HP loses fight for CDM contract at DHS

Find opportunities — and win them.

HP Enterprise Services cried foul when DHS found its technical solution "not acceptable" but GAO sided with the agency. What are the lessons learned for HP and the rest of the industry?

Hewlett-Packard Enterprise Services went up against 10 other companies in a competition to provide cybersecurity services to the Homeland Security Department.

The competition under the Continuous Diagnostics and Mitigation contract was won by Knowledge Consulting Group and HP cried foul in its protest with the Government Accountability Office. HP’s main complaint centered on DHS’s finding that its technical approach was not acceptable.

Meanwhile, Knowledge Consulting’s approach was dubbed “excellent” and its price of $29.1 million was more than $1.5 million lower than HP’s price of $30.1 million.

The contract is to provide CDM as a service across 11 DHS components under a three-year task order.

DHS’s technical evaluation board found four concerns with HP’s proposal:

  • Several erroneous assumptions about DHS’s infrastructure.
  • Proposed use of an enterprise service bus software architecture model that had two serious weaknesses.
  • Proposed architecture would add complexity, long-term effort and long-term inefficiency.
  • During the Q&A session, HP told DHS that it was dissatisfied with its own proposed tool set.

HP argued that that DHS’s technical evaluation was unreasonable and didn’t follow the terms of the solicitation. HP said it based its proposal on the solicitation requirement that bidders propose tools that leverage the installed based at the DHS components.

But DHS argued that HP focused on that one sentence in the solicitation and that HP didn’t address the other technical approach requirements.

DHS wanted a standardized “One DHS” solution. To achieve this, DHS was looking for six things:

  • A technical solution that encompassed both common and DHS component-unique requirements.
  • A feasible methodology for promptly achieving and sustaining steady state operations and maintenance environment.
  • A reliable approach for meeting security requirements.
  • An effective and efficient approach to project logistics
  • An effective response to tasks, meeting DHS systems engineering life-cycle requirements and achieving an efficient schedule for delivery and integration of CDM products, implementation and deployment.

While DHS found that HP was leveraging the installed based, evaluators raised concerns about the company’s methodology. They described the HP solution as “non-feasible.”

HP also argued that the DHS technical evaluation prejudiced the agency against HP’s proposal. But GAO denied this argument as well. Even if HP’s technical approach had received an acceptable or excellent rating, it would still lose the competition.

Knowledge Consulting had an excellent rating. “At best HPES would be technically equal to KCG, and it would remain higher priced,” GAO wrote. “As HPES cannot demonstrate the possibility of a price/technical tradeoff between its quotation and that of KCG, we find that HPES has failed to establish prejudice from the agency action it protests.”

As with other bid protest decisions we’ve seen, GAO makes it clear that it is not in the business of second guessing agency decisions when there is a record of how the agency made its decision and how that decision fits with what it is asking for in the solicitation.

A second lesson is that bidders really need to read and understand the solicitation and to check their assumptions at the door.

Clearly, there were questions HP should have been asking as it developed its proposal and they were asking those questions, namely, will our solution work for the customer?