The Request for Proposal (RFP) should communicate to all Offerors the concept that risk management is an essential part of the Government’s acquisition strategy.
Before the draft RFP is developed, the PM should conduct a preliminary risk assessment to ensure that the program to be described in the RFP is executable within technical, schedule and budget constraints. Based on this assessment, the technical, schedule, and cost issues identified should be discussed at pre-proposal conference(s) before the draft RFP is released. In this way, critical risks inherent in the program can be identified and addressed in the RFP. In addition, this helps to establish key risk management contractual conditions as emphasized in the DoD 5000 series. During the pre-proposal conference, Offerors should be encouraged to identify all elements at any level that are expected to be moderate or high risk.
In the solicitation, PMs should ask Offerors to address:
- A risk management program
- An assessment of risks
- Risk mitigation plans, for moderate and high risks
In addition, the RFP should identify the requirement for periodic (define the frequency) risk assessment reports that would serve as inputs to the PM’s risk assessment and monitoring processes, and ensure that risks are continuously assessed. Some programs require risk assessment reports for integration into quarterly Defense Acquisition Executive Summary reports.
Each RFP section is intended to elicit specific types of information from Offerors that will, when considered as a whole, permit selection of the best candidate to produce the goods or perform the services required by the Government. A number of sections of the RFP are key to risk management and are described as follows, including examples of typical clauses.
Section C -- Description/Specifications/Statement of Work. This Section of the RFP includes any description or specifications
needed. Statements describing risk management requirements may be included
directly in Section C or by reference to the Statement of Work (SOW) or
Statement of Objectives (SOO). A typical Section C clause is shown
||Sample RFP Section C
"The Offeror shall describe its proposed risk management program. The Offeror shall describe how they intend to identify, assess, mitigate, and monitor potential technical risks. Critical technical risks which may adversely impact cost, schedule, or performance shall be identified along with proposed risk mitigation methods for all risks identified as moderate or high."
Section L -- Instructions, Conditions, and Notices to Offerors. This Section of the RFP includes provisions, information and
instructions to guide Offerors in preparing their proposals. Risk management
requirements in Section L must be consistent with the rest of the RFP; such as
tasking established in Section C, the SOW; evaluation criteria in Section M;
and Special Provisions in Section H. The requirements must ensure the
resulting proposals will form a solid basis for evaluation. The statements
below provide examples from Navy programs for use in structuring Section L
requirements to include risk management.
Volume I Part C -- Management Proposal.
Relevant Past/Present Performance
||Sample RFP Section L
Offeror shall demonstrate its past/present performance in critical
requirements and processes and its ability to understand and resolve
technical risk issues within its organizational structure, including
interaction with its subcontractors. The Offeror shall discuss past/present
performance in the implementation of risk reduction/mitigation efforts
similar to those proposed for the reduction of all risks identified as
moderate or high."
Volume I Part D -- Technical Proposal.
"Risk Management. The Offeror shall provide a detailed description of the Risk management program to assure meeting the RFP requirements and objectives. The Offeror shall define and commit to the risk management program, including risk planning, identification, assessment, mitigation, and monitoring functions. The Offeror shall explain how its risk management process is related to the systems engineering and overall program management processes. The Offeror shall identify moderate and high technical risk areas, the known and potential risks in these areas, and the rationale for risk mitigation techniques proposed for these risk areas."
Section M -- Evaluation Factors for Award. Section
M notifies Offerors of the evaluation factors against which all proposals will
be evaluated. These factors should be carefully structured to ensure that
emphasis is placed on the critical factors described in Section L. They should
set forth the relative importance of technical, cost (development versus
production versus operational and support), schedule, management, and other
factors, such as risk management and past performance, as set forth in the
Source Selection Plan. The statement below provides an example for structuring
Section M requirements to include risk management.
"The Government will evaluate the Offeror’s proposed risk management program and plans for identifying, assessing, mitigating, and monitor risks, as well as proposed plans for mitigating those risks identified as moderate or high."
When structuring Technical and Management evaluation criteria for Section M, risk management should be included as a factor or subfactor, as required by Part 3, paragraph 3.3.2 of DoD 5000.2-R.