Spry Methods, Inc. (HM0476-21-R-0025)
Case: B-421640
Agency: Department of Defense : National Geospatial-Intelligence Agency
Protester: Spry Methods, Inc.
Date: 2024-04-17
Denied
B-421640.3,B-421640.4,B-421640.5,B-421640.6
Apr 17, 2024
Jump To
FULL REPORT
VIEW DECISION
RELATED PAGES
GAO CONTACTS
Highlights
Spry Methods, Inc., a small business of McLean, Virginia, and Castalia Systems, LLC, a small business of Tampa, Florida, protest the award of a contract to RiVidium, Inc., d/b/a TripleCyber, a small business of Vienna, Virginia, under request for proposals (RFP) No. HM0476-21-R-0025, issued by the National Geospatial-Intelligence Agency (NGA) for cybersecurity capabilities and services in support of NGA's chief information security officer. The protesters challenge various aspects of the agency's evaluation of proposals and the resulting source selection decision.
We deny the protests.
View Decision
DOCUMENT FOR PUBLIC RELEASE
The decision issued on the date below was subject to a GAO Protective Order. This redacted version has been approved for public release.
Decision
Matter of: Spry Methods, Inc.; Castalia Systems, LLC
File: B-421640.3; B‑421640.4; B-421640.5; B-421640.6
Date: April 17, 2024
Olivia L. Lynch, Esq., Louis A. Chiarella, Esq., Sarah F. Burgart, Esq., Zariah T. Altman, Esq., and Emily P. Golchini, Esq. Crowell & Moring LLP, for Spry Methods, Inc.; Lewis P. Rhodes, Esq., and Orest J. Jowyk, Esq., Reston Law Group LLP, for Castalia Systems, LLC, the protesters.
James Y. Boland, Esq., Lindsay M. Reed, Esq., Allison M. Siegel, Esq., and Kelly M. Boppe, Esq., Venable LLP, for RiVidium, Inc., d/b/a TripleCyber, the intervenor.
Anthony Lascola, Esq., Mary Elizabeth C. McKenney, Esq., and Richard L. Donaldson, Esq., National Geospatial-Intelligence Agency, for the agency.
Christopher Alwood, Esq., and Alexander O. Levine, Esq., Office of the General Counsel, GAO, participated in the preparation of the decision.
DIGEST
1. Protests challenging agency’s evaluation of proposals under the technical/management and price factors are denied where the evaluation was reasonable and consistent with the terms of the solicitation.
2. Protests challenging agency’s evaluation of past performance are denied where the evaluation was reasonable and consistent with the solicitation’s criteria or the protesters did not establish that they were competitively prejudiced by the agency’s actions.
3. Protests challenging agency’s best‑value tradeoff are denied where the agency’s tradeoff was reasonable, adequately documented, and consistent with the terms of the solicitation.
DECISION
Spry Methods, Inc., a small business of McLean, Virginia, and Castalia Systems, LLC, a small business of Tampa, Florida, protest the award of a contract to RiVidium, Inc., d/b/a TripleCyber, a small business of Vienna, Virginia, under request for proposals (RFP) No. HM0476-21-R-0025, issued by the National Geospatial-Intelligence Agency (NGA) for cybersecurity capabilities and services in support of NGA’s chief information security officer. The protesters challenge various aspects of the agency’s evaluation of proposals and the resulting source selection decision.
We deny the protests.
BACKGROUND
On November 29, 2021, the agency issued the RFP as a small business set-aside under the commercial item procedures of Federal Acquisition Regulation (FAR) part 12, using the negotiated procurement policies and procedures established under FAR part 15. Contracting Officers Statement and Memorandum of Law (COS/MOL), B‑421640.3. The solicitation sought proposals to provide cybersecurity capabilities and services under what the RFP referred to as the Defender contract.[1] AR, Tab A.8.a, RFP at 34, 54; AR, Tab A.6.b, SOW at 5.[2] The RFP contemplated the award of a contract for a 6‑month base period, seven 1-year option periods, and one 6-month option period. RFP at 31‑33.
The RFP provided for award on a best‑value tradeoff basis, considering price and the following four non-price factors: (1) technical/management; (2) past performance; (3) security; and (4) intellectual property. Id. at 56‑57. The security factor was to be evaluated on a pass/fail basis. Id. at 56. The RFP stated that, for the purposes of the best‑value tradeoff, the other non-price factors, when combined, were significantly more important than price. Id. at 54. Within the non-price factors, the RFP explained that the technical/management factor was significantly more important than past performance, which was in turn more important than the intellectual property factor. Id. at 56. The RFP specified that the technical/management factor consisted of the following four subfactors listed in descending order of importance: (1.1) computer network exploitation, (1.2) cybersecurity risk management, (1.3) key personnel, and (1.4) contract dashboard/web portal. Id.
The RFP provided for a multi-phase procurement. In phase 1, offerors were to submit written proposals addressing the computer network exploitation subfactor. RFP at 54. The agency was to evaluate the phase 1 proposals before conducting an advisory “down‑select.” Id.
Full decision text continues on ProtestIntel...