The Corporation for National and Community Service, Office of Inspector General (CNCS-OIG) conducted a review to determine whether the $2.6 million NCCC member recruitment contract is structured to meet the crucial goal of annually filling the 1,200 Traditional NCCC and 1,000 FEMA Corps vacancies with members likely to successfully complete their terms of service.
CNCS-OIG found that:
1. The NCCC recruitment contract places up to $2.6 million at risk;
2. Although the NCCC contract requires the contractor to create and maintain a database of prospective applicants that complies with CNCS cybersecurity and privacy policies and procedures, there is no assurance that the database in fact meets Federal and CNCS standards;
3. The contractor failed to demonstrate that it possesses the experience and proof of success specified in the solicitation and necessary for satisfactory performance; and,
4. The CNCS Contracting Officer’s Representative (COR) lacks the requisite recruiting experience and has not exercised sufficient oversight.
Based upon our findings, we recommend that NCCC take the following actions:
1. Decline to exercise the option to continue the recruitment contract in future years;
2. Promptly undertake a new procurement, with clear objectives, statement of work, experience requirements and professional attributes and deliverables. The new contract should be structured as a performance-based contract, with metrics tied to recruitment of applicants who meet the program criteria, meet the diversity requirements and successfully complete their terms;
3. Assign a COR who has strong recruitment knowledge and experience to effectively manage and oversee this contract;
4. Ensure that the selected contractor demonstrates the requisite past performance, meets all the technically acceptable evaluation criteria and has qualified personnel who all meet the Statement of Work (SOW) requirements; and
5. Provide bidders with the Federal and CNCS detailed cybersecurity requirements, policies and procedures, and have the CNCS information security officer review the bidder’s cybersecurity safeguards to ensure that it has the systems in place to maintain secure databases that meet applicable cybersecurity mandates and protect Personally Identifiable Information.
The Corporation agreed to implement recommendations 1, 4 and 5. With respect to recommendation number 2, while CNCS agreed to procure a new recruitment contract, CNCS committed only to "explore pursuing a performance-based contract” (emphasis added). However, NCCC treats its recruitment strategy as quantitative—increasing the leads that may generate members—and does not intend to include outcome-based qualitative metrics tied to qualifications, diversity and the ability to successfully complete service. The lack of focus on successful enrollment of highly qualified, diverse individuals who fulfill their service obligations creates a substantial risk that the new recruiting contract will be flawed and will not produce the desired program performance outcomes, resulting in additional funds at risk. CNCS also did not concur with CNCS-OIG’s findings and recommendations pertaining to the experience and oversight of its COR.