US Air Force issues presolicitation for cybersecurity risk management framework contract
On December 15, the US Air Force issued a presoliciation notice (number FA7037-13-R-0009) to support intelligence, surveillance and reconnaissance (ISR) enterprise information technology risk management. The agency plans to issue an RFP in January, 2015, with the three-year contract to begin in April, 2015.
The 25 AF/A6 Directorate of Communications has a requirement for Cybersecurity Risk Management Framework services. The Government requires essential information technology, information assurance, and engineering services required to manage risk and maintain information resource protections to support current mission.
Principal goals of Risk Management Framework (RMF) are to protect the element’s ability to perform its mission, not just its information assets; improve information security; avoid unnecessary and costly duplication of effort; ensure standards and guidelines employ protections; focus on a more holistic and strategic risk management process designed to develop trust across the IC information technology enterprise through the use of common standards and reciprocally accepted assessment and authorization decisions. The RMF steps require the categorization of the information system; the selection of security controls based on the system categorization; the implementation of security controls; the assessment of the security controls to ensure they’re working as intended; the authorization of the Information System; and the monitoring of security controls. Networks that may be affected are the AF Distributed Common Ground System (DCGS), AF Joint Worldwide Intelligence Communications System (JWICS), National Security Agency (NSA), as well as other SCI and AF ISR environments.
Requirement is anticipated for a Firm Fixed Price three year (1 year base period, and 2 option years) contract action. Requirement is anticipated to begin April 2015. Acquisition strategy is to award an 8(a) IDIQ type vehicle to meet the Government needs. Government anticipates issuing a request for proposal by Jan 2015.
Contractor shall have and maintain a final US Government issued Top Secret/ Sensitive Compartmentalized Information (TS/SCI) security clearance with a current National Agency Check (NAC).
The draft Performance Work Statement is available here.