Loren Data's SAM Daily™

fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF DECEMBER 05, 2007 FBO #2200
SOURCES SOUGHT

D -- Certification and Accreditation (C&A)

Notice Date
12/3/2007
 
Notice Type
Sources Sought
 
NAICS
541513 — Computer Facilities Management Services
 
Contracting Office
Bureau of Indian Affairs; Reston, VA
 
ZIP Code
00000
 
Solicitation Number
HP-08-05
 
Response Due
12/24/2007
 
Archive Date
12/28/2007
 
Point of Contact
Herb Payne, 703-390-6472
 
E-Mail Address
Email your questions to Bureau of Indian Affairs
(703-390-6472)
 
Small Business Set-Aside
N/A
 
Description
Project Description The Bureau of Indian Affairs (BIA) intends to award a single contract to provide certification and accreditation (C&A) support to the Bureau of Indian Affairs (BIA) Support will include assistance in fulfilling obligations to comply with OMB Circular A-130, and the Department of Interior (DOI) Certification and Accreditation (C&A) Program, Federal Information Security Management Act (FISMA) and other appropriate laws, directives, policies, standards and guidelines. Under current Federal C&A requirements, an Information Technology (IT) system is required to undergo authorization to process before going into production and at least once every three years or when major modifications occurs. The DOI C&A guidance provides a standardized approach to obtaining an authorization to operate (ATO) for Department of the Interior (DOI) Sensitive But Unclassified (SBU) IT systems undergoing the C&A actions required by the Office of Management and Budget (OMB) Circular A-130, Appendix III, Security of Federal Automated Information Resources. The formal C&A process, with associated documentation, provides evidence of a risk-based methodology that complies with National Institute of Standards and Technology (NIST) Special Publications (SP) and other Federal regulations. This process will help define measures of performance used to assure all necessary IT system security controls are implemented, tested, risks are assessed, and security plans are maintained. The Contractor shall provide C&A support to meet the requirements of the DOI C&A Program as described in the DOI C&A Guideline, DOI Risk Assessment Guide, DOI POA&M Process Standard, FIPS 199, Standards for Security Categorization of Federal Information and Information Systems; FIPS 200, Minimum Security Requirements for Federal Information and Information Systems; NIST 800-12, An Introduction to Computer Security; NIST 800-18 Rev. 1, Guide for Developing Security Plans for Information Technology Systems; NIST 800-26 Rev. 1, Security Self-Assessment Guide for IT Systems; NIST 800-30, Risk Management Guide for Information Technology Systems; NIST 800-34, Contingency Planning Guide for IT Systems; NIST 800-37, Certification & Accreditation; NIST 800-47 Security Guide for Interconnecting IT Systems, NIST 800-53 Rev. 1, Recommended Security Controls for Federal Information Systems; NIST 800-53A, Guide for Assessing the Security Controls in Federal Information Systems; NIST 800-60, Guide for Mapping Types of Information and Information Systems to Security Categories; NIST 800-64 Rev. 1, Security Considerations in the Information System Development Life Cycle; and NIST 800-65, Integrating Security into the Capital Planning and Investment Control Process. Contractor will work with IA staff and other IA contractors that have been engaged to provide similar services. IA?s Director of DISP and the C&A Project Manager will identify activities that are to be performed by the contractors and in establishing work priorities. Indian Affairs management staff will work with the contractor?s on-site point-of-contact on technical issues. This acquisition will be a 100% Buy Indian set-aside under the Buy Indian Act. The solicitation will be available on approximately January 14, 2008. The proposal due date will be included in the instructions to offerors within the solicitation. Potential contractors must register with the Central Contractor Registration (CCR) database, the primary Government repository for Contractor information required for the conduct of business with the Government. Offerors may obtain information on registration and annual confirmation requirements via the internet at http://www.ccr.gov or by calling 1-888-227-2423. The anticipated awarded period of performance shall be one base year with four option year periods for a potential five-year contract term. All responsible sources may submit a proposal, which shall be considered by the agency. All requests for the solicitation shall be in writing by sending a fax to 703-390-6582 to the attention of Herb Payne. Please list your company name, point of contract, phone number, fax number, email address and solicitation reference (HP-08-05; C&A). Telephone requests shall not be accepted. Instructions will be given within the RFQ on how to respond to the solicitation.
 
Place of Performance
Address: 2051 Mercator Drive, Reston, VA
Zip Code: 20191
Country: US
 
Record
SN01462291-W 20071205/071203230056 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)

FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.