Computerworld - A 10-year, $103 million contract to create a security incident response center at the U.S. Department of Veterans Affairs had to be aborted after less than three years because of funding problems resulting from inadequate planning and poor administration.
Instead of yielding a state-of-the-art security readiness and response capability, the contract became “an open checkbook” that led to the awarding of nearly two-dozen noncompetitive task orders, as well as inflated prices, overpayments and $35 million in unaccounted-for equipment purchases.
Those are just some of the findings of an audit by VA Inspector General George Opfer of the July 2002 Central Incident Response Capability (CIRC) contract awarded to Veterans Affairs Security Team LLC (VAST).
The audit report was quietly released in late February, about two years after the contract was aborted. By 2005, the VA had already spent about $91.8 million, just $11 million less than it had planned to spend over the 10-year life of the pact, the report said.
The VAST joint venture was created just a week before the awarding of the contract. It includes six small companies led by Washington-based SecureInfo Corp. and partners SAIC Inc. and the formerCompaq Computer Corp., according to the report.
SecureInfo CEO Christopher Fountain denied that VAST had been overpaid during its work for the VA.
“At no time during the review were we alerted to any such concerns” by the inspector general’s office, Fountain said last week. “They never told us they had found anything” that was a cause for concern.
In fact, Fountain contended that VAST incurred “several million dollars in liability” when the contract expired because of equipment purchases and other expenses.
Company Defends Work
“We believe that the government realized great value from the work we did perform for them,” Fountain said. “We believe we [set up] one of the most advanced security operations centers in the federal government.”
The report blamed many of the problems on the acquisition planning for the so-called managed security services (MSS) outsourcing component of the contract.
“Deficiencies in the planning, solicitation, evaluation of proposals, award and administration of the contract for MSS resulted in uncontrolled spending, overpayments and illegal contracting actions that resulted in the ultimate demise of the contract due to lack of funding,” Opfer said in his report.
He noted that three months after the contract was awarded, the VA changed the MSS component from a fixed price deal to a so-called Indefinite Delivery Indefinite Quantity agreement. “The modification allowed VA to issue task orders to fill requests from field facilities and Office of Cyber Security for MSS at additional cost,” Opfer said in the report.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
