SOURCES SOUGHT
B -- Carlsbad Field Office Sources Sought DRAFT
- Notice Date
- 3/27/2015
- Notice Type
- Sources Sought
- NAICS
- 541690
— Other Scientific and Technical Consulting Services
- Contracting Office
- EMCBCU.S. Department of EnergyEM Consolidated Business Center250 E. 5th Street, Suite 500CincinnatiOH45202US
- ZIP Code
- 00000
- Solicitation Number
- DE-SOL-0008257
- Response Due
- 4/10/2015
- Archive Date
- 5/10/2015
- Point of Contact
- Lenny Flagg
- E-Mail Address
-
lenny.flagg@emcbc.doe.gov
(lenny.flagg@emcbc.doe.gov)
- Small Business Set-Aside
- Total Small Business
- Description
- SOURCES SOUGHT / REQUEST FOR EXPRESSIONS OF INTEREST (EOI) THIS IS A REQUEST FOR INFORMATION (RFI) ONLY. THIS RFI IS RELEASED PURSUANT TO FAR PART 15.201(E), EXCHANGES WITH INDUSTRY. THIS ANNOUNCEMENT IS NOT A REQUEST FOR PROPOSALS (RFP) AND SHALL NOT BE CONSTRUED AS A COMMITMENT BY THE GOVERNMENT TO AWARD A CONTRACT AT THIS TIME. The U.S. Department of Energy (DOE) has a need to establish a baseline for operational security awareness for the Waste Isolation pilot Plant and other operations for the Carlsbad Field Office. The current Operational Security Policy requires actions and general employee awareness to ensure the protection of critical information. However, the security culture within WIPP operations does not appear to have matured beyond minimum requirements for the protection of sensitive information. Since implementation of the current policy, work practices have evolved with changing technology, the old techniques for security awareness have proven to be too slow and inadequate to mitigate against growing security threats. The intent is to gather information without the knowledge of general management or staff. Testing and evaluation should be planned to assess actual practices by WIPP employees performing normal duties. This is not to be a test of tactical security responses or use of force. I nstead, this is an assessment of routine practices that should limit and control access to CBFO facilities to only authorized business. In addition, this is to also assess routine practices to limit and control sensitive information, such as personally identifiable information, sensitive operational information, or information technology control details. Once identified, vulnerabilities and areas needing improvement need to be reported with recommended training plans designed to provide awareness level training for WIPP employees. The final report is expected to provide CBFO a baseline rating of how operational security practices are maintained, a plan for training needs, and key indicators that can be assessed in the future to evaluate progress. Therefore, the outside entity must possess requisite competencies that can test, evaluate, provide recommendations and provide responsive training in these unique areas. The Contractor shall provide subject matter experts to perform testing and evaluation of current operational security practices. They must provide CBFO a final report that identifies key areas needing improvement, and provide responsive training to address vulnerabilities in current practices. The areas needing assessment include: ?Control of information leakage through email phishing and spam ?Control of information leakage through social interactions, telephone usage and social media ?Access control of visitors, vendors and solicitors ?Access control by security protective force and visitor interface The contractor will be responsible for providing an approved plan to test and evaluation operation security practices for CBFO/WIPP operations. The contractor shall perform testing without alerting general staff of evaluation. After evaluating security practices, the Contractor shall prepare a detailed a report that identifies vulnerabilities, provides recommendation for corrective actions, provides a recommended training plan for long-term improvement of operational security practices, and provide responsive training to address immediate needs. The contractor shall provide deliverables in accordance with the Reporting Requirements Checklist. ?Pre-Penetration testing discussion ?Approved ?Rules of Engagement? agreed upon by both parties ?Prior to completion of testing, one initial out brief to the Security Officer ?A draft written report within 30 days of completion of the Penetration Test to the Contracting Officer and Security Officer ?Final report within 90 days of response and comments to the draft report ?Final report will include recommendations of areas needing improvement, initial training plan to address those areas ?Formal presentation of final report and findings to Security Officer The North American Industry Classification System (NAICS) code for these requirements is 541690, Other Scientific and Technical Consulting, and the small business size standard is $15 million. THIS ANNOUNCEMENT IS NOT A REQUEST FOR PROPOSALS (RFP) AND SHALL NOT BE CONSTRUED AS A COMMITMENT BY THE GOVERNMENT TO AWARD A CONTRACT AT THIS TIME. The purpose of this announcement is to identify small disadvantaged business concerns under the Small Business Administration?s 8(a) program with the capabilities to perform the services described above. All interested 8(a) companies are hereby invited to submit a capability statement of no more than ten (7) pages and no smaller than 12 pitch font. DOE will evaluate each capability statement based on the demonstrated experience and capability of the 8(a) firm and its partners, if applicable, in providing the required services. After reviewing the capability statements received in response to this announcement, DOE may select one or more companies to participate in capability interviews to more fully assess the depth and breadth of each company?s experience and capability to provide the required services. As a result of the capability interviews, DOE anticipates the award of one contract under the Small Business Administration?s 8(a) program. DOE reserves the right to use any and all information submitted by, or obtained from, an interested party in any manner DOE determines is appropriate, including, but not limited to, the creation of a competitive solicitation. An interested party should avoid including any classified, business confidential, and/or proprietary information in its response. However, if an interested party must submit such information, the information must be clearly marked accordingly, and the interested party must provide sufficient justification as to why such information is business confidential and/or proprietary. DOE will review said information and safeguard it appropriately. Interested parties are requested to provide the name of a contact person, phone number, address of firm, detailed information demonstrating their understanding of the draft scope of work identified above as well as their qualifications, capabilities, experience and past performance history for such work. The Government will not pay for any information that is provided in response to this announcement nor will it compensate any respondents for the development of such information. All capability statements shall be submitted electronically to the e-mail address at lenny.flagg@emcbc.doe.gov no later than 5:00 p.m. Eastern Daylight Time on Friday, April 10, 2015. All questions pertaining to the announcement should be directed to Mr. Flagg at the email address specified above. DOE personnel may contact firms responding to this announcement to clarify a responder?s capabilities and other matters as part of this market research process. FOR A COPY OF THE STATEMENT OF WORK PLEASE GO TO www.fedconnect.net.
- Web Link
-
FBO.gov Permalink
(https://www.fbo.gov/spg/DOE/PAM/HQ/DE-SOL-0008257/listing.html)
- Record
- SN03681592-W 20150329/150327234925-344ea347e8de1e13b63c82e7a4a9825d (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |