard, the agency found Intrepid’s proposal to lack an adequate discussion of its methodologies for conducting radio frequency studies; actively defending the network; building safe products; providing isolated network access; providing forensics analysis and threat neutralization; rapidly engineering and developing cyber capabilities; and conducting cyber network information operations. Id. Additionally, the agency found that the protester did not include a discussion of how it would create or reengineer existing tools and products needed to conduct detection, defensive, exploitation activities against the adversary.[5] These activities, according to the agency, cut across several of the twelve identified tasks. Id.

Intrepid argues that it addressed the twelve tasks in its proposal by: (1) including a table (table 2-3) with a statement describing its “understanding” of each task; (2) including a table (table 2-8) that highlights various methodologies “necessary to provide effective support to the four performance objectives across the [twelve tasks] listed in Section J.2.8.2.1 of the RFP;” and (3) referencing activities encompassed by the tasks elsewhere in its description of the technical solutions for the performance objectives.[6] Intrepid’s Comments at 11-16; AR, Tab 7, Intrepid’s Proposal at 17, 27. As discussed below, Intrepid’s arguments are without merit.

Regarding table 2-3, the agency argues, and the record reflects, that Intrepid provided brief statements for each task, without describing its methodology for actually performing the tasks. For example, in table 2-3, Intrepid describes its understanding of the first task--Conduct Cyber Operations Across a Contractor Provided Internet Protocol Network with Special Task Order Itemized Considerations--as follows:

Independent (closed) network for testing. Developed to simulate the [operational environment] order to validate that risks are identified, vulnerabilities are assessed, and recommendations are provided to the developers.

Id. at 17.

Similarly, table 2-8, which addresses the twelve tasks in the context of the four PRS summary performance objective categories (i.e., (1) provide test and evaluation, independent verification, and product/capability analysis; (2) operational and technical support; (3) analytical tools; and (4) technical solutions), provides limited information regarding Intrepid’s methodology for actually completing the twelve tasks. For example, under the test and evaluation category for the first of the twelve tasks, the table reads as follows: “Test support of cyber tools, task order objectives, and desired outcomes.” Id. at 28. Under the analytical tools category, the table reads: “Provide innovation in methods and technical tools to support cyber operations.” Id. These brief statements generally appear to describe ways Intrepid proposed to “provide effective support to the four performance objectives,” consistent with the description of the table, rather than describing Intrepid’s methodologies for actually conducting these tasks, as required by the RFP.

Intrepid’s third argument is also without merit. Although Intrepid’s proposal includes descriptions of its technical solutions for the performance objectives, which, in some instances, refer to some of the activities contemplated by the twelve tasks, those references are scattered and brief. For example, Intrepid contends that it addressed the eighth task‑‑Develop, document and test tools and applications, train, and provide engineering support to identify threats on the information operations network and track to origin--where its proposal indicates that “[w]e provide operational and technical support to identify threats on the [information operations] network and track to origin.” Intrepid’s Comments at 15. As with the examples from tables 2-3 and 2‑8, this reference provides limited information and does not purport to describe Intrepid’s methodology for actually conducting the task. Although Intrepid may ultimately disagree with the agency’s assessment of the adequacy of the information provided in its proposal, such disagreement with the agency’s evaluation does not provide a basis to question the reasonableness of the evaluators’ judgments. Mike Kesler Enters., supra. Accordingly, we have no basis to question the agency’s conclusion that Intrepid did not meet the requirements of the task order, and the agency’s determination that the proposal was technically unacceptable.

The protest is denied.

Susan A. Poling
General Counsel