Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF JULY 15, 2009 FBO #2788
SOLICITATION NOTICE

70 -- POLICY MANAGMENT SOFTWARE ENHANCEMENTS-COMPLIANCE 360-Detroit

Notice Date
7/13/2009
 
Notice Type
Presolicitation
 
NAICS
541519 — Other Computer Related Services
 
Contracting Office
Department of Veterans Affairs, Detroit VAMC, John D. Dingell Department of Veterans Affairs Medical Center, Department of Veterans Affairs;Acquisition Management Section (90C);John D. Dingell VA Medical Center;4646 John R. Street;Detroit MI 48201
 
ZIP Code
48201
 
Solicitation Number
VA-251-09-RQ-0247
 
Response Due
7/24/2009
 
Archive Date
8/23/2009
 
Point of Contact
Diane FosterPurchasing Agent<br />
 
E-Mail Address
Contracting Officer
(diane.foster@va.gov)
 
Small Business Set-Aside
N/A
 
Description
STATEMENT OF WORK FOR POLICY MANAGEMENT SOLUTIONThe John D Dingell VA Medical Center, 4646 John R Street, Detroit, MI 48201 intends to negotiate a sole source procurement with Compliance 360, 1185 Sanctuary Pkwy, Suite 250, Alpharetta, GA. The proposed contract action is for the purchase of a policy management solution to manage the full life-cycle for their policies. We want all policies stored in a centralized location with easy key-word search access. We also want to show evidence of compliance by linking our policies to the regulations and standards they support. During the term of the agreement, Compliance 360 agrees to provide Support Services for the hosted products purchased by the John D Dingell VA Medical Center as set forth in the contract. As part of the support services, Compliance 360 will also provide Application Support, meaning assistance to the VA Medical Center in identifying and resolving questions or difficulties in using the software applications components of the products. The Policies Module will be used to create and organize our policies and procedures through the use of policy manuals, sections, and policy information pages. Policy and procedure documents are handled electronically from start to finish; uploading, collaboration, approval, revisions, and version history. Users may search through locked policies to read them buy security can be set to limit access if necessary. Policies can be linked to standards, laws, and regulations in order to show evidence of compliance. Reports can be configured to retrieve desired information. Features & Benefits: central location for storing policies, link policies to regulations/standards as proof of compliance, automated workflow for more efficient management, automated reminders for key policy dates Linked to Outlook, Rich searching capabilities, robust policy reporting system and web-based. Physical Security: All of the production systems are collocated at a Tier 1 facility. As a result physical access to the systems is strictly monitored and enforced. There are 4 employees of Compliance 360 that have access, and to enter they are required to provide identification. Once inside, they are required to provide a series of security badges and keys to access our systems. Network Security: At the edge of our external network are routers and firewalls that only allow port 80 and 443 traffic through. Once past those layers, there are a series of layer 3 switching, SSL accelerators, and load balancers that pass the request onto the web and application servers, which are on the non-routable side of the architecture. Each transaction (web or API) that is serviced between Compliance 360 and the user is 128-bit SSL encrypted. The session between Compliance 36 and the user is handled via an additionally encrypted session cookie that contains unique identifying characteristics. From this session ID, we are able to determine who the user is and what organization the user belongs to. This ensures that we only present records that are owned by the users organization. Application Security: The service has a full hierarchical sharing model that allows our customers to control visibility of information from the division level all the way down to the data object level. This sharing model is setup and maintained by the customer to ensure the proper data sharing rules are put in place. Also, each customer receives a unique file storage area, database and service account. All files and databases are protected by access control lists linked to the service account. The Government intends to solicit and negotiate with only one source under authority of FAR 6.302-3(a)(2)(ii). All FAR provisions and clauses may be reviewed and/or obtained from the General Service Internet address http://www.arnet.gov/far. This notice of intent is not a request for competitive proposals. A determination by the government not to compete this proposed contract, based upon responses to this notice, is solely the discretion of the government. Firms that believe they can meet the VAs requirements must submit proof to the Contracting Officer, Diane Foster, either by fax 313-576-1327 or e-mail: diane.foster@va.gov no later than July 24, 2009 at 9:00a.m. local time. All information shall be furnished at no cost or obligation to the government. If you have any questions please feel free to contact Stacy Wright, Program Support Assistant, Quality Management at 313-576-1000 X63862 or Jonathan Small (313) 576-5169.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/VA/DtVAMC/VAMCCO80220/VA-251-09-RQ-0247/listing.html)
 
Place of Performance
Address: JOHN D DINGELL VA MEDICAL CENTER;4646 JOHN R STREET;DETROIT, MICH<br />
Zip Code: 48201<br />
 
Record
SN01873883-W 20090715/090714000252-91adb0e1774f7880c1c9d90f79a140f5 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.