SOLICITATION NOTICE
69 -- DOCUMENT AND LEARNING MANAGEMENT SYSTEM - STATEMENT OF WORK
- Notice Date
- 8/9/2016
- Notice Type
- Combined Synopsis/Solicitation
- NAICS
- 611710
— Educational Support Services
- Contracting Office
- Department of the Navy, Bureau of Medicine and Surgery, Naval Hospital Camp Pendleton, Box 555191, Marine Corps Base, Camp Pendleton, California, 92055-5191, United States
- ZIP Code
- 92055-5191
- Solicitation Number
- N6809416T0064
- Archive Date
- 9/8/2016
- Point of Contact
- Angelit R. Campano, Phone: 7607251423
- E-Mail Address
-
angelito.r.campano.civ@mail.mil
(angelito.r.campano.civ@mail.mil)
- Small Business Set-Aside
- Total Small Business
- Description
- STATEMENT OF WORK Combined Synopsis/Solicitation Solicitation Number: N68094-16-T-0064 Purchase Description: Document & Learning Management System This is a Combined Synopsis/Solicitation for the purchase of Commercial Items prepared in accordance with the format in FAR 12.6, as supplemented with additional information included in this notice. This announcement constitutes the only solicitation; a written solicitation will not be issued. This solicitation will be posted to the Federal Business Opportunities (FBO) web-site as 100% Total Small Business Set-Aside". The Navy Hospital Camp Pendleton (NHCP), Material Management Department, Contracting Division is issuing this combined synopsis/solicitation, reference solicitation number N68094-16-T-0064, as a Request for Quote (RFQ) using FAR Part 12, Acquisition of Commercial Item, & FAR Part 13, Simplified Acquisition Procedures. The North American Industrial Classification System (NAICS) code for this procurement is, "611710", with a small business standard of "15 million dollars." The Government intends to award a Firm Fixed-Price Commercial Award. The solicitation document and incorporated provisions and clauses are those in effect through the Federal Acquisition Circular (FAC) 2005-89 effective July 14, 2016 and Defense Federal Acquisition Regulation Supplement DPN 20160630 effective June 30, 2016. DESCRIPTION: CLIN 0001: DOCUMENT MANAGEMENT SYSTEM (DMS) IAW THE ATTACHED STATEMENT OF WORK (SOW). Quantity Unit of Issue Unit Price Extended Price 1 EA tiny_mce_marker______________ tiny_mce_marker_______________ CLIN 0002: LEARNING MANAGEMENT SYSTEM (LMS) WITH COMPLIANCE COURSE IN PATHOLOGY AND HISTOLOGY IAW THE ATTACHED STATEMENT OF WORK (SOW). Quantity Unit of Issue Unit Price Extended Price 1 EA tiny_mce_marker____________ tiny_mce_marker_______________ TOTAL: tiny_mce_marker_____________ DELIVERY SCHEDULE: ONLINE SUBSCRIPTION Responses/quotes MUST be received no later than 24 August 2016, 1:00 PM (Pacific Daylight Time). Forward responses by e-mail to angelito.r.campano.civ@mail.mil or fax to 760-725-1485. Due to technical issues, please allow additional time if you're using electronic means. Offerors must ensure that their company is registered with System for Award Management (SAM) prior to award. For information refer to: https://www.sam.gov/portal/public/SAM/. APPLICABLE FAR CLAUSES: (1) 52.204-7 -- System for Award Management. As prescribed in 4.1105(a)(1), use the following provision: System for Award Management (Jul 2013) (a) Definitions. As used in this provision- "Data Universal Numbering System (DUNS) number" means the 9-digit number assigned by Dun and Bradstreet, Inc. (D&B) to identify unique business entities. "Data Universal Numbering System+4 (DUNS+4) number" means the DUNS number means the number assigned by D&B plus a 4-character suffix that may be assigned by a business concern. (D&B has no affiliation with this 4-character suffix.) This 4-character suffix may be assigned at the discretion of the business concern to establish additional System for Award Management records for identifying alternative Electronic Funds Transfer (EFT) accounts (see the FAR at Subpart 32.11) for the same concern. "Registered in the System for Award Management (SAM) database" means that- (1) The Offeror has entered all mandatory information, including the DUNS number or the DUNS+4 number, the Contractor and Government Entity (CAGE) code, as well as data required by the Federal Funding Accountability and Transparency Act of 2006 (see Subpart 4.14), into the SAM database; and (2) The offeror has completed the Core, Assertions, and Representations and Certification, and Points of contact sections of the registration in the SAM database; (3) The Government has validated all mandatory data fields, to include validation of the Taxpayer Identification Number (TIN) with the Internal Revenue Service (IRS). The Offeror will be required to provide consent for TIN validation to the Government as a part of the SAM registration process. (4) The Government has marked the record "Active". (b) (1) By submission of an offer, the offeror acknowledges the requirement that a prospective awardee shall be registered in the SAM database prior to award, during performance, and through final payment of any contract, basic agreement, basic ordering agreement, or blanket purchasing agreement resulting from this solicitation. (2) The offeror shall enter, in the block with its name and address on the cover page of its offer, the annotation "DUNS" or "DUNS+4" followed by the DUNS or DUNS+4 number that identifies the offeror's name and address exactly as stated in the offer. The DUNS number will be used by the Contracting Officer to verify that the offeror is registered in the SAM database. (c) If the offeror does not have a DUNS number, it should contact Dun and Bradstreet directly to obtain one. (1) An offeror may obtain a DUNS number- (i) Via the internet at http://fedgov.dnb.com/webform or if the offeror does not have internet access, it may call Dun and Bradstreet at 1-866-705-5711 if located within the United States; or (ii) If located outside the United States, by contacting the local Dun and Bradstreet office. The offeror should indicate that it is an offeror for a U.S. Government contract when contacting the local Dun and Bradstreet office. (2) The offeror should be prepared to provide the following information: (i) Company legal business name. (ii) Tradestyle, doing business, or other name by which your entity is commonly recognized. (iii) Company physical street address, city, state and Zip Code. (iv) Company mailing address, city, state and Zip Code (if separate from physical). (v) Company telephone number. (vi) Date the company was started. (vii) Number of employees at your location. (viii) Chief executive officer/key manager. (ix) Line of business (industry). (x) Company Headquarters name and address (reporting relationship within your entity). (d) If the Offeror does not become registered in the SAM database in the time prescribed by the Contracting Officer, the Contracting Officer will proceed to award to the next otherwise successful registered Offeror. (e) Processing time, which normally takes 48 hours, should be taken into consideration when registering. Offerors who are not registered should consider applying for registration immediately upon receipt of this solicitation. (f) Offerors may obtain information on registration at https://www.acquisition.gov. (End of Provision) (2) 52.204-13 - System for Award Management Maintenance. As prescribed in 4.1105(b), use the following clause: System for Award Management Maintenance (Jul 2013) (a) Definition. As used in this clause-- "Data Universal Numbering System (DUNS) number" means the 9-digit number assigned by Dun and Bradstreet, Inc. (D&B) to identify unique business entities, which is used as the identification number for Federal Contractors. "Data Universal Numbering System+4 (DUNS+4) number" means the DUNS number assigned by D&B plus a 4-character suffix that may be assigned by a business concern. (D&B has no affiliation with this 4-character suffix.) This 4-character suffix may be assigned at the discretion of the business concern to establish additional SAM records for identifying alternative Electronic Funds Transfer (EFT) accounts (see the FAR at subpart 32.11) for the same concern. "Registered in the System for Award Management (SAM) database" means that- (1) The Contractor has entered all mandatory information, including the DUNS number or the DUNS+4 number, the Contractor and government Entity (CAGE) code, as well as data required by the Federal Funding Accountability and Transparency Act of 2006 (see subpart 4.14), into the SAM database; (2) The Contractor has completed the Core, Assertions, Representations and Certifications, and Points of Contact sections of the registration in the SAM database; (3) The Government has validated all mandatory data fields, to include validation of the Taxpayer Identification Number (TIN) with the Internal Revenue Service (IRS). The Contractor will be required to provide consent for TIN validation to the Government as a part of the SAM registration process; and (4) The Government has marked the record "Active". "System for Award Management (SAM)" means the primary Government repository for prospective Federal awardee and Federal awardee information and the centralized Government system for certain contracting, grants, and other assistance-related processes. It includes- (1) Data collected from prospective Federal awardees required for the conduct of business with the Government; (2) Prospective contractor-submitted annual representations and certifications in accordance with FAR subpart 4.12; and (3) Identification of those parties excluded from receiving Federal contracts, certain subcontracts, and certain types of Federal financial and non-financial assistance and benefits. (b) The Contractor is responsible for the accuracy and completeness of the data within the SAM database, and for any liability resulting from the Government's reliance on inaccurate or incomplete data. To remain registered in the SAM database after the initial registration, the Contractor is required to review and update on an annual basis, from the date of initial registration or subsequent updates, its information in the SAM database to ensure it is current, accurate and complete. Updating information in the SAM does not alter the terms and conditions of this contract and is not a substitute for a properly executed contractual document. (c) (1) (i) If a Contractor has legally changed its business name, doing business as name, or division name (whichever is shown on the contract), or has transferred the assets used in performing the contract, but has not completed the necessary requirements regarding novation and change-of-name agreements in subpart 42.12, the Contractor shall provide the responsible Contracting Officer a minimum of one business day's written notification of its intention to- (A) Change the name in the SAM database; (B) Comply with the requirements of subpart 42.12 of the FAR; and (C) Agree in writing to the timeline and procedures specified by the responsible Contracting Officer. The Contractor shall provide with the notification sufficient documentation to support the legally changed name. (ii) If the Contractor fails to comply with the requirements of paragraph (c)(1)(i) of this clause, or fails to perform the agreement at paragraph (c)(1)(i)(C) of this clause, and, in the absence of a properly executed novation or change-of-name agreement, the SAM information that shows the Contractor to be other than the Contractor indicated in the contract will be considered to be incorrect information within the meaning of the "Suspension of Payment" paragraph of the electronic funds transfer (EFT) clause of this contract. (2) The Contractor shall not change the name or address for EFT payments or manual payments, as appropriate, in the SAM record to reflect an assignee for the purpose of assignment of claims (see FAR subpart 32.8, Assignment of Claims). Assignees shall be separately registered in the SAM. Information provided to the Contractor's SAM record that indicates payments, including those made by EFT, to an ultimate recipient other than that Contractor will be considered to be incorrect information within the meaning of the "Suspension of Payment" paragraph of the EFT clause of this contract. (3) The Contractor shall ensure that the DUNS number is maintained with Dun & Bradstreet throughout the life of the contract. The Contractor shall communicate any change to the DUNS number to the Contracting Officer within 30 days after the change, so an appropriate modification can be issued to update the data on the contract. A change in the DUNS number does not necessarily require a novation be accomplished. Dun & Bradstreet may be contacted- (i) Via the internet at http://fedgov.dnb.com/webform or if the Contractor does not have internet access, it may call Dun and Bradstreet at 1-866-705-5711 if located within the United States; or (ii) If located outside the United States, by contacting the local Dun and Bradstreet office. (d) Contractors may obtain additional information on registration and annual confirmation requirements at https://www.acquisition.gov. (End of Clause) (3) FAR 52.212-1 (Instructions to Offerors - Commercial Items) (Oct 2015) (4) FAR 52.212-2: Evaluation - Commercial Items (Oct 2014): Award will be made to the offeror who is deemed responsible in accordance with the Federal Acquisition Regulation (FAR) Part 9 and whose offer represents the "best value" as defined as "the expected outcome of an acquisition that, in the Government's estimation, provides the greatest overall benefit in response to the requirement using the following evaluation factors: a) Technical Capability: Meets Brand Name Government requirement/specifications as identified within each CLIN or attached Performance Work Statement (PWS) or Statement of Work (SOW). For supplies and equipment the Government will consider offers/quotes only from "authorized distributors/resellers" of the offered manufacturers. Offer that is most advantageous based on the description provided for each CLIN/Item in the solicitation. (b) Price: No additional information from the offeror will be required if the price is based on adequate price competition. In the event adequate price competition does not exist, the contracting officer will obtain information from the offeror to the extent required to determine the reasonableness of the offered prices. (c) Past Performance: Will be evaluated as Acceptable or Unacceptable based on past performance information obtained from any other sources available to the Government, to include, but not limited to, the Past Performance Information Retrieval System (PPIRS). In the case of an offeror without a record of relevant past performance or for whom information on past performance is not available, the offeror will not be evaluated favorably or unfavorably on past performance. (d) Compliance with Solicitation/SOW Requirements: Contractor offer in sufficient detail to ascertain the contractor offer has met all solicitation requirements and has a good understanding of the Government requirement; confidence/high probability requirements will be met. Past Performance Evaluation Ratings Rating Description Acceptable Based on the offeror's performance record, the Government has a reasonable expectation that the offeror will successfully perform the required effort, or the offeror's performance record is unknown. Unacceptable Based on the offeror's performance record, the Government has no reasonable expectation that the offeror will be able to successfully perform the required effort. (5) FAR 52.212-4 (Contract Terms and Conditions - Commercial Items) (May 2015) (6) FAR 52.212-5: Contract Terms and Conditions Required To Implement Statutes Or Executive Orders-Commercial Items (DEVIATION 2013-O0019) (Jun 2016) (7) FAR 52.252-1 Solicitation Provisions Incorporated by Reference (Feb 1998) This solicitation incorporates one or more solicitation provisions by reference, with the same force and effect as if they were given in full text. Upon request, the Contracting Officer will make their full text available. The offeror is cautioned that the listed provisions may include blocks that must be completed by the offeror and submitted with its quotation or offer. In lieu of submitting the full text of those provisions, the offeror may identify the provision by paragraph identifier and provide the appropriate information with its quotation or offer. Also, the full text of a solicitation provision may be accessed electronically at this/these address(es): http://farsite.hill.af.mil/VFFARa.htm http://farsite.hill.af.mil/VFDFARa.htm (End of Provision) FAR 52.252-2: CLAUSES INCORPORATED BY REFERENCE (Feb 1998) This contract incorporates one or more clauses by reference, with the same force and effect as if they were given in full text. Upon request, the Contracting Officer will make their full text available. Also, the full text of a clause may be accessed electronically at this/these address(s): http://farsite.hill.af.mil/VFFARa.htm http://farsite.hill.af.mil/VFDFARa.htm (End of clause) (8) 52.219-1 Alt I Small Business Program Representations (October 2014) (9) 52.219-6 Notice of Total Small Business Set Aside (Nov 2011) OTHER CLAUSES, TERMS, AND CONDITIONS: 252.203-7998--PROHIBITION ON CONTRACTING WITH ENTITIES THAT REQUIRE CERTAIN INTERNAL CONFIDENTIALITY AGREEMENTS-REPRESENTATION (DEVIATION 2015-O0010) (FEB 2015) (a) In accordance with section 743 of Division E, Title VIII, of the Consolidated and Further Continuing Resolution Appropriations Act, 2015 (Pub. L. 113-235), Government agencies are not permitted to use funds appropriated (or otherwise made available) under that or any other Act for contracts with an entity that requires employees or subcontractors of such entity seeking to report fraud, waste, or abuse to sign internal confidentiality agreements or statements prohibiting or otherwise restricting such employees or contactors from lawfully reporting such waste, fraud, or abuse to a designated investigative or law enforcement representative of a Federal department or agency authorized to receive such information. (b) The prohibition in paragraph (a) of this provision does not contravene requirements applicable to Standard Form 312, Form 4414, or any other form issued by a Federal department or agency governing the nondisclosure of classified information. (c) Representation. By submission of its offer, the Offeror represents that it does not require employees or subcontractors of such entity seeking to report fraud, waste, or abuse to sign or comply with internal confidentiality agreements or statements prohibiting or otherwise restricting such employees or contactors from lawfully reporting such waste, fraud, or abuse to a designated investigative or law enforcement representative of a Federal department or agency authorized to receive such information. (End of provision) 252.203-7999--PROHIBITION ON CONTRACTING WITH ENTITIES THAT REQUIRE CERTAIN INTERNAL CONFIDENTIALITY AGREEMENTS (DEVIATION 2015-O0010) (FEB 2015) (a) The Contractor shall not require employees or subcontractors seeking to report fraud, waste, or abuse to sign or comply with internal confidentiality agreements or statements prohibiting or otherwise restricting such employees or contactors from lawfully reporting such waste, fraud, or abuse to a designated investigative or law enforcement representative of a Federal department or agency authorized to receive such information. (b) The Contractor shall notify employees that the prohibitions and restrictions of any internal confidentiality agreements covered by this clause are no longer in effect. (c) The prohibition in paragraph (a) of this clause does not contravene requirements applicable to Standard Form 312, Form 4414, or any other form issued by a Federal department or agency governing the nondisclosure of classified information. (d)(1) In accordance with section 743 of Division E, Title VIII, of the Consolidated and Further Continuing Resolution Appropriations Act, 2015, (Pub. L. 113-235), use of funds appropriated (or otherwise made available) under that or any other Act may be prohibited, if the Government determines that the Contractor is not in compliance with the provisions of this clause. (2) The Government may seek any available remedies in the event the Contractor fails to perform in accordance with the terms and conditions of the contract as a result of Government action under this clause. (End of clause) 252.204-7008 Compliance with Safeguarding Covered Defense Information Controls.As prescribed in 204.7304(a), use the following provision: COMPLIANCE WITH SAFEGUARDING COVERED DEFENSE INFORMATION CONTROLS (DEC 2015) (a) Definitions. As used in this provision- "Controlled technical information," "covered contractor information system," and "covered defense information" are defined in clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting. (b) The security requirements required by contract clause 252.204-7012, Covered Defense Information and Cyber Incident Reporting, shall be implemented for all covered defense information on all covered contractor information systems that support the performance of this contract. (c) For covered contractor information systems that are not part of an information technology (IT) service or system operated on behalf of the Government (see 252.204-7012(b)(1)(ii))- (1) By submission of this offer, the Offeror represents that it will implement the security requirements specified by National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, "Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations" (see http://dx.doi.org/10.6028/NIST.SP.800-171), not later than December 31, 2017. (2)(i) If the Offeror proposes to vary from any of the security requirements specified by NIST SP 800-171 that is in effect at the time the solicitation is issued or as authorized by the Contracting Officer, the Offeror shall submit to the Contracting Officer, for consideration by the DoD Chief Information Officer (CIO), a written explanation of- (A) Why a particular security requirement is not applicable; or (B) How an alternative but equally effective, security measure is used to compensate for the inability to satisfy a particular requirement and achieve equivalent protection. (ii) An authorized representative of the DoD CIO will adjudicate offeror requests to vary from NIST SP 800-171 requirements in writing prior to contract award. Any accepted variance from NIST SP 800-171 shall be incorporated into the resulting contract. (End of provision) 252.204-7012 SAFEGUARDING COVERED DEFENSE INFORMATION AND CYBER INCIDENT REPORTING (DEC 2015) (a) Definitions. As used in this clause-- Adequate security means protective measures that are commensurate with the consequences and probability of loss, misuse, or unauthorized access to, or modification of information. Compromise means disclosure of information to unauthorized persons, or a violation of the security policy of a system, in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object, or the copying of information to unauthorized media may have occurred. Contractor attributional/proprietary information means information that identifies the contractor(s), whether directly or indirectly, by the grouping of information that can be traced back to the contractor(s) (e.g., program description, facility locations), personally identifiable information, as well as trade secrets, commercial or financial information, or other commercially sensitive information that is not customarily shared outside of the company. Contractor information system means an information system belonging to, or operated by or for, the Contractor. Controlled technical information means technical information with military or space application that is subject to controls on the access, use, reproduction, modification, performance, display, release, disclosure, or dissemination. Controlled technical information would meet the criteria, if disseminated, for distribution statements B through F using the criteria set forth in DoD Instruction 5230.24, Distribution Statements on Technical Documents. The term does not include information that is lawfully publicly available without restrictions. Covered contractor information system means an information system that is owned, or operated by or for, a contractor and that processes, stores, or transmits covered defense information. Covered defense information means unclassified information that-- (i) Is-- (A) Provided to the contractor by or on behalf of DoD in connection with the performance of the contract; or (B) Collected, developed, received, transmitted, used, or stored by or on behalf of the contractor in support of the performance of the contract; and (ii) Falls in any of the following categories: (A) Controlled technical information. (B) Critical information (operations security). Specific facts identified through the Operations Security process about friendly intentions, capabilities, and activities vitally needed by adversaries for them to plan and act effectively so as to guarantee failure or unacceptable consequences for friendly mission accomplishment (part of Operations Security process). (C) Export control. Unclassified information concerning certain items, commodities, technology, software, or other information whose export could reasonably be expected to adversely affect the United States national security and nonproliferation objectives. To include dual use items; items identified in export administration regulations, international traffic in arms regulations and munitions list; license applications; and sensitive nuclear technology information. (D) Any other information, marked or otherwise identified in the contract, that requires safeguarding or disseminationcontrols pursuant to and consistent with law, regulations, and Governmentwide policies (e.g., privacy, proprietary business information). Cyber incident means actions taken through the use of computer networks that result in an actual or potentially adverse effect on an information system and/or the information residing therein. Forensic analysis means the practice of gathering, retaining, and analyzing computer-related data for investigative purposes in a manner that maintains the integrity of the data. Malicious software means computer software or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an information system. This definition includes a virus, worm, Trojan horse, or other code-based entity that infects a host, as well as spyware and some forms of adware. Media means physical devices or writing surfaces including, but is not limited to, magnetic tapes, optical disks, magnetic disks, large-scale integration memory chips, and printouts onto which information is recorded, stored, or printed within an information system. Operationally critical support means supplies or services designated by the Government as critical for airlift, sealift, intermodal transportation services, or logistical support that is essential to the mobilization, deployment, or sustainment of the Armed Forces in a contingency operation. Rapid(ly) report(ing) means within 72 hours of discovery of any cyber incident. Technical information means technical data or computer software, as those terms are defined in the clause at DFARS 252.227-7013, Rights in Technical Data-Non Commercial Items, regardless of whether or not the clause is incorporated in this solicitation or contract. Examples of technical information include research and engineering data, engineering drawings, and associated lists, specifications, standards, process sheets, manuals, technical reports, technical orders, catalog-item identifications, data sets, studies and analyses and related information, and computer software executable code and source code. (b) Adequate security. The Contractor shall provide adequate security for all covered defense information on all covered contractor information systems that support the performance of work under this contract. To provide adequate security, the Contractor shall-- (1) Implement information systems security protections on all covered contractor information systems including, at a minimum-- (i) For covered contractor information systems that are part of an Information Technology (IT) service or system operated on behalf of the Government-- (A) Cloud computing services shall be subject to the security requirements specified in the clause 252.239-7010, Cloud Computing Services, of this contract; and (B) Any other such IT service or system (i.e., other than cloud computing) shall be subject to the security requirements specified elsewhere in this contract; or (ii) For covered contractor information systems that are not part of an IT service of system operated on behalf of the Government and therefore are not subject to the security requirement specified at paragraph (b)(1)(i) of this clause-- (A) The security requirements in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, ``Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations, http://dx.doi.org/10.6028/NIST.SP.800-171 that is in effect at the time the solicitation is issued or as authorized by the Contracting Officer; or (B) Alternative but equally effective security measures used to compensate for the inability to satisfy a particular requirement and achieve equivalent protection approved in writing by an authorized representative of the DoD CIO prior to contract award; and (2) Apply other security measures when the Contractor reasonably determines that such measures, in addition to those identified in paragraph (b)(1) of this clause, may be required to provide adequate security in a dynamic environment based on an assessed risk or vulnerability. (c) Cyber incident reporting requirement. (1) When the Contractor discovers a cyber incident that affects a covered contractor information system or the covered defense information residing therein, or that affects the contractor's ability to perform the requirements of the contract that are designated as operationally critical support, the Contractor shall-- (i) Conduct a review for evidence of compromise of covered defense information, including, but not limited to, identifying compromised computers, servers, specific data, and user accounts. This review shall also include analyzing covered contractor information system(s) that were part of the cyber incident, as well as other information systems on the Contractor's network(s), that may have been accessed as a result of the incident in order to identify compromised covered defense information, or that affect the Contractor's ability to provide operationally critical support; and (ii) Rapidly report cyber incidents to DoD at http://dibnet.dod.mil. (2) Cyber incident report. The cyber incident report shall be treated as information created by or for DoD and shall include, at a minimum, the required elements at http://dibnet.dod.mil. (3) Medium assurance certificate requirement. In order to report cyber incidents in accordance with this clause, the Contractor or subcontractor shall have or acquire a DoD-approved medium assurance certificate to report cyber incidents. For information on obtaining a DoD-approved medium assurance certificate, see http://iase.disa.mil/pki/eca/certificate.html. (d) Malicious software. The Contractor or subcontractors that discover and isolate malicious software in connection with a reported cyber incident shall submit the malicious software in accordance with instructions provided by the Contracting Officer. (e) Media preservation and protection. When a Contractor discovers a cyber incident has occurred, the Contractor shall preserve and protect images of all known affected information systems identified in paragraph (c)(1)(i) of this clause and all relevant monitoring/packet capture data for at least 90 days from the submission of the cyber incident report to allow DoD to request the media or decline interest. (f) Access to additional information or equipment necessary for forensic analysis. Upon request by DoD, the Contractor shall provide DoD with access to additional information or equipment that is necessary to conduct a forensic analysis. (g) Cyber incident damage assessment activities. If DoD elects to conduct a damage assessment, the Contracting Officer will request that the Contractor provide all of the damage assessment information gathered in accordance with paragraph (e) of this clause. (h) DoD safeguarding and use of contractor attributional/proprietary information. The Government shall protect against the unauthorized use or release of information obtained from the contractor (or derived from information obtained from the contractor) under this clause that includes contractor attributional/proprietary information, including such information submitted in accordance with paragraph (c). To the maximum extent practicable, the Contractor shall identify and mark attributional/proprietary information. In making an authorized release of such information, the Government will implement appropriate procedures to minimize the contractor attributional/proprietary information that is included in such authorized release, seeking to include only that information that is necessary for the authorized purpose(s) for which the information is being released. (i) Use and release of contractor attributional/proprietary information not created by or for DoD. Information that is obtained from the contractor (or derived from information obtained from the contractor) under this clause that is not created by or for DoD is authorized to be released outside of DoD-- (1) To entities with missions that may be affected by such information; (2) To entities that may be called upon to assist in the diagnosis, detection, or mitigation of cyber incidents; (3) To Government entities that conduct counterintelligence or law enforcement investigations; (4) For national security purposes, including cyber situational awareness and defense purposes (including with Defense Industrial Base (DIB) participants in the program at 32CFR 236); or (5) To a support services contractor (``recipient'') that is directly supporting Government activities under a contract that includes the clause at (j) Use and release of contractor attributional/proprietary information created by or for DoD. Information that is obtained from the contractor (or derived from information obtained from the contractor) under this clause that is created by or for DoD (including the information submitted pursuant to paragraph (c) of this clause) is authorized to be used and released outside of DoD for purposes and activities authorized by paragraph (i) of this clause, and for any other lawful Government purpose or activity, subject to all applicable statutory, regulatory, and policy based restrictions on the Government's use and release of such information. (k) The Contractor shall conduct activities under this clause in accordance with applicable laws and regulations on the interception, monitoring, access, use, and disclosure of electronic communications and data. (l) Other safeguarding or reporting requirements. The safeguarding and cyber incident reporting required by this clause in no way abrogates the Contractor's responsibility for other safeguarding or cyber incident reporting pertaining to its unclassified information systems as required by other applicable clauses of this contract, or as a result of other applicable U.S. Government statutory or regulatory requirements. (m) Subcontracts. The Contractor shall-- (1) Include the substance of this clause, including this paragraph (m), in all subcontracts, including subcontracts for commercial items; and (2) Require subcontractors to rapidly report cyber incidents directly to DoD at http://dibnet.dod.mil and the prime Contractor. This includes providing the incident report number, automatically assigned by DoD, to the prime Contractor (or next higher-tier subcontractor) as soon as practicable. (End of clause) SPECIAL TERM: Enterprise-wide Contractor Manpower Reporting Application (ECMRA) The contractor shall report contractor labor hours (including subcontractor labor hours) required for performance of services provided under this contract for Naval Hospital Camp Pendleton and/or support medical & dental clinics via a secure data collection site. Contracted services excluded from reporting are based on Product Service Codes (PSCs). The excluded PSCs are: (1) W, Lease/Rental of Equipment; (2) X, Lease/Rental of Facilities; (3) Y, Construction of Structures and Facilities; (4) S, Utilities ONLY; (5) V, Freight and Shipping ONLY. The contractor is required to completely fill in all required data fields using the following web address https://doncmra.nmci.navy.mil. Reporting inputs will be for the labor executed during the period of performance during each Government fiscal year (FY), which runs October 1 through September 30. While inputs may be reported any time during the FY, all data shall be reported no later than October 31 of each calendar year. Contractors may direct questions to the help desk, linked at https://doncmra.nmci.navy.mil INVOICING INSTRUCTIONS: 252.232-7006 WIDE AREA WORKFLOW PAYMENT INSTRUCTIONS (MAY 2013) (a) Definitions. As used in this clause-- "Department of Defense Activity Address Code (DoDAAC)" is a six position code that uniquely identifies a unit, activity, or organization. "Document type" means the type of payment request or receiving report available for creation in Wide Area WorkFlow (WAWF). "Local processing office (LPO)" is the office responsible for payment certification when payment certification is done external to the entitlement system. (b) Electronic invoicing. The WAWF system is the method to electronically process vendor payment requests and receiving reports, as authorized by DFARS 252.232-7003, Electronic Submission of Payment Requests and Receiving Reports. (c) WAWF access. To access WAWF, the Contractor shall-- (1) Have a designated electronic business point of contact in the System for Award Management at https://www.acquisition.gov; and (2) Be registered to use WAWF at https://wawf.eb.mil/ following the step-by-step procedures for self-registration available at this Web site. (d) WAWF training. The Contractor should follow the training instructions of the WAWF Web-Based Training Course and use the Practice Training Site before submitting payment requests through WAWF. Both can be accessed by selecting the "Web Based Training" link on the WAWF home page at https://wawf.eb.mil/. (e) WAWF methods of document submission. Document submissions may be via Web entry, Electronic Data Interchange, or File Transfer Protocol. (f) WAWF payment instructions. The Contractor must use the following information when submitting payment requests and receiving reports in WAWF for this contract/order: (1) Document type. The Contractor shall use the following document type(s). INVOICE AND RECEIVING REPORT 2-1 ----------------------------------------------------------------------- (2) Inspection/acceptance location. The Contractor shall select the following inspection/acceptance location(s) in WAWF, as specified by the contracting officer. DESTINATION / DESTINATION ----------------------------------------------------------------------- (3) Document routing. The Contractor shall use the information in the Routing Data Table below only to fill in applicable fields in WAWF when creating payment requests and receiving reports in the system. Routing Data Table* Field Name in WAWF Data to be entered in WAWF Pay Official DoDAAC HQ0248 Issue By DoDAAC N68094 Admin DoDAAC N68094 Inspect By DoDAAC N/A Ship To Code N68292 Ship From Code N/A Mark For Code N/A Service Approver (DoDAAC) N/A Service Acceptor (DoDAAC) N/A Accept at Other DoDAAC N/A LPO DoDAAC N68292 DCAA Auditor DoDAAC N/A Other DoDAAC(s) N/A (4) Payment request and supporting documentation. The Contractor shall ensure a payment request includes appropriate contract line item and subline item descriptions of the work performed or supplies delivered, unit price/cost per unit, fee (if applicable), and all relevant back-up documentation, as defined in DFARS Appendix F, (e.g. timesheets) in support of each payment request. (5) WAWF email notifications. The Contractor shall enter the email address identified below in the "Send Additional Email Notifications" field of WAWF once a document is submitted in the system. WAWF Acceptor/COR Email Address: xxxxx@med.navy.mil ----------------------------------------------------------------------- (g) WAWF point of contact. (1) The Contractor may obtain clarification regarding invoicing in WAWF from the following contracting activity's WAWF point of contact. wawf@med.navy.mil ----------------------------------------------------------------------- (2) For technical WAWF help, contact the WAWF helpdesk at 866-618-5988. (End of clause)
- Web Link
-
FBO.gov Permalink
(https://www.fbo.gov/spg/DON/BUMED/N68094CP/N6809416T0064/listing.html)
- Place of Performance
- Address: U.S. NAVAL HOSPITAL YOKOSUKA, YOKOSUKA, Non-U.S., 96350, Japan
- Record
- SN04215803-W 20160811/160809235552-a07c569b2d6e9ef6107af28201cf54f8 (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |