Bid vs. Proposal What’s the Difference?

While scanning State and Federal agency contracting sites, I’ve seen different uses of the words “bid” and “proposal.”  From the contractor/supplier point of view, these terms may seem interchangeable.  Indeed, it even seems that some government contracting agencies use these terms as synonyms. In the second edition of his 2016 book, “Contracting for Services in State and Local Government Agencies,” William Sims Curry tells us that in a 2015 research project, only 73% of contracting agencies reported that “they used the term ‘proposal’ exclusively when referring to contractor responses to RFPs.”

Bid vs. Proposal, What Is the difference?

From a best-practice prospective, there is a significant difference between these two words.  Using these terms as synonyms could lead to misunderstandings of a government agency’s intention in terms of how the information contained in Request for Proposals (RFP) or Invitation for Bids (IFB) responses will be treated.  Such confusion can lead to contractor/supplier protest, resulting in delayed decisions and unwanted legal actions and publicity.   Curry tells us that “these terms cannot be used interchangeably because each type of solicitation is unique and subject to differing rules.”

So here are the rules for using “bid” and “proposal.”

The word “bid” should only be used to describe a response to an IFB or Request for Bid (RFB).  These solicitations are typically straight forward initiatives to secure commodities, capital equipment or construction work and normally not services.  Bid responses are always subject to disclosure at public openings and are not subject to (price, terms & condition, timing, etc.) negotiation.

On the other hand, the term “proposal” is only used to describe a response to a RFP, which is used primarily to secure services or a combination of products and services. RFPs are more complex than IFBs or RFBs due to the nature of their requirement, which can be satisfied in different ways.  The RFP is designed to help the contracting agency understand the various proposed methods and approaches that can be used to meet the requirement.  The variability of responses may include information considered proprietary, confidential, sensitive or a competitive secret by the proposing contractor/supplier.  For that reason, and the fact that provisions of the proposal are subject to negotiations, the details provided in contractor proposal responses are typically not subject to immediate public disclosure.   The reason for this is that the contracting agency, after reviewing a proposed approach to satisfying the RFP requirement, may desire changes to a prospective contractor’s approach in terms of timing, methodology, resourcing, objectives, cost, etc.   The contractor recommended by the contracting agency will most likely be selected if both parties can agree to the changes.

So, What Does This Mean To You?

If you are the contracting agent, you will want to adhere to the described usages of the terms “bid” and “proposal.”  If, for any reason, you cannot then make sure to at least clearly state your intention of how the information contained in received proposal and bid responses will be disclosed.  Government agencies tend to be bound by laws requiring more transparency than private corporations when it comes to disclosing responses. I have seen options offered by governmental agencies to allow contractors to submit a redacted version of their proposals to satisfy the need for subsequent public disclosure of RFP responses.

If you are a contractor/supplier, know that not all contracting agencies adhere to the same usage/treatment of the terms “bid” and “proposal” as described in this blog.  You may want to reconsider responding to a RFP where the contracting agency or organization intends to disclose sensitive information contained in your response to the public—and your competitors.  Most contracting agencies do not publicly disclose proposal information prior to contractor selection. However, after a contractor has been selected, proposals are normally subject to public release rules unless the contractor marked certain portions of its proposal as “proprietary.” Contracting agencies normally reserve the right to determine whether information marked “proprietary” by the contractor is actually proprietary. There are ways to mitigate this risk but you will want to read the nitty gritty details contained in that RFP. In any case, you should submit written questions to the contracting agency requesting clarification.

Advertisements

Does That RFP Smell Phishy?

phishing-attack

 

How do you know that RFP solicitation you just received is real?

You don’t, unless you know what to look for and are aware of the threat.

 

 

For clients, I monitor and evaluate RFP/RFQ opportunities from various state, federal and corporate agencies across the US and just received this message from the Maryland State Dept of Information Technology.


Subject: Message to Vendors regarding fraudulent emails

State of Maryland has been made aware of a new phishing scam that targets the community of vendors doing business with the State of Maryland. A phishing attack occurs when a fraudster tries to trick you into sharing personal information online.


 

In Todd R. Weiss’ online article “$100M Email Phishing Case Offers Lessons Learned for IT,” Neil Wynne, an IT security analyst with Gartner warns that “business email attacks have been occurring with significantly higher frequency in recent years.”

Have you received phishing email?  If your answer is no, then you don’t know what the threat looks like.  It is safe to say that EVERYONE on this planet who is Internet connected has received one of these email based IEDs (or Internet Explosive Devices as I like to call them).  So what do you do when you receive one of these?

The answer varies with your situation but there are some common actions and things to know, consider and do.  For example . . .

In it’s email warning, Maryland State Dept of Information Technology helped its existing and potential vendors/suppliers by doing two things:


First was to educate by saying:

“The scam attempts to lure vendors into taking certain actions, including visiting a fraudulent website to input personal information and/or to download malicious programs. Other messages request that the vendor remit payments and provide remittance information within the body of the message in the form of a routing and account number.

The State of Maryland does not request payment or ask its vendors to provide personal information via email.”

The second was to create a call to action with the following statement:

“If you receive an email similar to the ones below, don’t reply. You should delete the message immediately. Do not open attachments, click links contained in the email, or provide any data to the websites mentioned or linked. Refrain from remitting payment to bank account information provided.

Update your subscriptions, modify your password or email address, or stop subscriptions at any time on your Subscriber Preferences Page.”


 

Maryland State Dept of Information Technology’s approach is good! But the one BIG thing I did not like about their email warning is that it had links.  That immediately raises a red flag in my mind.

What I have more commonly seen is a statement that says something like feel free to visit the institution’s website or call if you have any questions. No links or phone numbers are provided in those messages. Given the nature of the situation, rather than rely on email links, I think it is understandable that you should use the contact information already on hand to establish any desired communications to the institution.  After all, how do you know that someone didn’t send out a fake message pretending to be the Maryland State Dept of Information Technology? Yea, yea, I know this can get real squirly. So what is the solution?

In Todd’s article we read that a key tool to fighting phishing attacks “is a secure email gateway” along with a host of other rather complicated security technology solutions.  But reliance just on technology is not the ideal solution here, especially for budget wary or non-tech savvy small businesses.   Also, I take Wynne’s statement about how “attackers are easily bypassing these traditional prevention mechanisms,” one step further to say that attackers (especially those who are well financed) will continually exploit the inherent insecurity in our Internet that was originally meant to be open to all.  For example, did you ever wonder why Microsoft is always sending out Windows security updates and patches?  Bottom line here is you need more than technology to fight this problem.

Ultimately, the solution lies not with technology alone but in combination with human beings recognizing suspicious emails and deciding what should be done.   I think Gartner’s Neil Wynne agrees when he said “ultimately, the fact remains that human beings are the most vulnerable point of any information system.”

Whatever you do, the last line of defense against phishing attacks will always be employees who must receive the latest training to help them recognize and respond to phishing attacks and encouragement to remain vigilant or else as Rob Enderle, principal analyst at research firm Enderle Group warns “over time, people tend to start thinking it will never happen to them…”

phishing-attack 2

 

So, do you know when someone is phishing for your confidential information?

Check this image to learn the signs or (if you don’t trust my links) just Google “stop phishing attacks.”

Once Upon A Time, There Was This RFP and . . .

Before you respond to a RFP/RFQ solicitation you should first know its complete story. Only then will you be able to answer the question- do you have a good chance of being selected?  OK, that’s obvious.

But what’s not so clear is knowing what goes into qualifying a RFP/RFQ opportunity as something worthy to bet your resources.

Last year, a small business owner put in a lot of time and effort to respond to thirty RFP/RFQ vendor solicitations- and won zero.  Turns out she responded to the wrong opportunities.  Even though her business could satisfy the requirements, she didn’t know the “story” behind those thirty RFPs.  If she had, she would never have responded.  Instead, she would have found other RFP/RFQ opportunities whose complete story is more compatible to her organization.

More importantly, she must realize that the real story often times has nothing to do with the RFP/RFQ’s scope of work requirements.  The story usually includes hidden themes that can outweigh scope of work requirements.

telling-a-story-1024x790So, gather your team and explore the theme(s) behind the RFP/RFQ solicitation’s story when it comes your way.  Your assessment should go way beyond the obvious question of whether you can satisfy the scope of work.  For example, consider how compatible these potential story themes are to your organization in terms of: goals/objectives, culture, size, industry, etc.

  1. What is the real purpose of the solicitation? Does the contractor really want your business or is s/he just price checking to ensure that a preferred vendor’s offer is competitively priced?
  2. How important is relative experience in the industry represented by the RFP/RFQ contractor? I’m not talking about the industry inferred by the scope of work requirements but rather the organization that issued the solicitation.
  3. Can the “size” of the project be perceived to outweigh the “size” of your organization in the eyes of the RFP/RFQ contractor’s vendor response evaluation person or committee?
  4. Given the apparent complexity of the RFP/RFQ opportunity, do you even want to deal with the organization that issued the solicitation?
  5. Does the overall scope of work seem like an uncoordinated/impractical wish list that is better off divided into more reasonable parcels?
  6. How does the projected timing of the work to be done compare to the contractor’s organizational budget cycle?

I can go on and on and on, but you get the idea.

So, what RFP/RFQ solicitation story themes can you think of?  Send your themes to me and I will share with everyone.

img_0826