The Buzz

Free Money

After a spanking from Government Accountability Office auditors, the Defense Department is trying to reward only contractors that deliver weapons that work, avoid cost increases and stick to their schedules. Currently, that's not standard operating procedure.

Between fiscal 1999 and 2003, the mili- tary services and Defense agencies paid $157 billion for award- and incentive-fee contracts, that's 21 percent of all spending on contracts worth more than $25,000.

These contracts, the only ones that allow agencies to adjust contractors' fees based on performance, are intended to spur companies to meet goals such as staying within costs and providing promised capabilities. The assumption is only exceptional performance will hit those targets.

GAO studied 93 contracts worth $51.6 billion, or about a third of spending on such deals between fiscal 1999 and 2003. Based on the sample, Defense spent $8 billion in award fees regardless of whether contractors fell short of, met or exceeded expectations. About half the contracts paid 70 percent of fees for "average, expected, good or satisfactory" performance.

Programs accounting for 46 percent of the incentive dollars in GAO's sample aren't meeting goals, yet contractors have received most of the available incentives. They are the Comanche helicopter, F-22 Raptor fighter, Joint Strike Fighter and the Space-Based Infrared System High satellite network.

Misuse of incentive contracts is at the nexus of two areas GAO identified as high risk-contract management and weapon systems acquisition, Comptroller General David M. Walker told a Senate subcommittee on April 5. "DoD's acquisition, business and contract management practices are contrary to the purpose of performance-based contracting concepts and have resulted and, if not corrected . . . will continue to result in wasting billions," he said.

The Defense Acquisition University will develop an online center about award fees, says a March 29 Defense policy memo. By June 1, the department pledged it will find ways to capture data on fees and identify performance measures for them.

Über ID

Come late October, agencies expect to begin handing employees and contractors new identity smart cards that will be interoperable across government, contain biometric data about users, and permit or deny access to buildings and computers. A 2004 presidential homeland security directive required new IDs. The National Institute of Standards and Technology issued standards for them in February 2005.

But the Government Accountability Office reported in February that agencies are unlikely to meet the Oct. 27 deadline.

NIST and the General Services Administration both must test commercial products before agencies can buy them. That could take months. Products haven't been certified, so costs aren't clear and funding is uncertain. Most agency officials still are scratching their heads over how to prove identities, issue and maintain cards, and protect cardholders' privacy. Here are the standards that agencies must meet.

Protecting Privacy

  1. Assign a senior official to oversee ID privacy.
  2. Assess how systems containing personal information will affect privacy.
  3. Tell employees how their cards will be used and the effects on privacy.
  4. Use security controls developed by NIST.
  5. Make sure technology used in the ID system does not erode privacy protections.

Proving Cardholders' Identities

  1. Conduct background investigations, such as the National Agency Check With Written Inquiries, or have them on record for all cardholders.
  2. Perform an FBI National Criminal History Fingerprint on all employees and contractors slated to receive cards.
  3. Require ID applicants to appear once in person before giving them cards.
  4. Demand two original forms of identification documents from the Office of Management and Budget list.
  5. Make sure no one person can issue a card without another's approval.

Issuing Cards

  1. Follow rules for photographs and data and make sure background investigations come up clean.
  2. Verify that the person receiving a card is the same one approved for it.
  3. Issue cards created only by approved providers and accredited ID systems.
Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.


When you download a report, your information may be shared with the underwriters of that document.