NRL looks for small business cybersecurity help
On June 1, the Naval Research Laboratory issued a sources sought notice for cybersecurity risk management support. Responses are due no later than June 15.
The Naval Research Laboratory is searching for potential 8(a) sources that are capable of performing the requirements set forth in the draft statement of work titled: “Cybersecurity Risk Management Support Services in support of Naval Research Laboratory.” The intent of this RFI is to identify potential 8(a) small businesses with the capabilities and demonstrated experience in performing the necessary tasks.
This is a non-personal services contract to provide Cybersecurity Risk Management support services for Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) / Risk Management Framework (RMF) Assess and Authorize (A&A) in support of Naval Research Laboratory (NRL). The salient purpose of this work effort is to ensure that all Information Systems (IS) being used at NRL are consistently DoD/DoN DIACAP/RMF compliant.
The requirement is for Cybersecurity Risk Management program for NRL’s Information Systems to be able to conform to the DoD/DoN DIACAP/RMF program. The services will include: preparation of IS’s A&A packages under strict adherence to DIACAP/RMF standardized processes and templates, and to submit completed packages for accreditation; monitoring and verification of DIACAP/RMF compliance of existing IS systems in accordance with DISAapproved Information Assurance (IA) controls ; monitor and evaluate the functionality of NRL Host Based System (HBSS) systems; monitor and evaluate the functionality of NRL Assured Compliance Assessment Solution (ACAS) systems and Contingency Plan (CP) maintenance.
Full information and draft statement of work are available here.