Our Capability Statement

Download a Copy of Our Gov Slick

Five Government Acquisition Sites That Separate Strategy From Guesswork

Five Government Acquisition Sites That Separate Strategy From Guesswork

Jan 6, 2026

Recent Posts

Contract Management

Before OASIS+ Phase II Opens, GSA Is Sending a Clear Message to Industry

Dec 22, 2025

For months, OASIS+ Phase II existed in a familiar government limbo: announced, anticipated, and quietly debated across industry. That ambiguity is now giving way to structure.In mid-December, the General Services Administration released a series of materials that move Phase II decisively toward execution, including draft evaluation scorecards, confirmation of expanded service domains, and clearer signals about timing and process. Together, these updates suggest that GSA is less focused on broad announcements and more intent on operational readiness across the OASIS+ ecosystem.This is not a formal opening. But it is an unmistakable cue to prepare.Draft Scorecards Offer a Preview of How Phase II Will Be EvaluatedGSA has published draft Domain Qualification Matrices and scorecards for all 13 OASIS+ domains, providing industry with early visibility into how Phase II submissions are expected to be assessed.While explicitly labeled as draft, these materials outline the core evaluation framework GSA intends to use, including how experience, organizational maturity, and supporting documentation may be reviewed. The release aligns with GSA’s broader OASIS+ program documentation, which emphasizes consistency, transparency, and readiness across contract holders and prospective vendors.The practical implication is straightforward: this is an opportunity to validate assumptions now, not after formal amendments are issued.Five New Domains Expand Scope While Narrowing ExpectationsPhase II formally expands OASIS+ to 13 total domains, adding five new service areas:Business AdministrationFinancial ServicesHuman CapitalMarketing and Public RelationsSocial ServicesEach domain introduces its own scope definitions, CLIN structures, and NAICS alignments, all detailed within GSA’s program materials and supported by updates shared through the OASIS+ Interact community.This expansion broadens access to the vehicle, but it also sharpens expectations. As GSA has noted in program guidance, domain participation is intended to reflect demonstrable service delivery capability, not generalized positioning. Domain selection, therefore, becomes less about coverage and more about credibility.Existing Contract Holders Face a Near-Term Administrative RequirementFor current OASIS+ contract holders, Phase II preparation includes an immediate procedural step.GSA has issued a bilateral contract modification incorporating Phase II scope expansion and regulatory updates. According to official notices posted to SAM.gov, this modification must be executed before contractors can submit requests to add new domains under Phase II.Although administrative in nature, the modification functions as a gate. Contractors that delay execution may find themselves operationally sidelined once Phase II activity accelerates.Continuous Open Does Not Eliminate the Importance of TimingPhase II will continue OASIS+’s continuous open solicitation model, a structure designed to reduce artificial deadlines and allow for ongoing participation. However, GSA communications make clear that requests tied to Phase II cannot proceed until the formal amendment is released, which is currently anticipated in early 2026 (U.S. General Services Administration, OASIS+ Program Documentation).In practice, continuous open solicitations reward preparation, not procrastination. Organizations that enter Phase II with documentation aligned, domain decisions finalized, and internal reviews complete will be positioned to act deliberately rather than reactively.GSA Is Signaling a Readiness-Driven ApproachAcross program documentation, SAM.gov notices, and OASIS+ Interact announcements, GSA has consistently emphasized a common set of preparatory actions:Review updated contract languageAnalyze domain scope and NAICS applicabilityAssess alignment against draft scorecardsMonitor official updates through SAM.gov and the OASIS+ Interact communityThis level of clarity reflects a broader shift in how GSA is managing large, multi-award vehicles. The focus is increasingly on transparency, standardization, and sustained readiness rather than one-time competitive events.What Industry Should Be Watching NextWhile final Phase II language has yet to be released, several directional indicators are already visible:Draft scorecards are likely to evolve, but the underlying evaluation structure is expected to remain intact, making early alignment work durable.Domain expansion will increase opportunity while also increasing scrutiny, particularly around how experience maps to defined scope.Continuous open participation will favor organizations that treat readiness as an operating posture rather than a periodic exercise.Your next steps:Rather than rushing toward submission, contractors may benefit from:Reassessing domain selections with an emphasis on provable depth rather than aspirational breadthInventorying and pressure-testing supporting documentation well ahead of formal Phase II activityTreating early 2026 as a readiness checkpoint, not a starting linePhase II is no longer theoretical. The structure is emerging, expectations are clearer, and the signal from GSA is consistent: preparation will matter. 

Cover image for Security+ Certification vlog Week 4 thumbnail featuring Starla Condes smiling, with text reading “Security+ Certification vlog” and “Week 4: Building Confidence Without Perfect Conditions” on a blurred background.

Workforce Development

Security+ Certification: Week 4 – Building Confidence Without Perfect Conditions

Dec 18, 2025

Week 4 of Starla Condes’ Security+ Certification journey highlights a shift many learners experience partway through studying: the material becomes heavier, life becomes louder, and progress depends less on ideal study conditions and more on adaptability. This week isn’t about smooth momentum. It’s about continuing anyway.Starla is deep into Domain 2, working through denial-of-service attacks, DNS-related threats, malware concepts, and application vulnerabilities. At the same time, she’s balancing family responsibilities, late nights, and the reality that time doesn’t always cooperate with study plans. What stands out is not how much she studies, but how she responds when things don’t go exactly as expected. Understanding Attacks Beyond the DefinitionsThis week’s technical focus centered on denial-of-service concepts and how different attack types scale. Starla breaks down the difference between a standard denial-of-service (DoS) attack and a distributed denial-of-service (DDoS) attack in practical terms.A DoS attack disrupts availability by overwhelming a service from a single source.A DDoS attack amplifies that disruption by using many systems at once, often through botnets made up of compromised machines working together.This distinction matters for the Security+ exam, but it also matters operationally. Understanding how attacks scale helps learners grasp why detection, response, and mitigation strategies differ depending on the threat. Security isn’t just about identifying attacks; it’s about recognizing patterns and intent behind them.Starla reinforces this understanding through labs, not just videos, which is a critical step for moving from theoretical knowledge to applied comprehensionWhen Studying Gets HeavierAs the week progressed, the content became more demanding. Malware analysis, injection attacks, application flaws, and endpoint detection and response (EDR) tools all entered the picture. This is the stage where Security+ stops feeling introductory and starts requiring synthesis across topics.Starla acknowledges that the week felt heavy, but productive. She revisited topics, replayed explanations, and focused on understanding rather than rushing forward. That mindset aligns well with how CompTIA frames Security+: broad coverage, but with enough depth to test whether learners actually understand how systems behave under attack.One insight she shares stands out:Prevention is loud, but resilience is quiet.That observation reflects a mature understanding of cybersecurity. Preventive controls get attention, but resilience is built through preparation, response planning, and recovery — areas that Security+ increasingly emphasizes.Measuring Progress Without PerfectionWeek 4 also included early performance checks. Starla completed practice questions and quizzes across the first two domains, scoring between 80% and 90%. More importantly, she noticed a change in how she felt approaching the material: calmer, more confident, and less reactive when she didn’t immediately know an answer. This is an important milestone. Confidence in cybersecurity doesn’t come from knowing everything. It comes from trusting your ability to reason through unfamiliar scenarios.Starla also registered for a two-week, on-campus Security+ bootcamp. Her goal is to complete most of Domain 3 before attending, possibly moving into Domains 4 and 5. The strategy is clear: build enough foundational understanding so the bootcamp becomes reinforcement and refinement, not first exposure.Balancing Real Life With Real LearningOne of the most relatable aspects of Week 4 is Starla’s acknowledgment that she hasn’t been as consistent as she wanted to be. Family commitments, school events, late nights, and daily responsibilities competed for attention.Instead of framing this as failure, she reframes it as reality.Progress doesn’t require perfect schedules. It requires flexibility and the willingness to adjust without giving up. With 65 days remaining in her study timeline, Starla focuses on continuing forward rather than catching up all at once.This reflects what research consistently shows about adult learners: persistence and adaptability matter more than rigid plans. Learners who succeed are often the ones who keep going when conditions aren’t ideal, not the ones with uninterrupted study time.What Week 4 Really ShowsStarla’s Week 4 isn’t about dramatic breakthroughs. It’s about something more sustainable:Building understanding instead of memorizingAccepting slower weeks without quittingUsing assessments as feedback, not judgmentLetting confidence grow quietly through repetitionFor anyone preparing for Security+, especially those balancing work, family, or non-technical roles, this week reinforces an important message: competence is built gradually, and confidence follows effort, not perfection.Week 4 captures the moment when studying becomes less about motivation and more about commitment.Stay tuned for Week 5 as Starla continues moving into deeper domains and preparing for the transition from independent study to immersive bootcamp learning.

Title	Category	Published Date