The Quality Hub Podcast
Listen Below. Learn More.
ISO Certification and Government Contracting Part 1
Episode 4 – ISO Certification and Government Contracting – Part 1
See Part 2 Here
ISO and Government Contracting Part 1
In Part 1 of a 2-part series entitled ISO Certification and Government Contracting, host Xavier Francis discusses the role of ISO certifications in securing government contracts with guests Renee Ferry and Kevin Metz from Core Business Solutions. They cover key steps in the government contracting process and highlight the challenges businesses face in securing contracts. The discussion includes tools like the “letter of commitment.” If your business is looking into government contracts, this episode is for you!
Core Business Solutions publishes ISO Certification podcast episodes weekly. You can find more episodes here.
Episode 4 – ISO and Government Contracts Podcast – Part 1
Government Contracting and ISO Certification Part 1
Hello, everyone, and thanks for listening to the Quality Hub chatting with ISO experts. I’m your host, Xavier Francis, and I’m here today with Renee Ferri, Customer Success Manager, and Kevin Metz, sales and business development manager here at CORE. Welcome to both of you today.
Thanks for having us.
Yeah, thank you. A pleasure to be here.
We’re so glad to have you with us. This week’s podcast is called ISO Certification and Government Contracting, and we’ll be discussing how ISO certifications can help you secure government contracts. But first, let’s hear a little bit about our guests. Let’s start with Renee.
Yeah. So as Xavier indicated, I’m the customer success manager here at Core Business Solutions. I’ve been with Core Business Solutions for almost seven years. I’ve been working directly with our customers. I get to welcome all the new customers who haven’t worked with us previously and I also become their point of contact for anything they need from us throughout their partnership with us, whether that be in their first program or whether they come back later.
Awesome. All right. And you, Kevin, tell us a bit about yourself.
Yeah. So, I’m our sales and business development manager. I focus on bringing in new customers to core business solutions and finding new avenues to bring business in the door. Also, find new ways to work with other companies to offer services to them as well.
Awesome. Well, glad that you’re both here. I do appreciate it. So again, we’re talking about how ISO standards can help you in gaining governmental contracts. Well, let’s start with Kevin. What are the key steps involved in the government contracting process and how does it differ from private sector contracts?
Yeah, it’s a great question. I mean, to break it down quickly, the process includes, you know, a solicitation this is where the government puts out a contract where they just want to gauge the interest, answer any questions, and define the work more thoroughly. You then go through the request for bid or RFB process, which is a very common term in the government contracting space. This is where they’ll get solicitations in the door. They’ll get the bids from competing businesses, and that will factor in a few different things.
So, a factor pricing that will factor competency and will also factor in the capabilities of the bids. Once that’s completed, they’ll award the work to a pool of companies that they have selected. This is a high level, you know, understanding of the process, but the biggest difference between this and the private sector is that you know, in the private sector, we’re used to selling. We’re used to being able to have face-to-face interactions with the government more, hey, here’s the solicitation, build your bid around that. And that’s all they see. That paper bid that comes in.
So there’s no advertising, there’s no contracting. Somebody greases the wheels a little bit. It’s here’s our here’s what we’re asking for. Give it to us and we’ll look at it.
Yeah, it’s a little bit more buttoned up. They want to you know; they want to qualify. They want to make sure that everybody’s coming in the door with a fair shot to win business. As fair a shot as you can have. And a lot of that comes down to you know, again, you have a, you know, competency that you need to prove to win the business to do that. So, yeah.
And now so like you’re saying, the bidding process is pretty much the same for everyone. All right. So, Renee, could you explain the significance of certification versus compliance with ISO standards in government contracts?
Sure. Government contracts, for the most part, require certification and not necessarily compliance. The variations that we’ve seen are that some government contracts, depending on when they drop, will allow the customer to show that they are in the process of obtaining certification and not necessarily have to have it the day that it drops. Some of them will provide a period within which then they can continue to go down that process and obtain certification. But that’s not all of them.
All right. And that’s based on the contract in that regard.
It is. Yeah. It’s on a case by case for the most part. Some of them have it and some of them don’t. And we really can’t anticipate which ones will and which ones won’t. We just have to wait until we know, until we see what details are built into that proposal.
A good example of that is the SEWP six contract that’s currently out. That’s one where they’re giving small businesses. And I will reference this later in some of the questions you have. But they’re giving us the ability to get into the contract pool first and then prove certification within a certain time frame. So that’s a very popular method if they don’t require it on the front end.
Exactly.
Okay. So, if you’re looking at it again, you might have a limited time to show that you’re heading towards certification, but you don’t have to have it the minute you submit your actual proposal.
Right. And in those circumstances, we have a tool that we call our letter of commitment, and it’s on our letterhead. It’s signed by our president, CEO Scott Dawson, who says she is under contract with us to become certified. And we give a date range within which we believe they will be certified. So that’s a tool that we’ve used with many of our customers over the years.
It gives a little more validity. The fact that, yes, we are we’re working with somebody to become certified.
Exactly.
Okay. So, it’s on a contract-by-contract basis that may or may not have that opportunity. Renee, moving on, what are the potential benefits for government agencies when working with contractors who are ISO-certified?
So the government agencies require the certifications they do because, in essence, they are ensuring that the customer or contractor has a secure foundation in place when it comes to management systems. And, you know, there are several ISO standards. You know, for 9001, it would be a quality management system for 27001. It’s a, I guess, information security management system.
That was a mouthful. ISMS.
Yep, 20001, it’s the service management system 14001 is environmental and 45001 is occupational health and safety.
So, I assume there are times that a contract might require more than one of those certifications, correct?
Yes. The requirements for these standards, in essence, really outline best practices in each of those areas and each of those industries. So, what the government space is doing then as they kind of set their pool to be folks that are already using those best practices as a foundation.
Well, that’s easy to understand. Now back to Kevin. What are the most common challenges businesses face when attempting to secure government contracts? And how can ISO standards help overcome those challenges?
One of the biggest challenges that businesses can face is going to be points and competency requirements in a lot of contract vehicles. They have a point system in place that helps to determine what level of competency they’ll be at for the contract vehicle. One of the most common ways to build your points in this case is to add certifications to the company’s bid. That’s where ISO and other industry standards come in. And at Core, you know, we come into play and find ourselves helping a lot of businesses.
So oftentimes the more certifications you have, the better your score.
Absolutely. Most commonly, you’ll find a 9001 and CMMI as kind of the top, you know, certifications referred to in government contracts. But what you’re going to find is that every contract is different. There are a lot of different contracts that are going to require different standards. Renee just went over some of those different standards, but we’ve seen contracts that emphasized ISO 14001 and 45001 and then other contracts where they emphasized ISO 27001 and 20001.
Do you find that? Okay, let’s say the contract says, okay, we want 9000, 27000, or 9000 and CMMI, if you have additional ones, you do get points?
So typically, what happens in that process is you get points for the nine and the CMMI. Those are typically on almost every government contract that we’ve seen. And those are the highest point-getters. Then those additional ones like 27, 14, 45, 20001. Those will be lower point values. But depending on where your contract currently sits from a point competency level, building those additional ones in is what’s going to push you over the edge to meet that threshold.
Right. So, they want. Yeah. Okay. Everybody gets I’m just throwing out an arbitrary number here. 14 points because they’re 9000 and CMMI but you’re 27 will give you another to your 14 that’s three. So, it does benefit you even if it’s not required. Yeah. In typically just, you know, for the listeners. You know, typically I think the point value is like 1000 for CMMI and a thousand for 9001 that drops down to five for those other standards. But because they usually list a few more, you can easily get another thousand to 1500 points just by going through all of them. And let’s be honest, going through these different standards all at once can be very advantageous, both for the customer and for, you know, cost benefits as well.
Yeah, and you can put an IMS in their integrated management system. So, it’s not always a hard jump to go from 1 to 2 or 2 to 4 if you need to.
Correct.
We see a wide variety and Core has spent a lot of time learning these different standard requirements when it comes to contract vehicles and their releases. I mean, we have a lot of great programs, and we have you know, we’ve learned to be effective with our time frame and how we can complete those projects. It’s one of the reasons that I always tell our customer base that we invest in learning these because it’s very important for the customers we work with in this space to know as much as we can learn.
Right. It’s interesting to see the combinations that often work. Now, moving on, Kevin, how do you how do these government agencies typically assess or evaluate the suitability of a contract’s adherence to ISO standards during the bidding process?
Yeah, I mean, typically it’s simple as they will require proof of certificate version with the submission of the bid. Again, you know, depending on the contract, that could differ. Typically, it’s simple. They will require proof of certification with submission to the bid. As we’ve seen from some of these different contract vehicles I referenced earlier, SEWP six is a big massive contract vehicle going through RFP right now. And that’s one where they don’t require it on the front end for small businesses. What they’re looking for is proof of, you know, working on those standards by bid. And then within a year of the award, they want to see that certification.
So, I know that we talked about it a little bit, but the compliance versus certification means you’ve gone through, gotten your audit, and you’re certified to that standard. Do they want to see some compliance before that certification or do they just want to see if you’re.
They want to know that you’re effectively in contract with somebody to help you or that you can show that you’re working towards it.
Gotcha. So, you don’t have to comply at that point.
Correct. And one thing I want to clarify, just because I always think it’s important, you know, when we talk about audits, you know, third party audit, the registrar audit or an assessor or something is an appraisal or whatever that is, because there is, of course, the internal audit.
Right, right. We’re talking about that. You’ve gotten your certification from a third-party registrar that says, yep, you meet the requirements of the standard, and you are certified, and here’s your certificate.
What Kevin was saying is that’s where we use our letter of commitment. And we’ve had that in place for many years and we’ve provided that to many customers. So that usually serves and suffices as proof that they’re in the process of obtaining certification.
Yeah, that’s a great point. I mean, that’s the highlight of what we do for government contractors, right now.
Anything else when it comes to just being on your way to certification Kevin?
Additionally, you know, we always like to emphasize that having a real certificate with an accredited registrar is very important in the government contracting space. We’ve seen a lot of examples where, you know, you send a submission in and it’s not a valid registrar and you lose out on that bid or losing out on that bid as your worst-case scenario or not your worst case.
It’s not your worst case? Just losing them, and losing the bid isn’t well, it could be worse than that.
Now, losing that bid is sometimes the best-case scenario, really the worst case. We’ve seen examples where, you know, you submit an invalid certification and you end up getting blackballed by the department that you’re, you know, issuing that bid to. And well, in the government, it can get messy. I bring this up because in anything there are a lot of firms out there. They’re going to take advantage of this. They want to offer you something that seems too good to be true. A quick implementation position with an already scheduled audit is kind of a dead giveaway that sometimes you’re heading in a place that, you know, you know, the sun shines too bright, so to speak.
Yeah, we have seen a lot of too-good-to-be-true firms. And they do cause havoc for the customer because a lot of times they’ll give you a piece of paper because they did the audit and you can be confused. That’s not a real certification. And then you go and now you’re blackballed.
You know, more than anything in the government contracting space. Don’t just look for the low number. You can’t do that, unfortunately. We like to believe we give a very fair price. But at the end of the day, we’re also here to give you information and help you do your due diligence, whether that be choosing us to work with or someone else. We always want to arm you with the most information possible. I mean, this podcast is a great example of that.
Yeah, this ends part one of our episode of ISO Certification and Government Contracting. Please tune in next week where we’ll continue our discussion with Kevin and Rene with topics like misconceptions about ISO and government contracting resource challenges, establishing your presence in the governmental contracting space, and more.
We want to thank everyone who’s listened to our podcast today.
We hope it’s been informative for you. If you’re looking for more information about core business solutions and how we can help you with ISO certification cybersecurity or even customized training, please email us at info@thecoresolution.com. You can also visit our website at www.thecoresolution.com. And if you haven’t already followed us on your favorite podcast platform, be sure to do so. That way you won’t miss the next quality podcast when it’s released next week. Have a great day.