GovCon Bid and Proposal Insights
GovCon Bid and Proposal Insights
Implementation of Advanced Government Simulation Capabilities (IAGSC)
In this episode, we break down the upcoming $750M MA-IDIQ: Implementation of Advanced Government Simulation Capabilities (IAGSC) contract from the Department of the Air Force – Air Force Materiel Command. Set to release in October 2025, this full & open opportunity is designed to advance simulation capabilities that directly support warfighter readiness, testing, training, and operations.
We’ll walk you through:
- The scope and goals of the IAGSC opportunity
- Why simulation and modeling are critical defense priorities
- What contractors should be doing now to position themselves for this high-value award
Whether you're an established DoD contractor or looking to break into the simulation tech space, this episode is packed with actionable intel.
🎧 Listen now and get ahead of the curve!
Contact ProposalHelper at sales@proposalhelper.com to find similar opportunities and help you build a realistic and winning pipeline.
Okay, let's unpack this. We're diving into a world defined by documents today, specifically a government contract performance-based work statement, or PWS, and its Q&A outlining requirements for something called IAGSC.
Speaker 2:Right IAGSC, and that stands for the Implementation of Advanced Government Simulation Capabilities.
Speaker 1:Okay.
Speaker 2:Think of it as the playbook for getting some really complex, high-tech work done, all to support critical Air Force missions.
Speaker 1:And our source material. It comes from the Air Force Sustainment Center's Software Development Directorate Experimentation Division, that's AFSCSWX.
Speaker 2:Exactly and these documents. They really lay out what a contractor needs to do to help them build and integrate these advanced software and simulation capabilities.
Speaker 1:So our mission in this deep dive is really to pull out the absolute must-know details, right yeah?
Speaker 2:exactly? What are the core tasks? What essential skills are required? What's this unique environment like, where the work actually happens, and how do they measure success and manage all the critical data involved?
Speaker 1:It's kind of a look inside the operational realities of supporting advanced defense tech.
Speaker 2:That's it. We're trying to give you a clear picture.
Speaker 1:Okay, so we'll explore the services, the specific kind of team needed, the well intense security and logistical environment.
Speaker 2:Uh-huh.
Speaker 1:And how performance and data are handled in this highly specialized context.
Speaker 2:So let's start at the beginning. What is IAGSC ultimately trying to achieve? How performance and data are handled in this highly specialized context. So let's start at the beginning. What is IAGSC ultimately trying to achieve? I mean, the PWS defines the tasks, sure, but the big picture objective is for a contractor to provide non-personal services Right and that non-personal services piece.
Speaker 1:That's a critical distinction in government work, isn't it?
Speaker 2:Oh, absolutely.
Speaker 1:It means the contractor isn't being hired as, like staff, they're providing a service, managing their own people, their own methods.
Speaker 2:While the government keeps control of the direction and you know the final decisions and these services. They support the government's goal to develop and integrate software products into various DOD systems for AFSCSWX.
Speaker 1:And AFSCSWX's mission itself.
Speaker 2:It's all about pushing the envelope, leading innovation, accelerating capability development, all to make the warfighter more effective, often through experimental software and early system development.
Speaker 1:So what kind of experimental software and early system development are we talking about here? The background section gives us some clues.
Speaker 2:Yeah, it says. Afscswx develops software and integrates modeling and simulation M&S across a huge spectrum of DoD platforms.
Speaker 1:Like what.
Speaker 2:We're talking space systems, aircraft, complex threat modeling, command and control, major simulation platforms like the Joint Simulation Environment, jse, test training, experimentation and ISR intelligence surveillance and reconnaissance.
Speaker 1:Wow, that's broad, and they're doing this across multiple security levels for a pretty diverse group of customers too.
Speaker 2:Yep, supporting everything from fourth and fifth gen fighter jets to cutting edge experimental weapons.
Speaker 1:And simulators seem key.
Speaker 2:Very key. They use them for high fidelity testing, advanced training and that crucial development of tactics, techniques and procedures. Ttps and the documents specifically tie this work to programs identified as operational imperatives. Which means Major high priority defense initiatives, stuff that absolutely has to get done.
Speaker 1:Got it. So the scope of the contract has to match that breadth. Then it includes the basic software development, integrating M&S and core research and development for new capabilities.
Speaker 2:Plus all the necessary support functions, you've got embedded cybersecurity throughout the lifecycle, comprehensive software testing, including validation and verification, v&v, and a really interesting area mentioned, integrating intel community developed information into threat representative capabilities.
Speaker 1:Integrating intelligence into simulated threats. That sounds pretty advanced.
Speaker 2:It is, and the Q&A clarifies this a bit. It means taking information that the intel community develops and using it to either integrate into existing threat models or create entirely new models.
Speaker 1:So they accurately represent potential adversary systems.
Speaker 2:Exactly. It's all about making the simulations as realistic as possible, based on the absolute latest intelligence.
Speaker 1:Okay, that makes sense. The scope also includes systems engineering support, to kind of tie it all together, physical security support for the facilities where this sensitive work happens, and administrative support services too. It's a whole package.
Speaker 2:It really is, and when you dive into the core services you really see the specific technical demands. Let's maybe start with the software engineering services.
Speaker 1:Okay, so this team. They'll work directly with government teams, side by side, right.
Speaker 2:Yeah.
Speaker 1:Operating inside a government-provided DevSecOps environment.
Speaker 2:That's the model, and the work covers both developing new software and sustaining existing code. The Q&A actually confirms sustainment includes refactoring older code bases too.
Speaker 1:Which can be a huge job in itself.
Speaker 2:Oh, definitely, and they also integrate M&S products into these software systems.
Speaker 1:Now there's a foundational point here, something with major implications for the contractor.
Speaker 2:We're talking about the data rights.
Speaker 1:Exactly All work is done on government-owned and directed systems, and the government gets unlimited data rights to all software developed and delivered under this contract.
Speaker 2:Unlimited data rights. That means everything the contractor builds here, every single line of code, every bit of data. It belongs solely to the government.
Speaker 1:Wow.
Speaker 2:Yeah, and the PWS and Q&A really hammered this home. The contractor cannot, absolutely cannot, bring in or use any proprietary data, code or information without explicit written consent from the government technical lead on site.
Speaker 1:So what does that mean practically?
Speaker 2:Well, the insight there is it forces a contractor to have a very, very clear separation between their own company's internal IP and the work they do on the specific contract.
Speaker 1:Ah, so you can't leverage the contract to build your own commercial product on the side using government resources?
Speaker 2:Not a chance. It's a critical constraint. It means the contractor's value proposition has to be the service and the expertise, not any IP they might generate from the work.
Speaker 1:Okay, and that required expertise includes being fluent in agile and DevSecOps methodologies.
Speaker 2:Right. The Q&A tells us they use both agile scrum and scaled agile approaches and while the government sets the overall direction for a specific project, the contractor is expected to be deeply involved in refining and actually executing that methodology.
Speaker 1:Makes sense. Beyond just development and sustainment, they also provide systems engineering support and integration support.
Speaker 2:Yeah, and this includes integrating advanced technologies into existing and legacy platforms. They mentioned JSE, VATS and even specific aircraft like the F-16.
Speaker 1:And the Q&A had something specific about the F-16 integration, didn't it?
Speaker 2:It did. It clarified that this isn't just software talking to software For the F-16, it means integrating M&S products with real world hardware and aircraft systems Rolling yeah. And that kind of integration and installation work might mean travel to military bases pretty much anywhere in the world.
Speaker 1:Okay, life cycle software testing is also huge. Here they're responsible for test plans, running the tests, generating reports.
Speaker 2:And those reports are specific CDRL deliverables. Contract data requirements, list items with firm deadlines.
Speaker 1:Right and documenting any deficiencies they find.
Speaker 2:And that testing includes a significant cybersecurity component. The Q&A lists things like unit tests, vulnerability scans, checking for CVEs, common vulnerabilities and exposures and other security-focused tests. It varies depending on the specific systems. Authorizing official the AO.
Speaker 1:And standard validation and verification testing is in there too.
Speaker 2:Mandatory. Oh and just to ground the technical environment a bit, the Q&A mentions the primary operating systems they typically work with are Windows and Linux.
Speaker 1:Okay, Good detail. Let's shift gears then to another massive area cybersecurity services.
Speaker 2:Yeah, non-negotiable. In this kind of environment, the contractor is actually expected to lead security approval processes, things like getting an IATT interim authority to test or a full ATO authority to operate. Leading that means providing comprehensive risk management framework or RMF services. Right, exactly, rms is essentially the standardized DOD process for securing IT systems and assessing cyber risk. They'll be doing everything like conducting risk assessments, running vulnerability scans, developing and maintaining system security plans, ssps and continuous monitoring plans, implementing and testing security controls the whole nine yards and handling all the documentation.
Speaker 2:Yeah, all the RMF documentation like SSPs and plans of action and milestones, PO and AMs, and they need to follow the specific standards DOD 8510.01 and NIST 837.
Speaker 1:Now, on top of standard RMF, because of the sensitive nature of the information, they also have to support requirements for something called J-SIG.
Speaker 2:Right Joint Special Intelligence Operating Policies and Procedures J-SIG. That applies to SCI's sensitive compartmented information and SAP's special access programs. So that adds layers of complexity, oh, yeah, it requires personnel indoctrination, facility accreditation, very strict rules for handling, marking and storing information. The Q&A notes that, while it generally follows the standard ATO process, the authorizing officials often add unique system-specific requirements, especially for J-SIG. It goes beyond just basic STIG compliance.
Speaker 1:Which means the personnel doing this work needs specific high-level certifications.
Speaker 2:Absolutely. The PWS requires personnel with Information Assurance Manager 2 and 3 certs IAM Level 2 and 3, plus relevant DoD 8140 and 85570 certifications. They need people who aren't just generally skilled, but specifically certified in DoD cyber standards.
Speaker 1:And where are they working? Across which networks?
Speaker 2:They'll be working across multiple classified networks. You've got NIPRnet unclassified but controlled CUI environments, sipr net, secret JWICS, top-secret SCI, tsis are special access required and various SAP levels that range of networks itself tells you a lot about the complexity it really does. The QVNA confirms the work happens at impact levels 5, 6 and even 6 plus. These aisles indicate the data sensitivity and the security controls needed. Il6 Plus is extremely stringent.
Speaker 1:And they're using government cloud infrastructure.
Speaker 2:Yep government SW cloud infrastructure and cross-domain solutions specifically RTB compliant ones, raise the bar are required when data needs to move between different security domains.
Speaker 1:Okay, and their job includes analyzing, evaluating, documenting the security posture.
Speaker 2:Constantly Identifying and mitigating risks and major risks can't just sit in a report. They have to be flagged immediately up the chain to government leads and even higher headquarters.
Speaker 1:And they provide weekly reports specifically on cyber activities. That's CDRL A006.
Speaker 2:Correct. The Q&A also lists the kind of cybersecurity testing experience they expect. The Q&A also lists the kind of cybersecurity testing experience they expect. Stig's Security Technical Implementation guides, rmf, jseg, using code analysis tools, really covering all facets of DoD cyber testing. And, yeah, the government uses cloud-based cyber services in this setup.
Speaker 1:Okay, next up in the core services System Administration Services. This is providing the IT backbone for the whole operation, basically.
Speaker 2:That's it, providing the system administrators and IT specialists needed to monitor, maintain, configure and support all the IT systems the ones required for development, simulation and the classified operations.
Speaker 1:And this includes administering classified networks. That's definitely not your average IT job.
Speaker 2:Definitely not. It demands strict compliance with standards like NISPOM, the National Industrial Security Program, Operating Manual, and ICD-503 for intelligence community systems. Personnel need not only the clearances but specific familiarity with the unique requirements for running classified networks.
Speaker 1:And they're not just keeping the lights on for existing systems.
Speaker 2:No, they'll actually design, document, implement and even help accredit new government-owned networks. They handle the full life cycle of IT systems. That includes compliant destruction of equipment at the right classification level when it's retired.
Speaker 1:Wow, and they might also perform data transfer authority duties, managing data movement.
Speaker 2:Correct Moving data between systems, potentially across classification levels, which requires specific authorization and procedures.
Speaker 1:Like the cyber folks, this demands certified personnel.
Speaker 2:Yep Security Plus certification is specifically called out and the PWS gives a remarkably detailed list of required technology experience.
Speaker 1:I saw that it includes Windows, Red Hat, Linux, VMware, Kubernetes.
Speaker 2:Microsoft Office Suite, SCCM, WSUS, Red Hat, Satellite, VMware Orchestrator, Podman, Docker, Docker Images, Helm Charts, Git, Visual Studio and OpenShift.
Speaker 1:That list is like a window into their specific tech stack, isn't it?
Speaker 2:Absolutely. It tells you this environment is heavily virtualized. Uses containerization, kubernetes, docker, podman, openshift are all mentioned. It relies on standard Linux and Windows infrastructure management tools like SCCM and Satellite and Git for version control, of course.
Speaker 1:It really reflects a modern, complex IT ecosystem built to support DevSecOps, but within that secure government context.
Speaker 2:Exactly Good insight, okay. Finally, under core services there's training and TTP support.
Speaker 1:And this isn't just generic how to use the software training, is it?
Speaker 2:No, not at all. It's about ensuring the technical work is actually operationally relevant.
Speaker 1:Meaning they need subject matter expertise SMEs on operational tactics, techniques and procedures, especially for multi-domain operations.
Speaker 2:That's the core of it. They need people who genuinely understand how the warfighter operates in the field.
Speaker 1:So these SMEs? They'll consult with users, provide recommendations, supervise studies.
Speaker 2:Yes, and ensure that M&S and software outputs are genuinely useful in real-world scenarios or exercises. They embed these operational SMEs within the teams.
Speaker 1:And they provide ad hoc customized training.
Speaker 2:Right for the combined government contractor teams. They also support the development of multi-domain ops doctrine and TTPs and participate in exercises to test out concepts and capabilities.
Speaker 1:And Agile DevSecOps. Expertise is needed for this training too, along with the warfighting SMEPs.
Speaker 2:Both are required. The training materials themselves are a deliverable CDRL A007 and need government approval seven days in advance.
Speaker 1:And they help assess simulation products and even sit in on Agile meetings to help prioritize work based on operational needs.
Speaker 2:Yeah, bringing that operator perspective right into the development planning. The Q&A gives examples of training topics planning. The Q&A gives examples of training topics Agile, dove, secops processes themselves, specific TTPs like air-to-air engagements and tailored training on the bespoke software they develop.
Speaker 1:Okay, so that covers the huge breadth of the services. Now let's talk about the team structure and how they actually operate day-to-day.
Speaker 2:Right. The PWS defines specific labor categories with escalating experience and degree requirements Junior, journeyman, senior and subject matter expert or SME.
Speaker 1:And the Q&A points to PWS Table 1, which gives us a peek at the initial staffing breakdown. Software engineering is clearly the biggest chunk.
Speaker 2:Yeah, starting with around 23 HIPTEs full-time equivalents followed by cybersecurity with nine, that definitely tells you where the bulk of the effort and complexity is expected, at least initially.
Speaker 1:And staffing is the contractor's responsibility. They manage the team, but they're expected to maintain a stable workforce.
Speaker 2:Which is a challenge right, Especially in a high-clearance environment like this.
Speaker 1:Absolutely, and there are strict rules for notifying the government about vacancies. Two weeks notice if possible, or within 24 hours for unplanned departures.
Speaker 2:And they have to fill those vacancies quickly, within 45 calendar days, plus provide temporary backfill if the spot is empty for more than two weeks. That puts real pressure on the contractor's recruiting and retention pipeline.
Speaker 1:Now, you mentioned non-personal services earlier. The PWS really emphasizes this.
Speaker 2:It does Explicitly defines the nature of the services as non-personal. The government will not directly supervise the contractor employees.
Speaker 1:Which is crucial legally and operationally. Right To avoid the appearance of an employer-employee relationship.
Speaker 2:Exactly. The contractor manages its own team, its own methods, and they must actively prevent the appearance of personal services and notify the government if any situations seem to blur that line.
Speaker 1:Importantly, the contractor services are not for inherently governmental functions.
Speaker 2:Correct Things like making policy decisions or managing government programs. All those strategic calls remain solely with the government.
Speaker 1:And finally, contractor employees must always identify themselves as contractors.
Speaker 2:Transparency. It's about maintaining that. Clear distinction Contractor badges introducing yourself as working for company X supporting the Air Force. Clear identification in emails on calls, signing sheets, everything.
Speaker 1:Got it. So where does all this happen?
Speaker 2:Well, the PWS initially lists the primary place of performance as on-site at Wright-Patterson Air Force Base in Ohio, specifically Building 802.
Speaker 1:But the Q&A expands on that significantly.
Speaker 2:It does. It clarifies that there are actually multiple primary government sites across the country where these contractor teams will operate.
Speaker 1:Okay, like where?
Speaker 2:WP AFB, yes, but also Hill AFB in Utah, tinker AFB in Oklahoma and Warner Robins AFB in Georgia.
Speaker 1:Wow, okay, that's a significant detail, definitely not just one location.
Speaker 2:No. And then there are secondary and temporary duty TDY locations. These include major tests and exercise bases like Nellis AFB, edwards AFB, eglin AFB and potentially other government spots as needed for travel like supporting integrations or experiments.
Speaker 1:So travel is definitely required.
Speaker 2:Yep Following standard military and federal travel regs JTRFTR. It needs pre-approval from the PM, cio or ESIA, usually 14 days prior, and detailed post-trip reports are a monthly deliverable part of CDRL A001.
Speaker 1:What about the timeline?
Speaker 2:The overall contract has a maximum duration of 30 months from the award date, but task orders issued under it for specific projects have a maximum of 12 months each.
Speaker 1:And work hours.
Speaker 2:Pretty standard government hours. Monday to Friday, roughly 6 am to 5 pm. Core hours, excluding federal holidays listed in the PWS and any base closure days. The contractor generally isn't required to work or bill on those days.
Speaker 1:Okay, now let's get into the really critical stuff, the non-negotiables, the requirements and constraints around security, data and safety. Security is obviously foundational here.
Speaker 2:And absolutely paramount, compliance with all installation-specific security force, protection and anti-terrorism requirements is mandatory at every location. It's not optional. It's the basic cost of entry for operating on base.
Speaker 1:And there was something very specific called out about IDs.
Speaker 2:Right Contractors must use contract issued identification for base and facility access. You absolutely cannot use personal IDs like a military card for access related to contract work. It constantly reinforces that contractor status.
Speaker 1:And, of course, security clearances huge deal.
Speaker 2:Massive. A minimum secret clearance is required for all personnel performing work on the contract and it has to be current within five years and active at the time of contract award.
Speaker 1:And the Q&A confirmed that many workloads will need even higher clearances.
Speaker 2:Correct Top secret SCI SAP access depending on the specific task, and the Q&A also notes that often that minimum secret clearance is required just for access to the government development systems themselves.
Speaker 1:And the contractor is responsible for getting clearances for new hires.
Speaker 2:Yes, typically within 90 days of hiring. There are provisions for individuals awaiting final adjudication to work temporarily, but only for 90 days and only in specifically approved areas. Subcontractors also need their DD Form 254 security documentation properly handled.
Speaker 1:And higher level clearances T3, T5, SSBI.
Speaker 2:Handled by the contractor's facility security officer, fso, following standard DoD procedures like DoDM 5200.02. All cleared personnel also have to follow strict reporting requirements CED 3 and 4, and complete mandatory initial and annual security training.
Speaker 1:Proper ID display is required always.
Speaker 2:At or above the waist standard procedure and there are strict processes for getting IDs for new people and critically promptly returning all credentials, ecacs, badges, keys when someone separates from the contract or the contract ends. Losing a badge is a serious security event and must be reported within one working day.
Speaker 1:Okay, let's talk. Common access cards, CACs.
Speaker 2:Right Essential for accessing government IT systems required for the job role. The Q&A stresses this isn't just for getting training access, it's for doing the actual work.
Speaker 1:And the process takes time.
Speaker 2:About four weeks. Typically, it involves background checks, at least to cure one, completing online questionnaires getting fingerprinted within 120 days. Failure to complete the process on time can result in being barred from the installation.
Speaker 1:And before you even get logical access to networks and computers.
Speaker 2:You need the background investigations completed and mandatory cyber awareness challenge training done before you get access, and you need the physical CAC before accessing the IT system itself. Plus, there are multiple forms and trainings required, like the AFMN 17-1301 rules of behavior and the DD Form 2875 system access authorization request. And there was a key point about the DD form 2875 system access authorization request and there was a key point about that DD form 2875.
Speaker 2:Yes, government personnel are explicitly forbidden from signing the DD form 2875 for the contractor. The contractor company must manage their own personnel's access requests through the proper channels, usually involving their own security personnel or management signing off.
Speaker 1:Got it Signed or security incidents.
Speaker 2:Report them immediately to the group security manager, no delay. Preserve the same, protect evidence, cooperate fully with any investigation. This isn't a we'll deal with it.
Speaker 1:Monday situation Makes sense ComSE communication security.
Speaker 2:Standard for DOD. All communications, including phone calls on government systems, are subject to review monitoring recording. Contractor employees have to be informed of this.
Speaker 1:And OPSC operations security Sounds like it's extremely strict here.
Speaker 2:Extremely Strict controls on personal electronic devices laptops, phones, cameras, any kind of recording or storage device are enforced in government spaces. Absolutely no unauthorized photography or recording in restricted areas unless it's official and approved.
Speaker 1:And the big takeaway for OPSEC seems to be what not to do.
Speaker 2:Exactly. Do not discuss government operations in public or over unprotected communications email, phone, whatever. Do not post sensitive information, and that includes seemingly harmless images or data, to company websites, publications, media or any unofficial sites, especially social networking sites.
Speaker 1:That demands constant vigilance from everyone.
Speaker 2:It really does you have to report any unauthorized disclosures or if someone tries to solicit information from you immediately. It's about actively practicing OPSC, implementing countermeasures to protect critical information, ci and controlled unclassified information, cui and any contractor security admin handling sensitive info must complete a non-disclosure agreement, an NDA.
Speaker 1:Anti-terrorism force protection training.
Speaker 2:Mandatory for personnel with routine facility access Within 30 days of starting and then annually.
Speaker 1:And the contractor is responsible for ensuring all employees complete and maintain all required Air Force training.
Speaker 2:Yes, all mandatory annual training, any new training that comes up.
Speaker 1:The.
Speaker 2:PWS lists a bunch OPSEC awareness, cui handling unit indoctrination, counterinsider threat force protection, annual Stenofo awareness, nato briefing. If they might handle NATO classified info, cyber awareness challenge, derivative classification training. It's a lot to track.
Speaker 1:And the Q&A reconfirms that all classified work happens only in government-provided facilities. No working from home on classified stuff.
Speaker 2:Absolutely not Okay. Let's shift to data rights and intellectual property.
Speaker 1:IP. This seems straightforward, but critical.
Speaker 2:It is Managed under the FAR or DFARS, the standard government acquisition regulations. The bottom line, all IP inventions, works, designs, anything created or developed under this contract shall be the sole and exclusive property of the US government, full stop.
Speaker 1:So the contractor creates it, it's immediately the government's.
Speaker 2:Correct. The contractor shall assign all rights to the government and execute any necessary documents to make that happen. That's actually CDRL A015. They also have to comply with the cybersecurity plan and all laws and regs to safeguard this government-owned IP.
Speaker 1:Which leads nicely to the cybersecurity and data protection plan itself.
Speaker 2:Right, the contractor shall develop, implement and maintain a plan that complains with all the federal laws, regulations and standards. And maintain a plan that complains with all the federal laws, regulations and standards. They specifically call out 5R52.20424 and DFARS 252.2047012, where applicable, which deals with safeguarding-covered defense information.
Speaker 1:And this plan is how they actually implement safeguards.
Speaker 2:Exactly Things like encryption, access controls, continuous monitoring, regular security audits, penetration testing and, critically, any cybersecurity incident that affects government data must be reported to the TRR and CO within 72 hours. That's another requirement under CDRO A015. Audit and test results have to be available to the government on request.
Speaker 1:What about government furnished equipment? Gfe?
Speaker 2:Standard stuff is provided workspace supplies, furniture, phones, computers. It's considered incidental to being on site. It stays there and remained accountable to the government. Access to required software and test assets is also provided, along with other approved tools.
Speaker 2:And those government computers Strictly for business purposes only. Personal use is forbidden and all data information reports. Property created or acquired by the contractor under the contract is government property and must be returned upon completion. Protect the government stuff. Although the Q&A did mention that, while most equipment is GFE, specific task orders could potentially require the contractor to procure some material or equipment themselves.
Speaker 1:Okay, Now safety requirements. This section was surprisingly extensive.
Speaker 2:It really is. It covers far more than just typical office safety. The contractor must implement a comprehensive safety program protecting both government and contractor personnel and property. That program plan is CDRL A014.
Speaker 1:And prompt reporting is key here too.
Speaker 2:Very prompt Record and report any damage or injury within one hour verbally to the COR. Prompt record and report any damage or injury within one hour verbally to the COR, followed by a formal written report within three calendar days, which is CDRL A009,. And they must cooperate fully in any safety investigations.
Speaker 1:Right Patterson uses OSHA's Voluntary Protection Program VPP.
Speaker 2:Yes, and contractors working significant hours over 1,000 quarterly must understand and comply with VPP principles and flow that requirement down to their subcontractors. They also have to report their injury incident rates TCIR and DART rates annually by January 15th C to RL A008.
Speaker 1:What really stood out was the explicit mention of awareness of a potential hazardous work environment.
Speaker 2:Yeah, that's not typical for a software contract PWS. Of a potential hazardous work environment yeah, that's not typical for a software contract PWS. They clarify the contractor won't work in the regulated industrial areas where chemicals are actively handled, but contact is possible just by being on base near those areas. They even list potential exposures like hexavalent chrome, hadmium, beryllium, lead.
Speaker 2:Definitely not just an office job environment, then no, they need to ensure proper protective measures and training for their personnel regarding these potential hazards. Compliance with all applicable environmental laws and regulations is also required, including immediate reporting of spills of reportable quantities.
Speaker 1:And Appendix C, as the PWS mentions, goes into incredible detail.
Speaker 2:It does. It covers specific requirements for mishap procedures, motor vehicles on base, aerial lifts, fall protection, walking surfaces, scaffolding, confined space, entry, hazard communication, weather plans, material handling equipment, lockout, tagout, hand tools, hazardous materials, compressed gases, machine guarding, ppe, hearing conservation, esd protection, emergency plans, electrical safety, smoking policies, cell phone use while driving.
Speaker 1:Wow.
Speaker 2:Yeah, it really highlights the rigorous safety culture required to operate in that Air Force Sustainment Center environment.
Speaker 1:Okay, so how is all this performance tracked and how do they manage the critical period when one contractor team transitions out and another comes in?
Speaker 2:The service summary in the PWS lays out key performance objectives and specific thresholds for critical tasks.
Speaker 1:This is how the government measures if the contractor is actually doing a good job, right.
Speaker 2:Exactly Things like meeting the required frequency for program management reviews, maintaining the required staffing fill rates. We talked about delivering training on time, submitting reports accurately and on schedule, all measured against specific percentages, accurately and on schedule, all measured against specific percentages.
Speaker 1:Like needing to hit 90%, 95%, sometimes even 100% for certain items to be deemed satisfactory.
Speaker 2:Right Fall below that threshold and it triggers government action. The contract data requirements lists the CDRLs are the specific list of deliverables, reports, plans, documentation. They have defined electronic formats and strict due dates, often tied to specific events or reporting periods.
Speaker 1:And the government can inspect and reject those deliverables.
Speaker 2:Absolutely. If a deliverable is found efficient, the contractor has to correct it quickly, typically within 15 days, or sometimes sooner if it's urgent.
Speaker 1:Quality control versus quality assurance.
Speaker 2:Quality control QC is the contractor's internal system. They need to establish and follow a quality control plan that's CDRL A01C, due after award, complying with standards like ANSI, asciso, quality assurance QA is the government's role. The CRR, the contracting officer's representative, is the primary QA person assessing performance against the PWS standards, noting discrepancies and requesting corrective action from the contractor.
Speaker 1:And the government can increase inspections if things aren't going well.
Speaker 2:Yes, if failures occur, the government reserves the right to increase the level and frequency of surveillance.
Speaker 1:Okay, and the transition plan? This sounds vital for continuity.
Speaker 2:It really is. It covers both phase in for a new incoming successor contractor and phase out for the incumbent contractor leaving the job.
Speaker 1:So this addresses the huge challenge of changing teams without interrupting critical government work.
Speaker 2:Exactly. The successor contractor is responsible for ensuring a seamless phase in. They have to provide a ramp up schedule, often with specific percentages, like having 50% of the work transitioned within 90 days, 90% within 150 days, and they have to demonstrate their personnel are trained, qualified and cleared appropriately to take over.
Speaker 1:And the incumbent contractor has responsibilities during phase-out.
Speaker 2:Yes, upon request from the contracting officer, the incumbent prepares a phase-out transition plan. That's CDRL A018. They have to cooperate fully to provide familiarization for the successor team. They also have timelines for transitioning workout mirroring the phase-in schedule.
Speaker 1:And their plan has to include specifics.
Speaker 2:Yes, things like identifying personnel staffing during the transition, detailed timelines, identifying the top E5 risks they foresee during the transition period and proposing mitigation steps for those risks. It's all about ensuring continuity of service for the government.
Speaker 1:Okay, one last piece manpower reporting.
Speaker 2:Right mandatory requirement the contractor has to report all labor hours, including any subcontractor hours that are charged to the contract. This is done via a secure government data collection site, usually the System for Reward Management, sumgov.
Speaker 1:Annually.
Speaker 2:Yes, reported annually by October 31st for the preceding federal fiscal year.
Speaker 1:It provides the government visibility into the total labor effort supporting the contract. Okay, so when you pull back and look at the whole picture painted by these documents, I mean from cutting edge software and simulation development, integrating actual intelligence data into threat models- Through operating complex classified networks, maintaining an incredibly intense cybersecurity posture, ensuring rigorous safety compliance and managing personnel and performance under really strict government oversight.
Speaker 1:It's a portrait of a highly specialized, incredibly complex operation. It's so much of a highly specialized, incredibly complex operation. It's so much more than just a software development contract, isn't it?
Speaker 2:Oh, absolutely. It's about providing a comprehensive capability package that can operate securely and effectively within a unique, demanding government environment to directly support advanced warfighting capability.
Speaker 1:Exactly. You know understanding these documents. It isn't just about contract compliance for companies bidding on this work. For anyone interested, it gives you this deep insight into the operational realities and the critical support structures required for these advanced defense programs.
Speaker 2:It really highlights the specific challenges and the very specific capabilities needed by contractors who want to operate successfully in this high space.
Speaker 1:It really does make you appreciate all the layers involved. And you know, considering the rapid pace of change in simulation, ai, the threats we face, yeah, what do you think of the long-term implications of that requirement we talked about to integrate Intel community developed information into threat representative capabilities? How might that continuous feedback loop, intelligence, informing, simulation, testing, how might that shape the future of defense systems and training over, say, the next decade? It feels like a glimpse into a constantly evolving landscape, doesn't it?
Speaker 2:That's a really great question to leave people with. It suggests that simulation and testing isn't aimed at a static target anymore, but it has to be this dynamic living process that constantly adapts to the very latest intelligence we have on potential adversaries. It's definitely something to keep thinking about.