Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
SAMDAILY.US - ISSUE OF JULY 23, 2022 SAM #7540
SOURCES SOUGHT

70 -- Modernizing DotNotNuke (DNN) Web Environment (VA-22-00079683)

Notice Date
7/21/2022 10:04:29 AM
 
Notice Type
Sources Sought
 
NAICS
541519 — Other Computer Related Services
 
Contracting Office
TECHNOLOGY ACQUISITION CENTER NJ (36C10B) EATONTOWN NJ 07724 USA
 
ZIP Code
07724
 
Solicitation Number
36C10B22Q0473
 
Response Due
7/29/2022 10:00:00 AM
 
Archive Date
08/28/2022
 
Point of Contact
Joshua McGarry, Contract Specialist, Phone: 848-377-5136
 
E-Mail Address
Joshua.McGarry@va.gov
(Joshua.McGarry@va.gov)
 
Awardee
null
 
Description
Modernizing DNN Web Environment TAC Number: VA-22-00079683 Page 14 of 33 PRODUCT DESCRIPTION (PD) DEPARTMENT OF VETERANS AFFAIRS VA Information Resource Center (VIReC) Modernizing DotNotNuke (DNN) Web Environment Date: July 21, 2022 VA-22-00079683 Version: 1.1 REQUIREMENTS The Department of Veterans Affairs (VA) Information Resource Center (VIReC) requires software and associated professional services to modernize its web environment that runs on the open-source DNN platform. This includes commercial off the shelf (COTS) software designed for developing and customizing the open-source DNN platform and professional services required for software maintenance, troubleshooting, and development. Software capabilities and professional services will also support the following planned enhancements to the web environment: implementing online communities starting with focused question and answer discussion forums; site-wide reorganization and redesign; incorporating structured content; integrating content across the web environment; building in more robust search and filter options, collaboration spaces, and tools for knowledge management; ramping up reporting and analytics tools; adding customer support and feedback components; and providing a more seamless user experience. SOFTWARE SALIENT CHARACTERISTICS Software must support development and customization of the DNN open-source platform and shall be maintained and updated regularly to ensure compatibility with the most recent versions of this platform. Software shall be used in four web environments (sandbox, test/development, staging/pre-production, and production) and licensing shall accommodate the addition of any future web environments. The software shall be extensible and include modules for Online communities and community collaboration spaces (Q&A and topical discussion forums, threaded conversations and comments, community management tools, blogs, Wikis, etc.) Social engagement and community interaction (user profiles; follow topics, tags, users; notifications; gamification and reputation systems; voting/rating; sharing attachments, code, links, etc.) Knowledge organization and publication (structure content with tags, type, group, hierarchy, etc.; admin/user generated tags; tag management system; workflows; permissions; versioning) Global search features (advanced search/filter by tag, type, community; search across all modules/entire site) Improving user experience (responsive UI; accordion, tabs, tooltips; themes; robust search; centralization of information) Analytics tools (dashboard, measures key metrics like user engagement, participation, page views) PROFESSIONAL SERVICES The Contractor shall provide access to product updates, new features, and patches. Product upgrades and software licenses shall be renewed each period of performance as required per licensing term. Perpetual licensing is preferred. Support services shall include: Troubleshooting support such as web-based and phone product support for questions, technical issues, bug fixes, how-to-questions, documentation, and videos. Consultation services such as input on using the software, site architecture, module implementation, system integration, best practices. Custom development services such as building and designing themes, modules, feature request, and other DNN development. Standard support services that are offered with COTS software licenses and premium support services shall be described separately. The Base period of performance (PoP) shall be 12 months from date of award with four 12-month Option Periods to be exercised at the Government s discretion. NOTICE OF THE FEDERAL ACCESSIBILITY LAW AFFECTING ALL INFORMATION AND COMMUNICATION TECHNOLOGY (ICT) PROCUREMENTS (SECTION 508) On January 18, 2017, the Architectural and Transportation Barriers Compliance Board (Access Board) revised and updated, in a single rulemaking, standards for electronic and information technology developed, procured, maintained, or used by Federal agencies covered by Section 508 of the Rehabilitation Act of 1973, as well as our guidelines for telecommunications equipment and customer premises equipment covered by Section 255 of the Communications Act of 1934. The revisions and updates to the Section 508-based standards and Section 255-based guidelines are intended to ensure that information and communication technology (ICT) covered by the respective statutes is accessible to and usable by individuals with disabilities. SECTION 508 INFORMATION AND COMMUNICATION TECHNOLOGY (ICT) STANDARDS The Section 508 standards established by the Access Board are incorporated into, and made part of all VA orders, solicitations and purchase orders developed to procure ICT. These standards are found in their entirety at: https://www.access-board.gov/guidelines-and-standards/communications-and-it/about-the-ict-refresh/final-rule/text-of-the-standards-and-guidelines. A printed copy of the standards will be supplied upon request.  Federal agencies must comply with the updated Section 508 Standards beginning on January 18, 2018. The Final Rule as published in the Federal Register is available from the Access Board: https://www.access-board.gov/guidelines-and-standards/communications-and-it/about-the-ict-refresh/final-rule. The Contractor shall comply with 508 Chapter 2: Scoping Requirements for all electronic ICT and content delivered under this contract. Specifically, as appropriate for the technology and its functionality, the Contractor shall comply with the technical standards marked here: E205 Electronic Content (Accessibility Standard -WCAG 2.0 Level A and AA Guidelines) E204 Functional Performance Criteria E206 Hardware Requirements E207 Software Requirements E208 Support Documentation and Services Requirements COMPATABILITY WITH ASSISTIVE TECHNOLOGY The standards do not require installation of specific accessibility-related software or attachment of an assistive technology device. Section 508 requires that ICT be compatible with such software and devices so that ICT can be accessible to and usable by individuals using assistive technology, including but not limited to screen readers, screen magnifiers, and speech recognition software. ACCEPTANCE AND ACCEPTANCE TESTING Deliverables resulting from this solicitation will be accepted based in part on satisfaction of the Section 508 Chapter 2: Scoping Requirements standards identified above. The Government reserves the right to test for Section 508 Compliance before delivery. The Contractor shall be able to demonstrate Section 508 Compliance upon delivery. SHIPMENT OF HARDWARE OR EQUIPMENT THIS IS A SUBSCRIPTION TO A SOFTWARE LICENSE; NO SHIPPING IS REQUIRED. GENERAL REQUIREMENTS VA TECHNICAL REFERENCE MODEL The Contractor shall support the VA enterprise management framework. In association with the framework, the Contractor shall comply with OIT Technical Reference Model (VA TRM). The VA TRM is one component within the overall Enterprise Architecture (EA) that establishes a common vocabulary and structure for describing the information technology used to develop, operate, and maintain enterprise applications. Moreover, the VA TRM, which includes the Standards Profile and Product List, serves as a technology roadmap and tool for supporting OIT. Architecture & Engineering Services (AES) has overall responsibility for the VA TRM. INFORMATION SECURITY CONSIDERATIONS: The assessment and authorization (A&A) requirements do not apply and a Security Accreditation Package is not required. All VA sensitive information shall be protected at all times in accordance with local security field office System Security Plans (SSP s) and Authority to Operate (ATO) s for all systems/LAN s accessed while performing the tasks detailed in this Product Description. SCHEDULE FOR DELIVERABLES Delivery within 30 days of receipt and processing of the Delivery Order. POINTS OF CONTACT VA Program Manager: Name: Jenifer Stelmack Email: Jenifer.Stelmack@va.gov IM: Contact via MS Teams Voice: 630-710-4753 Contracting Officer s Representative: Name: Jenifer Stelmack Email: Jenifer.Stelmack@va.gov IM: Contact via MS Teams Voice: 630-710-4753 Contracting Officer: Name: Heather Utt Address: 23 Christopher Way Eatontown NJ 07724 Voice: 848-377-5047 Email: Heather.Utt@va.gov Contract Specialist: Name: Joshua McGarry Address: 23 Christopher Way Eatontown NJ 07724 Voice: 848-377-5136 Email: Joshua.McGarry@va.gov ADDITIONAL ITEMS SPECIAL INSTRUCTIONS/REMARKS Response Instructions: Offerors shall provide an authorization letter or other means of verification from the Original Equipment Manufacturer (OEM) confirming it is an authorized dealer, authorized distributor, or authorized reseller for the proposed equipment/system in accordance with VA Acquisition Regulation (VAAR) 852.212-72 and 852.212-73. Additionally, the Offeror s quote/proposal shall explicitly self-certify that it will not provide Gray Market Goods and/or Counterfeit Items, as defined by VA Acquisition Regulation (VAAR) 852.212-72 and 852.212-73, and that it has the level of certification/specialization, as required by the OEM(s). Failure to include the requisite OEM letter(s)/documentation and Offeror self-certification may render the Offeror s quote Unacceptable and thus, ineligible for award. INFORMATION SECURITY CONSIDERATIONS: The assessment and authorization (A&A) requirements do not apply and a Security Accreditation Package is not required. All VA sensitive information shall be protected at all times in accordance with local security field office System Security Plans (SSP s) and Authority to Operate (ATO) s for all systems/LAN s accessed while performing the tasks detailed in this Product Description. A prohibition on unauthorized disclosure: Information made available to the Contractor or Subcontractor by VA for the performance or administration of this contract or information developed by the Contractor/Subcontractor in performance or administration of the contract shall be used only for those purposes and shall not be used in any other way without the prior written agreement of the VA. This clause expressly limits the Contractor/Subcontractor s rights to use data as described in Rights in Data General, FAR 52.227-14(d).(1). A requirement for data breach notification: Upon discovery of any known or suspected security/privacy incidents, or any unauthorized disclosure of sensitive information, including that contained in system(s) to which the Contractor/Subcontractor has access, the Contractor/Subcontractor shall immediately notify the COR and simultaneously, the designated ISO, and Privacy Officer for the contract. The term security incident means an event that has, or could have, resulted in unauthorized access to, loss or damage to VA assets, or sensitive information, or an action that breaches VA security procedures. See VA Handbook 6500.6, Appendix C, paragraph 6.a. A requirement to pay liquidated damages in the event of a data breach: In the event of a data breach or privacy incident involving SPI the contractor processes or maintains under this contract, the contractor shall be liable to VA for liquidated damages for a specified amount per affected individual to cover the cost of providing credit protection services to those individuals. However, it is the policy of VA to forgo collection of liquidated damages in the event the Contractor provides payment of actual damages in an amount determined to be adequate by the agency. Based on the determinations of the independent risk analysis, the Contractor shall be responsible for paying to VA liquidated damages in the amount of $37.50 per affected individual to cover the cost of providing credit protection services to affected individuals consisting of the following: Notification; One year of credit monitoring services consisting of automatic daily monitoring of at least 3 relevant credit bureau reports; Data breach analysis; Fraud resolution services, including writing dispute letters, initiating fraud alerts and credit freezes, to assist affected individuals to bring matters to resolution; One year of identity theft insurance with $20,000.00 coverage at $0 deductible; and Necessary legal expenses the subjects may incur to repair falsified or damaged credit records, histories, or financial affairs A requirement for annual security/privacy awareness training: Before being granted access to VA information or information systems, all Contractor employees and Subcontractor employees requiring such access shall complete on an annual basis either: (i) the VA security/privacy awareness training (contains VA security/privacy requirements) within 1 week of the initiation of the contract, or (ii) security awareness training provided or arranged by the contractor that conforms to VA s security/privacy requirements as delineated in the hard copy of the VA security awareness training provided to the Contractor. If the Contractor provides their own training that conforms to VA s requirements, they will provide the COR or CO, a yearly report (due annually on the date of the contract initiation) stating that all applicable employees involved in VA s contract have received their annual security/privacy training that meets VA s requirements and the total number of employees trained. See VA Handbook 6500.6, Appendix C, paragraph 9. A requirement to sign VA s Rules of Behavior: Before being granted access to VA information or information systems, all Contractor employees and Subcontractor employees requiring such access shall sign on annual basis an acknowledgement that they have read, understand, and agree to abide by VA s Contractor Rules of Behavior which is attached to this contract. See VA Handbook 6500.6, Appendix C, paragraph 9, and Appendix D. Note: If a medical device vendor anticipates that the services under the contract will be performed by 10 or more individuals, the Contractor Rules of Behavior may be signed by the vendor s designated representative. The contract must reflect by signing the Rules of Behavior on behalf of the vendor that the designated representative agrees to ensure that all such individuals review and understand the Contractor Rules of Behavior when accessing VA s information and information systems.
 
Web Link
SAM.gov Permalink
(https://sam.gov/opp/9a42b376a4dd4219a68648b5743c72f1/view)
 
Record
SN06398354-F 20220723/220721230126 (samdaily.us)
 
Source
SAM.gov Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's SAM Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.