Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF AUGUST 07, 2009 FBO #2813
AWARD

R -- RECOVERY - Department of State Security Assurance Services & Innovation

Notice Date
8/5/2009
 
Notice Type
Award Notice
 
Contracting Office
U.S. Department of State, Office of Logistics Management, Acquisition Management, P.O. Box 9115, Rosslyn Station, Arlington, Virginia, 22219
 
ZIP Code
22219
 
Archive Date
8/19/2009
 
Point of Contact
Lanah B. Hamrick, Phone: 7038756842
 
E-Mail Address
hamricklb@state.gov
(hamricklb@state.gov)
 
Small Business Set-Aside
N/A
 
Award Number
ModificationM014
 
Award Date
8/4/2009
 
Awardee
Systems Research and Applications Corporation (SRA), 4350 Fair Lakes Court, Fairfax, Virginia 22033-4232, United States
 
Award Amount
$10.5 Million (estmated)
 
Description
Description: In compliance with the transparency and accountability requirements associated with the supplemental appropriations provided by the American Recovery and Re-Investment Act of 2009, Publ.L. 111-5, THIS NOTICE IS PROVIDED FOR INFORMATION PURPOSES ONLY, IAW FAR 5.705, Publicizing –post award. The Government posts this notice of non-competitive award of Modification M014 to Department of State SASI (Security Assurance Services and Innovation) Task Order (TO) No. 1 (S-AQMMA-08-L-3182) to provide three new in scope Functional Task Areas (FTAs) under the task order. TO-1 was initially competed among the eight contractors that were awarded Department of State Blanket Purchase Agreements for SASI requirements. The eight SASI BPAs were awarded under General Services Administrative Federal Supply Schedule No. 70. The three FTAs that are being added to TO-1 are for Improved Defense Sensors (FTA 7.12), Hardened IT Security Infrastructure (FTA7.13), and Classified Assessments (FTA 714) and their associated tasks. The modification is awarded on a Time-and-Materials basis in the estimated amount of $10.5 million for the period August 4, 2009 through December 16, 2011. As with the other T&M tasks being performed under SASI TO-1, the ARRA-funded task requirements constitute day-to-day support of DS/CS’s operations that cannot be broken into useful increments that could be funded on a firm-fixed-price basis. Specific activities within each task/subtask are variable in length, duration and cost, and the specifics of each of the activities are dependent on emerging requirements and DS and Bureau of Information Resource Management (IRM) Initiatives. A time and material approach for these particular Functional Task Areas allows flexibility not afforded by firm fixed price, but still affords ongoing, rigorous government oversight through established DS/CS business processes. These services will be performed for the 4.5 months remaining in task order Option Period One (through December 16, 2009); the 12-months of Option Period Two (December 17, 2009 through December 16, 2010); and the 12-months of Option Period Three (December 17, 2010 through December 16, 2011), if exercised, pursuant to funds provided by the American Recovery and Reinvestment Act of 2009. The modification includes FAR Clauses 52.203-15 and 52.204-11. Set forth below is the text of the requirements of the Functional Task Areas added to SASI TO-1. These are identical to the requirements that were posted in the pre-award notice of May 26, 2009. FUNCTIONAL TASK AREAS 7.12, 7.13, AND 7.14 AND THEIR ASSOCIATED TASKS ARE INCORPORATED INTO SASI TO-1 PURSUANT TO THE AMERICAN RECOVERY AND REINVESTMENT ACT (ARRA) OF 2009. 7.12 ARRA - Improved Defense Sensors Provide technical and management support for implementing capabilities for improved network defense. Specific activities include the following: 7.12.1 Network Defense Monitoring and Response •Support evaluation, testing, and implementation of capabilities to increase proactive network defense, such as capabilities for monitoring and trend analysis of attempted external attacks •Support evaluation, testing, and implementation of capabilities for monitoring the protection of Personal Identifiable Information (PII) •Perform security monitoring and respond to incidents involving network defense or PII •Coordinate network defense and PII protection activities with Department entities such as IRM/ENM and IRM/IA •Provide subtask monthly status reports as part of the Program and Task Status Report by the 15th of each month, containing details as described in paragraph 7.l, Program Management and Administration •Report on quality performance measures quarterly as part of the overall Program performance review 7.12.2 Network Defense Threat Analysis •Research, evaluate and implement advanced threat identification and analysis capabilities to provide for proactive and improved network defense •Determine and analyze risk exposure of PII, identifying potential threats and vulnerabilities •Participate in implementation of network defense sensors and PII safeguards •Coordinate network defense and PII protection activities with Department entities such as ENM and IRM/IA •Provide subtask monthly status reports as part of the Program and Task Status Report by the 15th of each month, containing details as described in paragraph 7.l, Program Management and Administration •Report on quality performance measures quarterly as part of the overall Program performance review 7.12.3 Network Defense Capabilities •Research, evaluate, test and recommend security tools and capabilities to improve network defense and guard against and track cyber attacks •Research, evaluate, test and recommend capabilities for monitoring and preventing PII data loss •Support implementation of network defense sensors and PII monitoring tools •Develop security guidelines for new technologies, to include software and hardware, to be implemented within the Department to ensure proper protection of information assets •Coordinate network defense and PII protection activities with Department entities such as IRM/ENM and IRM/IA •Provide subtask monthly status reports as part of the Program and Task Status Report by the 15th of each month, containing details as described in paragraph 7.l, Program Management and Administration •Report on quality performance measures quarterly as part of the overall Program performance review 7.13 ARRA - Hardened IT Security Infrastructure Provide technical and management support to provide for a more secure network infrastructure as part of the DoS IT infrastructure modernization. Specific activities include the following: 7.13.1 Enhanced Security Infrastructure •Contribute technical expertise in the development and implementation of the modernized, state-of-the-art DoS IT infrastructure •Support implementation of increased regionalization, expanded use of HIDS / HIPS, network acceleration, routers, encryption, and enclave capabilities •Support implementation enterprise wide HIPS, PII protection capabilities and other safeguards •Perform technical Interface and coordination with IRM/ENM, IRM/IA and other Department entities involved in DoS IT infrastructure modernization •Provide subtask monthly status reports as part of the Program and Task Status Report by the 15th of each month, containing details as described in paragraph 7.l, Program Management and Administration •Report on quality performance measures quarterly as part of the overall Program performance review 7.13.2 Advanced Threat Analysis Capability •Contribute technical expertise in the development and implementation of the modernized, state-of-the-art DoS IT infrastructure •Research, evaluate and recommend advanced threat identification and analysis capabilities for the modernized DoS IT infrastructure •Support evaluation and implementation of safeguards for the modernized DoS IT infrastructure and for reducing risk exposures of PII •Perform testing, integration, and implementation of advanced threat analysis tools to include pilot testing, rollout, acceptance testing, transition and operation support •Perform technical Interface and coordination with IRM/ENM, IRM/IA and other Department entities involved in DoS IT infrastructure modernization •Provide subtask monthly status reports as part of the Program and Task Status Report by the 15th of each month, containing details as described in paragraph 7.l, Program Management and Administration •Report on quality performance measures quarterly as part of the overall Program performance review 7.13.3 Security Tools Life Cycle •Contribute technical expertise in the development and implementation of the modernized, state-of-the-art DoS IT infrastructure •Perform life cycle activities to incorporate enhanced security tools in support of DoS IT infrastructure modernization •Research, evaluate and integrate security technology to support the new DoS Firewall architecture •Research, evaluate and integrate security technology to support increased regionalization, expanded use of HIDS / HIPS, network acceleration, routers, encryption, and enclave capabilities •Support evaluation and testing of PII safeguards •Develop security guidelines for the modernized DoS IT Infrastructure •Perform technical Interface and coordination with ENM, IRM/IA and other Department entities •Provide subtask monthly status reports as part of the Program and Task Status Report by the 15th of each month, containing details as described in paragraph 7.l, Program Management and Administration •Report on quality performance measures quarterly as part of the overall Program performance review 7.14 ARRA - Classified Systems Assessments Provide technical and management support for increasing the security of Department’s classified systems and interfaces and connectivity with Department of Defense’s SIPRNet and other classified systems. Specific activities include the following: 7.14.1 Classified Systems Security Monitoring and Analysis •Perform technical analysis and evaluation of security monitoring and incident response tools for the Department’s SECRET and SBU/FOUO networks •Support extension of Desktop End Point Protection capability across the Department’s SECRET and below networks •Support enhanced classified network defense to ensure compliance with ODNI FDCC mandates •Monitor classified networks for signs of intrusion to include network access control to prevent un-patched or potentially compromised hosts from connecting to the Department’s networks •Provide technical expertise for increasing the security of the Department’s classified systems and interfaces/connectivity with SIPRNet and other classified systems •Perform technical interface and coordination with entities managing and operating classified networks at the Department of State, Department of Defense and other Government agencies •Provide subtask monthly status reports as part of the Program and Task Status Report by the 15th of each month, containing details as described in paragraph 7.l, Program Management and Administration •Report on quality performance measures quarterly as part of the overall Program performance review 7.14.2 Classified Systems Threat Analysis •Research, evaluate and recommend advanced threat identification and analysis capabilities for the Department’s classified systems •Support testing, integration, and implementation of advanced threat analysis tools for classified systems to include pilot testing, rollout, acceptance testing, transition and operation support •Provide technical expertise for increasing security of the Department’s classified systems and interfaces/connectivity with SIPRNet and other classified systems •Perform technical interface and coordination with entities managing and operating classified networks at the Department of State, Department of Defense and other Government agencies •Provide subtask monthly status reports as part of the Program and Task Status Report by the 15th of each month, containing details as described in paragraph 7.l, Program Management and Administration •Report on quality performance measures quarterly as part of the overall Program performance review 7.14.3: Classified Systems Security Tools Life Cycle •Research, evaluate and implement security technology and tools to provide for improved security for classified systems •Provide technical expertise for increasing the security of the Department’s classified systems and interfaces/connectivity with SIPRNet and other classified systems •Support extension of Desktop End Point Protection capability across the Department’s SECRET and below networks •Support enhanced classified network defense to ensure compliance with ODNI FDCC mandates •Support inspections and assessments of DoS classified systems similar to those conducted for the SIPRNet •Perform technical interface and coordination with entities managing and operating classified networks at the Department of State, Department of Defense and other Government agencies •Provide subtask monthly status reports as part of the Program and Task Status Report by the 15th of each month, containing details as described in paragraph 7.l, Program Management and Administration •Report on quality performance measures quarterly as part of the overall Program performance review Table 7.21-1, Summary of Deliverables (ARRA) Deliverable Paragraph ReferenceDue Date days = business daysUpdate Frequency Days = business days Policy, Standards and Awareness (cont’d) Improved Defense Sensors (Applicable to Modification M014) Monthly activities report as Monthly Task Status Report 7.1215th of each month Monthly Quarterly Performance Measures Report as part of Overall Program Performance Review 7.12May 31st, August 31st, November 30th, and February 28thQuarterly Hardened IT Security Infrastructure Monthly activities report as Monthly Task Status Report 7.1315th of each month Monthly Quarterly Performance Measures Report as part of Overall Program Performance Review 7.13May 31st, August 31st, November 30th, and February 28th Quarterly Classified Systems Assessments Monthly activities report as Monthly Task Status Report 7.1415th of each month Monthly Quarterly Performance Measures Report as part of Overall Program Performance Review 7.14May 31st, August 31st, November 30th, and February 28th Quarterly QUALITY ASSURNACE SURVEILLANCE PLAN (From date of bilateral execution of Modification M014 through December 16, 2010 for ARRA Tasks/Subtasks) Required Service Performance Standard Acceptable Quality Level (AQL)Monitoring Method to be UsedMonitoring Performed by/Date(s)Compliance with Performance Standards/AQL Network Defense Monitoring and Response Timeliness & QualityComplete all tasks and deliverables by established due dates Deliverables address all required elements and reflect technical depth and competency Meets: > 95% on time Unsat: < 95% on time Meets: address all required elements and reflect technical depth and competency Unsat: do not address all required elements or reflect technical depth or competencyPeriodic Inspection Random Inspection (Judgmental Inspection) Network Defense Threat Analysis Timeliness & QualityComplete all tasks and deliverables by established due dates Deliverables address all required elements and reflect technical depth and competency Meets: > 95% on time Unsat: < 95% on time Meets: address all required elements and reflect technical depth and competency Unsat: do not address all required elements or reflect technical depth or competencyPeriodic Inspection Random Inspection (Judgmental Inspection) Network Defense Capabilities Timeliness & QualityComplete all tasks and deliverables by established due dates Recommended/Engineered solutions produce the desired outcome Deliverables address all required elements and reflect technical depth and competency Meets: > 95% on time Unsat: < 95% on time Meets: produce the desired outcome Unsat: do not produce the desired outcome Meets: address all required elements and reflect technical depth and competency Unsat: do not address all required elements or reflect technical depth or competencyPeriodic Inspection 100% Inspection (Judgmental Inspection) Random Inspection (Judgmental Inspection) Enhanced Security Infrastructure Timeliness & QualityComplete all tasks and deliverables by established due dates Deliverables address all required elements and reflect technical depth and competency Meets: > 95% on time Unsat: < 95% on time Meets: address all required elements and reflect technical depth and competency Unsat: do not address all required elements or reflect technical depth or competencyPeriodic Inspection Random Inspection (Judgmental Inspection) Advanced Threat Analysis Capability Timeliness & QualityComplete all tasks and deliverables by established due dates Deliverables address all required elements and reflect technical depth and competency Meets: > 95% on time Unsat: < 95% on time Meets: address all required elements and reflect technical depth and competency Unsat: do not address all required elements or reflect technical depth or competencyPeriodic Inspection Random Inspection (Judgmental Inspection) Security Tools Life Cycle Timeliness & QualityComplete all tasks and deliverables by established due dates Recommended/Engineered solutions produce the desired outcome Deliverables address all required elements and reflect technical depth and competency Meets: > 95% on time Unsat: < 95% on time Meets: produce the desired outcome Unsat: do not produce the desired outcome Meets: address all required elements and reflect technical depth and competency Unsat: do not address all required elements or reflect technical depth or competencyPeriodic Inspection 100% Inspection (Judgmental Inspection) Random Inspection (Judgmental Inspection) Classified Systems Security Monitoring and Incident Response Capabilities Timeliness & QualityComplete all tasks and deliverables by established due dates Deliverables address all required elements and reflect technical depth and competency Meets: > 95% on time Unsat: < 95% on time Meets: address all required elements and reflect technical depth and competency Unsat: do not address all required elements or reflect technical depth or competencyPeriodic Inspection Random Inspection (Judgmental Inspection) Classified Systems Threat Analysis Timeliness & QualityComplete all tasks and deliverables by established due dates Deliverables address all required elements and reflect technical depth and competency Meets: > 95% on time Unsat: < 95% on time Meets: address all required elements and reflect technical depth and competency Unsat: do not address all required elements or reflect technical depth or competencyPeriodic Inspection Random Inspection (Judgmental Inspection) Classified Systems Security Tools Life Cycle Timeliness & QualityComplete all tasks and deliverables by established due dates Recommended/Engineered solutions produce the desired outcome Deliverables address all required elements and reflect technical depth and competency Meets: > 95% on time Unsat: < 95% on time Meets: produce the desired outcome Unsat: do not produce the desired outcome Meets: address all required elements and reflect technical depth and competency Unsat: do not address all required elements or reflect technical depth or competencyPeriodic Inspection 100% Inspection (Judgmental Inspection) Random Inspection (Judgmental Inspection)
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/State/A-LM-AQM/A-LM-AQM/Awards/ModificationM014.html)
 
Record
SN01900495-W 20090807/090806001526-9bed8ee5d646e7b97f94abda86dca301 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.