The Professional Services Council (PSC) questioned the
National Institute of Standards and Technology’s (NIST) plan to create a new
Federally Funded Research and Development Center (FFRDC), in comments submitted May 9.
In an April 22 Federal Register notice, NIST announced it wants to establish the FFRDC to support its NationalCybersecurity Center of Excellence (NCCoE) established in February 2012.According to the notice, the FFRDC would provide the center: 1) research,development, engineering, and technical support; 2) program/project management;and 3) facilities management.
In the comments, PSC explained that NIST has failed to
define the scope of work narrowly enough to justify a new FFRDC and thus risks
creating an open-ended organization that will unfairly benefit from the
non-competitive, no-bid assignment of work that is contrary to statutory
requirements and presidential direction. Further, PSC showed that NIST’s claim
that it could find “no existing FFRDCs or contract vehicles” for these widely
available services stretches credulity.
First, NIST’s justification mischaracterizes the regulatory
requirements to establish a new FFRDC. The Federal Acquisition Regulation (FAR)
requires that the sponsoring agency ensure “existing alternative sources for
satisfying agency requirements cannot effectively meet the special research or
development needs,” which is different from already having a contract in place.
Second, there is ample market research readily available to
NIST and the Department of Commerce, such as through the government's own
Federal Procurement Data System, to verify that hundreds of firms are readily
capable of performing the types of tasks envisioned by NIST. In fact, elements
of the private sector are leading the way in the cyber tools and technology
arena. PSC urged NIST to conduct its own market research to validate the
diverse resources available within the private sector to meet the needs of the
NCCoE and not move forward with plans to create a new FFRDC.
