SOLICITATION NOTICE
D -- Governance, Risk and Compliance Consultant
- Notice Date
- 4/30/2024 4:41:50 PM
- Notice Type
- Solicitation
- NAICS
- 541519
— Other Computer Related Services
- Contracting Office
- FA2218 AFIMSC IZHR JBSA RANDOLPH TX 78150-4349 USA
- ZIP Code
- 78150-4349
- Solicitation Number
- GCTOF-24-03
- Response Due
- 6/28/2024 10:00:00 AM
- Archive Date
- 06/28/2024
- Point of Contact
- Ana Mendez-Garner, Phone: 2109698190, Portmann Werner, Phone: 2109695776
- E-Mail Address
-
AFIMSC.HC.ResourceManagement@us.af.mil, AFIMSC.HC.ResourceManagement@us.af.mil
(AFIMSC.HC.ResourceManagement@us.af.mil, AFIMSC.HC.ResourceManagement@us.af.mil)
- Description
- The contractor acts as a Governance, Risk, and Compliance (GRC) Consultant for AFIMSC under a non-personal service contract. The contractor's responsibilities include: 1. Ensuring the Chaplain Corps Accounting Section (CCAC) achieves and maintains an Authorization to Operate (ATO) for its current and future cloud-based accounting systems. This involves consistent progress in attaining ATO and avoiding lapses. 2. Conducting detailed assessments of the organization's GRC posture, focusing on cybersecurity controls, policies, and procedures in compliance with various DoD, Air Force, and local policies. 3. Evaluating and ensuring compliance with designated accounting software and network requirements, identifying weaknesses, and coordinating migrations to cloud-based services with appropriate security measures like FEDRAMP. 4. Developing and recommending strategies to address compliance gaps, vulnerabilities, and risks in alignment with DoD and Air Force standards, and providing action plans to address identified issues. 5. Offering guidance and expertise on interpreting and applying relevant standards and frameworks, ensuring alignment with organizational objectives, and providing advice on governance practices for improved performance. 6. Collaborating with cross-functional teams to design, implement, and maintain effective risk management processes and controls, ensuring seamless integration into daily operations and alignment with the organization�s strategic goals. 7. Assisting in the documentation and maintenance of security controls, policies, and procedures, updating these as necessary to reflect changes in regulations or emerging threats, and maintaining records for audit purposes. 8. Regularly conducting reviews and audits to assess compliance with established frameworks, identify areas for improvement, and monitor the effectiveness of risk management controls. 9. Providing training and knowledge transfer sessions on GRC principles, compliance requirements, and risk management best practices to internal stakeholders. 10. Maintaining relevant certifications and proficiency with tools like eMASS and ITIPS, demonstrating experience with the Risk Management Framework and NIST publications related to security and privacy controls, and guidance on applying these frameworks to federal information systems.
- Web Link
-
SAM.gov Permalink
(https://sam.gov/opp/514222472cf5411283af091da0feb7f2/view)
- Place of Performance
- Address: JBSA Randolph, TX 78150, USA
- Zip Code: 78150
- Country: USA
- Zip Code: 78150
- Record
- SN07046680-F 20240502/240430230055 (samdaily.us)
- Source
-
SAM.gov Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's SAM Daily Index Page |