Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
SAMDAILY.US - ISSUE OF SEPTEMBER 17, 2023 SAM #7964
SOURCES SOUGHT

H -- Annual Workplace Evaluation and Physical Security Assessment

Notice Date
9/15/2023 8:01:21 AM
 
Notice Type
Sources Sought
 
NAICS
926150 — Regulation, Licensing, and Inspection of Miscellaneous Commercial Sectors
 
Contracting Office
VETERANS BENEFITS ADMIN (36C10D) WASHINGTON DC 20006 USA
 
ZIP Code
20006
 
Solicitation Number
36C10D23R0009
 
Response Due
10/4/2023 9:00:00 AM
 
Archive Date
10/14/2023
 
Point of Contact
Tiffany Garfield, Contract Specialist, Phone: 813-631-2818
 
E-Mail Address
tiffany.garfield@va.gov
(tiffany.garfield@va.gov)
 
Small Business Set-Aside
SDVOSBC Service-Disabled Veteran-Owned Small Business (SDVOSB) Set-Aside (FAR 19.14)
 
Awardee
null
 
Description
THIS IS MARKET RESEARCH ONLY AND NOT A SOLICITATION We are looking for interested and qualified companies that can meet the Draft Statement of Work Requirements STATEMENT OF WORK 9-14-2023 Annual Workplace Evaluation and Physical Security Assessment Introduction/Background As one of the administrations within the Department of Veterans Affairs (VA), the Veterans Benefits Administration (VBA) provides a variety of benefits and services to service members, veterans, and their families. These benefits and services include but not limited to education benefits, home loans, life insurance, and disability compensation or pension benefits. Award of these benefits often requires information gathering from a multitude of third parties, government agencies, and digital repositories as well as the application of complex rules.  VBA owns and operates a substantial infrastructure portfolio within the National Capital Region (NCR) and Regional Offices throughout the nation. VBA is committed to protecting its workers by conducting annual inspections and assessments consistent with direction from the VBA Office of Mission Support (OMS) Occupational Safety and Health (OSH) Division. The inspections and assessments focus on two major task categories: Annual Workplace Evaluation (AWE) which inspects workplace hazards by evaluating the Occupational Safety and Health programs/elements/requirements. Physical Security Assessments for best practices to mitigate vulnerabilities and threats and countermeasures for specific aspects in the following areas: Facility Overview Facility Security Background Security Force Profile Physical Security Profile Comprehensive Security Systems. VBA accomplishes these inspections through the services of a contractor with the necessary safety expertise and physical security expertise. This approach ensures that VBA receives expert and third-party feedback on safety and physical security. The purpose of this procurement is to engage a highly skilled contractor with expert knowledge and extensive experience as well as credibility in these critical areas of safety and physical security. This document outlines the scope and steps to be taken to create a methodology that promotes consistency, ensures thoroughness, and enhances the quality of the assessment process. Scope The VBA Office of Mission Support (OMS) Occupational Safety and Health (OSH) Division seeks the support of a highly experienced Contractor with broad and extensive technical expertise in two Task Areas 1) Annual Workplace Evaluation and 2) Physical Security Assessments to provide an array of support for numerous VBA District/Regional Offices and select out-based sites. Personnel assigned to the Task Areas shall be specialized and certified in their respective skill areas. Required service areas include: Task Area 1: Annual Workplace Evaluations Annual Workplace Evaluations (AWE) encompass inspections and the completion of checklists and reports for the Occupational Safety and Health (OSH) Programs, which include but are not limited to the following safety programs/elements/requirements: Life Safety Electrical Safety Lock Out/Tag Out, Construction Safety, General Work Environment Housekeeping Medical Services and First Aid Personal Protective Equipment (PPE), Hazard Communication (Global Harmonization System), Federal Agency Requirements, and OSH Training Task Area 2: Physical Security Assessments Physical Security Assessments (PSA) encompass two-year assessment cycles for Regional Offices and three-year assessment cycles for Out-Based Offices and the completion of checklists and reports for: Facility Overview Security Force Profile Entry Controls Employees/Visitors (Badging) Parking Delivery Standoff Barriers, Locks, and Keys Building Envelope Intrusion Detection and Assessment Communications Testing and Maintenance Support Systems, and Systems Management Applicable Criteria Documents The Contractor shall comply with the criteria documents listed below in three categories: 3.1) General Applicable Criteria Documents; 3.2) Annual Workplace Evaluation Criteria Documents; and 3.3) Physical Security Assessment Criteria Documents. General Applicable Criteria Documents:   44 U.S.C. § 3541-3549, Federal Information Security Management Act (FISMA) of 2002   44 U.S.C. § 3551-3558, Federal Information Security Modernization Act (FISMA) of 2014.   Health Insurance Portability and Accountability Act (HIPAA); 45 CFR Part 160, 162, and 164; Health Insurance Reform: Security Standards; Final Rule dated February 20, 2003  36 C.F.R. Part 1194 Information and Communication Technology Standards and Guidelines, January 18, 2017  Sections 524 and 525 of the Energy Independence and Security Act of 2007, (Public Law 110 140), December 19, 2007.  Section 104 of the Energy Policy Act of 2005, (Public Law 109 58), August 8, 2005.  5 U.S.C. § 552a, as amended, The Privacy Act of 1974.    Public Law 109-461, Veterans Benefits, Health Care, and Information Technology Act of 2006, Title IX, Information Security Matters.   Sections 504 and 508 of the Rehabilitation Act (29 U.S.C. § 794d), as amended by the Workforce Investment Act of 1998 (P.L. 105-220), August 7, 1998.  36 C.F.R. Part 1194 Electronic and Information Technology Accessibility Standards.    Section 701 of the Promise to Address Comprehensive Toxics (PACT) Act of 2022 (Public Law 117-168), August 2, 2022  Clinger-Cohen Act of 1996, 40 U.S.C. §11101 and §11103  Social Security Number (SSN) Fraud Prevention Act of 2017  Section 240 of the Consolidated Appropriations Act (CAA) 2018, March 23, 2018  Federal Travel Regulation (FTR) (www.gsa.gov/federaltravelregulation)  Executive Order 13693, Planning for Federal Sustainability in the Next Decade, dated March 19, 2015.  Executive Order 13221, Energy-Efficient Standby Power Devices, August 2, 2001.  Executive Order 13834, Efficient Federal Operations, dated May 17, 2018  Executive Order 13960, Promoting the Use of Trustworthy Artificial Intelligence in the Federal Government, dated December 3, 2020.  Executive Order 14026, Increasing the Minimum Wage for Federal Contractors, dated April 27, 2021.  Executive Order 14028, Improving the Nation's Cybersecurity, dated May 12, 2021.  Executive Order 14034, Protecting Americans' Sensitive Data from Foreign Adversaries, dated June 9, 2021.  Executive Order 14058, Transforming Federal Customer Experience and Service Delivery to Rebuild Trust in Government, dated December 13, 2021.   Homeland Security Presidential Directive (12) (HSPD-12) , August 27, 2004.  Office of Management and Budget (OMB) Circular A-130, Managing Federal Information as a Strategic Resource, July 28, 2016.  OMB Memorandum Security Authorization of Information Systems in Cloud Computing Environments, December 8, 2011 (FedRAMP Policy Memorandum)  OMB Memorandum 05-24, Implementation of Homeland Security Presidential Directive (HSPD) 12 Policy for a Common Identification Standard for Federal Employees and Contractors, August 5, 2005  OMB Memorandum M-08-05, Implementation of Trusted Internet Connections (TIC), November 20, 2007.  OMB Memorandum M-08-23, Securing the Federal Government s Domain Name System Infrastructure, August 22, 2008.  OMB Memorandum M-04-04, E-Authentication Guidance for Federal Agencies, December 16, 2003.  OMB Memorandum M-05-24, Implementation of Homeland Security Presidential Directive (HSPD) 12 Policy for a Common Identification Standard for Federal Employees and Contractors, August 5, 2005.  OMB Memorandum M-11-11, Continued Implementation of Homeland Security Presidential Directive (HSPD) 12 Policy for a Common Identification Standard for Federal Employees and Contractors, February 3, 2011.  OMB Memorandum M-19-17, Enabling Mission Delivery through Improved Identity, Credential, and Access Management, May 21, 2019.  OMB Memorandum M-19-26, Update to the Trusted Internet Connections (TIC) Initiative, September 12, 2019  OMB Memo M-21-06, Guidance for Regulation of Artificial Intelligence Applications, dated November 17, 2020.  OMB Memorandum M-21-07, Completing the Transition to Internet Protocol version 6 (IPv6), November 19, 2020.  OMB Memo M-21-30, Protecting Critical Software Through Enhanced Security Measures, dated August 10, 2021.  OMB Memo M-22-01, Improving Detection of Cybersecurity Vulnerabilities and Incidents on Federal Government Systems through Endpoint Detection and Response, dated October 8, 2021.  OMB Memorandum M-22-09, Moving the U.S. Government Toward Zero Trust Cybersecurity Principles, January 26, 2022.  OMB Memorandum for Chief Information Officers, Guidance for Homeland Security Presidential Directive (HSPD) 12 Implementation, May 23, 2008.  Trusted Internet Connections (TIC) Reference Architecture Document, Version 2.2, Federal Interagency Technical Reference Architectures, Department of Homeland Security, June 19, 2017.   Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance, V2.0, December 2, 2011.  Draft National Institute of Standards and Technology Interagency Report (NISTIR) 798, Mobile, PIV, and Authentication, March 2014.  Federal Information Processing Standards (FIPS) Publication 140-2, Security Requirements for Cryptographic Modules, May 25, 2001.  FIPS 186-5, Digital Signature Standard (DSS), dated February 3, 2023.  FIPS Publication 199, Standards for Security Categorization of Federal Information and Information Systems, February 2004.  FIPS Publication 200, Minimum Security Requirements for Federal Information and Information Systems, March 2006.  FIPS Publication 201-3, Personal Identity Verification of Federal Employees and Contractors, January 2022.  FIPS Special Publication 800-172, Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIS Special Publication 800-171, February 2021.  NIST SP 500-267B Revision 1, USGv6 Profile, November 2020  NIST SP 800-37, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach, Rev. 2, December 20, 2018.  NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizations, dated May 26, 2022.   NIST SP 800-57, Recommendation for Key Management, dated May 4, 2020.  NIST SP 800-63-3, 800-63A, 800-63B, 800-63C, Digital Identity Guidelines, December 1, 2017.  NIST Special Publication (SP) 800-66 Rev 2 (Draft): An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, July 2022.  NIST SP 800-116 Rev. 1, Guidelines for the Use of PIV Credentials in Facility Access, June 29, 2018.  NIST SP 800-157, Guidelines for Derived PIV Credentials, December 19, 2014.  VA Directive 0058, VA Green Purchasing Program, July 19, 2013 (https://www.va.gov/vapubs/index.cfm)  VA Handbook 0058, VA Green Purchasing Program, July 19, 2013 (https://www.va.gov/vapubs/index.cfm)  VA Handbook 0710, Personnel Suitability and Security Program dated May 2, 2016    VA Directive 0710, Personnel Security and Suitability Program, June 4, 2010, (https://www.va.gov/vapubs/index.cfm)  VHA Directive 1605.05, Business Associate Agreements, November 17, 2020, (https://www.va.gov/vhapublications/ViewPublication.asp?pub_ID=9178)  VA Directive and Handbook 6102, Internet/Intranet Services, August 5, 2019 (https://www.va.gov/vapubs/index.cfm)   VA Directive 6102 (Internet/Intranet Services), August 5, 2019 (https://www.va.gov/vapubs/index.cfm)  VA Handbook 6102 (Internet/Intranet Services), August 5, 2019 (https://www.va.gov/vapubs/index.cfm  VA Directive 6300, Records and Information Management, September 21, 2018 (https://www.va.gov/vapubs/index.cfm)  VA Handbook, 6300.1, Records Management Procedures, March 24, 2010 (https://www.va.gov/vapubs/index.cfm)  VA Directive 6500, VA Cybersecurity Program, February 24, 2021 (https://www.va.gov/vapubs/index.cfm)  VA Handbook 6500, Risk Management Framework for VA Information Systems Tier 3: VA Information Security Program, February 24, 2021 (https://www.va.gov/vapubs/index.cfm)  VA Handbook 6500.2, Management of Breaches Involving Sensitive Personal Information (SPI), March 12, 2019 (https://www.va.gov/vapubs/index.cfm)  VA Handbook 6500.5, Incorporating Security and Privacy in System Development Lifecycle, March 22, 2010 (https://www.va.gov/vapubs/index.cfm)  VA Handbook 6500.6, Contract Security, March 12, 2010 (https://www.va.gov/vapubs/index.cfm)  VA Handbook 6500.8, Information System Contingency Planning, April 6, 2011 (https://www.va.gov/vapubs/index.cfm)  VA Handbook 6500.10, Mobile Device Security Policy, February 15, 2018.  VA Handbook 6500.11, VA Firewall Configuration, August 22, 2017.  VA Directive 6508, Implementation of Privacy Threshold Analysis and Privacy Impact Assessment, October 15, 2014.  VA Handbook 6508.1, Procedures for Privacy Threshold Analysis and Privacy Impact Assessment, July 30, 2015.  VA Directive and Handbook 6510, VA Identity and Access Management, January 15, 2016.  A Directive and Handbook 6513, Secure External Connections, October 12, 2017  VA Directive and Handbook 6517, Risk Management Framework for Cloud Computing, November 15, 2016.  VA Directive 6609, Mailing of Sensitive Personal Information, May 20, 2011 (https://www.va.gov/vapubs/index.cfm)  VA Handbook 0730, Security and Law Enforcement, dated August 11, 2000. (https://www.va.gov/vapubs/viewPublication.asp?Pub_ID=93&FType=2)  VA Handbook 0730/1, Security and Law Enforcement, dated August 20, 2004. (https://www.va.gov/vapubs/viewPublication.asp?Pub_ID=96&FType=2)  VA Handbook 0730/4, Security and Law Enforcement, dated March 29, 2013. (https://www.va.gov/vapubs/viewPublication.asp?Pub_ID=700&FType=2)  VA Directive 6066, Protected Health Information (PHI) and Business Associate Agreements Management, dated September 2, 2014.  VA Regulation 2022-13312, Individuals Using the Department of Veterans Affairs Information Technology Systems to Access Records Relevant to a Benefit Claim, dated June 24, 2022.  Authorization Requirements Standard Operating Procedures, v1.35, dated April 13, 2022.   BTS Emergency Notification SOP, v2.0, dated July 22, 2021  Veteran Focused Integration Process (VIP) Guide 4.0, January 2021,  https://www.voa.va.gov/DocumentView.aspx?DocumentID=4371  One-VA Technical Reference Model (TRM) - (reference at https://www.va.gov/trm/TRMHomePage.aspx)  VA Enterprise Cloud Technical Reference Guide, v2.0, dated November 2022.  VA Directive 0735, Homeland Security Presidential Directive 12 (HSPD-12) Program, October 26, 2015.  VA Handbook 0735, Homeland Security Presidential Directive 12 (HSPD-12) Program, March 24, 2014.  VA Enterprise Cloud (VAEC) Technical Reference Guide, July 2018 version 1.   IAM Identity Management Business Requirements Guidance Document , May 2013. https://www.voa.va.gov/documentlistpublic.aspx?NodeID=514   VA Memorandum, VAIQ #7100147, Continued Implementation of Homeland Security Presidential Directive 12 (HSPD-12), April 29, 2011  VA Memorandum, VAIQ #7712300, Mandate to meet PIV Requirements for New and Existing Systems, June 30, 2015.   VA Memorandum, VAIQ #7660995, Continuous Diagnostics and Monitoring of all VA Information Systems, dated January 29, 2016.  VA Memorandum, VAIQ #7497987, Compliance Electronic Product Environmental Assessment Tool (EPEAT) IT Electronic Equipment, August 11, 2014 (reference Document Libraries, EPEAT/Green Purchasing Section. https://www.voa.va.gov/documentlistpublic.aspx?NodeID=552   Office of Information Security (OIS) VAIQ #7424808 Memorandum, Remote Access, January 15, 2014. https://www.voa.va.gov/DocumentListPublic.aspx?NodeId=28   VA Memorandum, VAIQ #7614373, Implementation of Federal Personal Identity Verification (PIV) Credentials for Federal and Contractor Access to VA IT Systems, July 9, 2015. https://www.voa.va.gov/DocumentListPublic.aspx?NodeId=28   VA Memorandum, VAIQ #7613595, Mandatory Use of PIV Multifactor Authentication to VA Information System, June 30, 2015. https://www.voa.va.gov/DocumentListPublic.aspx?NodeId=28   VA Memorandum, VAIQ #7613597, Mandatory Use of PIV Multifactor Authentication for Users with Elevated Privileges, June 30, 2015. https://www.voa.va.gov/DocumentListPublic.aspx?NodeId=28   VA Memorandum Personal Identity Verification (PIV) Logical Access Policy Clarification, July 17, 2019 https://www.voa.va.gov/DocumentView.aspx?DocumentID=4896   VA Memorandum, VAIQ #7581492, Use of Personal Email, April 24, 2015. https://www.voa.va.gov/DocumentListPublic.aspx?NodeId=28   VA Memorandum VAIQ #7823189, Updated VA Information Security Rules of Behavior, September 15, 2017. https://www.voa.va.gov/DocumentListPublic.aspx?NodeId=28  Records Control Schedule VB-1, dated January 31, 2014.  Annual Workplace Evaluation Criteria Documents. 29 CFR 1904 Recording and Reporting Occupational Injuries and Illnesses , latest version 29 CFR 1910 Occupational Safety and Health Standards, latest version 29 CFR 1926 Safety and Health Regulations for Construction, latest version 29 CFR 1960 Basic Program Elements for Federal Employee Occupational Safety and Health Programs and Related Matters , latest version 41 CFR Subtitle C Federal Property Management Regulations System National Fire Protection Association (NFPA) Standards, latest version General Services Administration (GSA) Lease Criteria American National Standards Institute (ANSI) VA Directive 7700 OSH Program VBA Directive 7700 OSH Program Physical Security Assessment Criteria Documents VA Handbooks 0730 Physical Security Design Manual (PDRSM) Interagency Security Committee (ISC) Risk Management Process for Federal Facilities Performance Details Performance Period The Base Period is 12 months from the contract award date. Option Period 1 is a 12-month period from the date of the exercise of the option period. Option Period 2 is a 12-month period from the date of the exercise of the option period. Option Period 3 is a 12-month period from the date of the exercise of the option period. Option Period 4 is a 12-month period from the date of the exercise of the option period. Hours of Work Work at a Government site shall not take place on Federal holidays or weekends unless directed by the Contracting Officer (CO). Hours of work will be established at the contract level. The Contractor may also be required to support 24/7 operations 365 days per year as identified in the contract.   There are 11 Federal holidays set by law (USC Title 5 Section 6103) that VA follows:  Under current definitions, five are set by date:  New Year's Day January 1  Juneteenth Day June 19  Independence Day July 4  Veterans Day November 11  Christmas Day December 25  If any of the above falls on a Saturday, then Friday shall be observed as a holiday. Similarly, if one falls on a Sunday, then Monday shall be observed as a holiday.  The other six (6) are set by a day of the week and month:  Martin Luther King's Birthday Third Monday in January  Washington's Birthday Third Monday in February  Memorial Day Last Monday in May  Labor Day First Monday in September  Columbus Day Second Monday in October  Thanksgiving Fourth Thursday in November   Place of Performance Locations of the work shall be at Government and Contractor sites within the Continental United States (CONUS), the Philippines, Puerto Rico, St. Thomas, and St. Croix. No work at Contractor site(s) shall be performed outside of the Continental United States (OCONUS). The primary work performed at the Government locations is identified in Appendix xxx Travel Most of the work shall require travel by the Contractor, anticipated requirements for travel include Contractor or combined Contractor/VBA staff teams performing facility assessment, visits, inspections, or training. All travel shall be in accordance with the GSA Federal Travel Regulations, Federal Acquisition Regulation (FAR) 31.205-46. Travel shall be inclusive with the price quote. In addition, all travel must be pre-approved by the Contracting Officer s Representative (COR). For AWE travel, the Contractor shall visit all the Regional Offices (ROs) and Out-Based Offices (OBOs) facilities during each period of performance. Preparation for each on-site visit shall include a Pre-Visit Conference Call, Opening Conference, and Closing Conference with the VBA identified point of contacts. These may include the facility Director, Assistant Director, Collateral Duty Safety Officer (CDSO), Security Officer, union representatives, and other personnel identified by VBA. For PSA travel, the Contractor shall visit xxx VBA facilities during the period of performance. Preparation for and each visit shall include a Pre-Visit Conference Call, Opening Conference, and Closing Conference with the VBA identified point of contacts. These may include the facility Director, Assistant Director, Collateral Duty Safety Officer (CDSO), Security Officer, union representatives, and other personnel identified by VBA. Most VBA facilities shall require a one-day visit plus travel to and from the facility. Some of the larger facilities may require 1.5 to 2 days depending on size and complexity. The Contractor shall coordinate with the facilities point-of-contact (POC) will provide the Contractor with a schedule. Contractor shall make every effort to minimize travel and combine individual visits within a normal work week. Non-Government Facilities Personnel performing at Contractor facilities shall comply with VA and/or Federal Assessment and Authorization (A&A) requirements. The Contractor shall disclose specific facility information during the solicitation process as part of the Contractor proposal. All facilities shall be approved by VA and in compliance with VA Security and Privacy. All facilities containing VA source materials shall be compliant with 36 CFR Part 1234, Subpart B, with no exceptions made for the waivers discussed within 36 CFR Part 1234, Subpart B. Contractor Acquired Equipment The Contractor shall acquire and/or provide any hardware and/or software required to accomplish the contract that is not provided as Government Furnished Property (GFP). All hardware/software must adhere to VA information technology (IT) requirements, including the requirement for an Authority to Operate (ATO). Software integrity shall be maintained by the Contractor within the licensing agreement of the producer. Task Description The sections below provide details. Project Management, Task Management, and Work Plan The purpose of this task is to manage and coordinate support for overall project management, ensure ongoing communications, integration and collaboration, quality, status reporting, and staff allocations; and identify and address risks and issues. This task includes overall management of the project. The Contractor shall perform the following activities: Conduct a kick-off meeting to define a common understanding of project plan, major actions, key milestones, and schedules as well as deliverables. Introduce Contractor personnel and describe the roles of individuals. Provide the staff experience profile that accomplishes the tasks in this contract. Identify the periodic meetings to discuss progress, plans, risks, and issues. Work Plan for AWE Develop a Work Plan for AWE inspections that serves as a living document throughout the period of performance and will cover the following general areas: Develop AWE best practices for inspections. Execute AWE Inspection Deployment Schedule. Document risks, issues, and FboNotice causes of deficiencies. Make recommendations for corrective actions and preventive measures. Continual improvement of AWE inspection process using information gathered from past and ongoing inspections. Work Plan for Physical Security Assessments Develop a Work Plan for Physical Security Assessments that serves as a living document throughout the period of performance and will cover the following general areas: Document risks, issues, and make recommendations for execution of the Physical Security Assessments inspections. Develop Physical Security Assessment best practices for inspections, and Develop Physical Security Assessment Deployment Schedule Two-year cycle for Regional Offices (RO) Three-year cycle for Out-Based Offices (OBO) Update the Physical Security Assessment information as may be required. The deployment schedule, whether AWE or Physical Security Assessment, shall be coordinated with and approved by a VBA identified point of contact. The deployment schedule will consider accessibility, proximity, and complexity to streamline logistics requirements. The VBA COR will work with the Contractor to develop the schedule in consideration of priorities and travel efficiency. The schedule shall reflect how the Contractor s plan will implement an efficient methodology for conducting all the required site visits (e.g., group two to three VBA facilities in a single trip so that grouped AWE Inspections or Physical Security Assessments shall be completed in a single week based on geography, proximity, and other travel considerations). Overall Managerial Activities for the Conduct of AWE Inspections and Physical Security Assessments Planning/Preparation The Contractor team shall review applicable regulations for the facility based on the answers to any pre-visit Questionnaire (developed as part of the protocol), review and prepare required forms for the visit, prepare a Contractor Team Plan for each facility visit to minimize time impacts to VBA facilities operations, and review the protocol so that all the steps will be followed to complete the evaluation or assessment. The Contractor will create the Opening Conference Guide and Facility Schedule. The VBA identified point of contacts will coordinate with the Contractor for any visits attended by additional observers beyond the expected personnel. AWE Planning and Preparation During the planning and preparation activities, AWE inspectors shall review the checklist provide by VBA requiring on-site completion (listed below and in Appendix B): OMS Checklist for Annual Workplace Safety and Health Inspections Other site-specific AWE documents At a minimum, the assessor(s) shall review the site mission and related documents to include but not limited to organization charts, OSH operational criteria for the site, site plans and procedures, past site office AWE checklist/surveys, facility plans and lists, housekeeping and custodial operations/procedures, personal protective equipment policy/procedures, alarm procedures, site maps, and architectural/engineering drawings. Architectural/engineering drawings shall include but not be limited to: Floor plans for all floors including emergency egress. Interior plans to include special room layouts and workstations. HVAC plans Electrical and lighting floor plans Plumbing plans Fire Safety floor plans Site plans including sidewalks, parking, loading dock, etc. Other site-specific plans as may be defined by contractor. Physical Security Planning and Preparation During the planning and preparation activities, physical security assessors shall review the checklist documents requiring on-site completion (listed below and in Appendices C, D and E): Facility Security Assessment: Building Engineer Questionnaire Facility Security Assessment: Cybersecurity Questionnaire Facility Security Assessment: Tenant Agency Questionnaire PACS Assessment Toolkit (Physical Access Control Systems) Other site-specific documents as may be defined by contractor. At a minimum, the assessor(s) shall review the site mission and related documents to include but not limited to organization charts, site security plans and procedures, past site office assessment checklist/surveys, site/facility asset lists, alarm procedures, and site maps/drawings. Site maps/drawings may include but not be limited to: Security areas (property protection areas, security areas, vaults, vault type rooms, etc.) Critical facilities Controlled areas Building definitions Location of security posts Classified matter areas Vital equipment areas Lighting diagrams Sensors (types, locations, controls, etc.) Alarms (types, locations, controls, etc.) Data transmission systems Console equipment, and Miscellaneous security items. The assessor shall plan and prepare for interviews of personnel to gain insight into facility operations. The assessor shall determine the organizational levels of personnel to interview to include but not be limited to security managers (government and contractor), facility managers and staff, vault/vault-type room custodians, security police officers (SPOs), security technicians/specialists, systems engineers and programmers, central alarm station (CAS), secondary alarm station (SAS) operators and other personnel as determined by the contractor and coordinated with the government representative. Interviews may be formal or informal and may take the form of discussions during facility tours or performance testing. Facility Visit The Contractor will conduct the visit. In conducting the facility visit, the Contractor will gather information that will be used to confirm compliance with applicable internal and external standards as well as the specific Checklist prepared for the facility. The facility visit will begin with an Opening Conference, review of any pre-visit Questionnaire and required checklist(s), and verification of the Facility Visit Schedule. The team will conduct interviews of staff, observe operations, and review records to gather required data and develop findings. Preliminary findings will be discussed with facility management to ensure that the information gathered is correct and the Contractor will conduct a Closing Conference to review all findings at the conclusion of the visit. AWE Conduct During On-Site Visit During the on-site visit, the AWE Inspector(s) shall conduct themselves in a professional manner as the agenda and materials prepared duringthe planning and preparation phase is used to guide interviews and tours in concert and coordination with on-site representatives. The Inspectors may collect information as necessary and complete the required OMS Checklist, as well as collect additional information as deemed necessary for the specific site. The Inspectors shall discuss observed deficiencies, potential concerns and previous findings that may have required attention/resolution. The Inspectors shall work with on-site representative on a action plan and timeline, if necessary, for resolving deficiencies and consider establishing a prioritized list for actions. Set-up/schedule follow-up meetings as appropriate for communication and resolution of open items. Physical Security Assessment Conduct During On-Site Visit During the on-site visit, the Physical Security Assessors shall use detailed information prepared during the planning and preparation phase to guide interviews and tours of the physical security aspects of the facility, collecting and documenting information as necessary and as appropriate. The Assessor(s) shall review common deficiencies, potential concerns, and previous findings after completing each data collection activity to determine whether any of the identified deficiencies are apparent at the facility. If so, assessors shall then determine whether subsequent activities should be reprioritized. Set-up/schedule follow-up meetings as appropriate for communication and resolution of open items. Identify and verify actions and/or documents planned to be addressed as part of the follow-up meetings. Data Synthesis / Forms/ Reports In addition to required forms and checklist, the Contractor shall create and provide a site visit report, preliminary before departure from the site and final report no later than 10-days after the site visit. The Contractor shall w...
 
Web Link
SAM.gov Permalink
(https://sam.gov/opp/ec8ffea4235d486195279cd88a268ad6/view)
 
Place of Performance
Address: Department of Veterans Affairs Veterans Benefits Administration Acquisition Division 1800 G Street NW, Washington, DC 20006, USA
Zip Code: 20006
Country: USA
 
Record
SN06833891-F 20230917/230915230101 (samdaily.us)
 
Source
SAM.gov Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's SAM Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.