Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF JUNE 10, 2015 FBO #4947
SOLICITATION NOTICE

R -- Engineering Services for LINK Integration - Sole Source Justification And Security Document

Notice Date
6/8/2015
 
Notice Type
Combined Synopsis/Solicitation
 
NAICS
541330 — Engineering Services
 
Contracting Office
Department of Homeland Security, United States Coast Guard (USCG), C4IT (C3CEN), Coast Guard Blvd, Portsmouth, Virginia, 23703, United States
 
ZIP Code
23703
 
Solicitation Number
HSCG44-15-Q-PC7068
 
Archive Date
7/7/2015
 
Point of Contact
James A Lassiter, Phone: (757)686-2149
 
E-Mail Address
james.a.lassiter@uscg.mil
(james.a.lassiter@uscg.mil)
 
Small Business Set-Aside
N/A
 
Description
Industrial Security Addendum Sole Source Document This is a combined synopsis/solicitation for commercial items prepared in accordance with the format in FAR Subpart 12.6 as supplement with additional information in this notice. This announcement constitutes the only solicitation and no other solicitation document will be issued. This solicitation is issued as a Request for Quote number RFQ HSCG44-15-Q-PC7068. This number is for tracking purposes only. Solicitation documents and incorporated provisions and clauses are those in effect through Federal Acquisition Circular 05-82. This procurement will be processed in accordance with FAR Part 12 and 13. The North American Industry Classification System (NAICS) is 541330. The SBA size standard is $15.0 Million. Due to this Acquisition being considered to be a Sole Source Procurement it is not anticipated that the Contracting Officer will receive 2 or more Offers from qualified Small Business Concerns: therefore IAW FAR 19.502-2(a). This IS NOT A TOTAL Small Business Set-A-Side. The service is to be performed by Ultra Electronics. The USCG Command, Control and Communication Engineering Center (C3CEN) Portsmouth, VA intends to purchase Engineering Services for "Link Integration" IAW Attached Statement of Work. The proposed contract action resulting from this synopsis/solicitation for commercial supplies is the Governments intention to solicit and negotiate with only one source under the authority of FAR 6.302-1 & 13.106-1(b). Interested persons/parties may identify their interest and capability to respond to the requirement or submit proposals. This notice of intent is not a request for competitive quotations/proposals. However, all quotations and proposals received will be considered by the USCG/Government. A determination by the USCG/Government not to compete with this proposed contract based upon responses to this notice is solely within the discretion of the USCG/Government. Information received will normally be considered solely for the purpose of determining whether to conduct a competitive procurement, and for informational purposes for future acquisitions. The contractor for this proposed Sole Source contract is Ultra Electronics, Cage Code: 0B9D8. A current System for Award Management (SAM) Data Search was conducted on June 4, 2015 by the by the Contracting Officer. This Contractor is current/active in SAM and does not have any active Exclusion. This is considered to be a Sole Source Acquisition. See attached Justification. The Coast Guard does not own nor can they obtain specifications, drawings, plans or other technical data for this service. Request for drawings/specs will be disregarded. Items are to be NEW items. Used or Refurbished items are NOT acceptable. Substitutes proposed will NOT be considered for Award. See Justification below. Any Contractors that are Authorized Service Representative of Ultra Electronics is encouraged to provide a Firm Fixed Price Quotation IRT this Solicitation. The USCG/Government intends to award a contract resulting from this solicitation to the responsible bidder proposal conforming to the solicitation which will be most advantageous and Best Value to the Government, price and other factors considered. The Required Performance Period Date is 6 Months ARO. Services are required to be performed in Austin, TX, San Diego, CA and at U.S. Coast Guard, C3CEN, 4000 Coast Guard Blvd, Portsmouth, Virginia 23703-2199, unless otherwise directed. *PLEASE NOTE* Interested Offeror's are to provide Firm Fixed Price Proposals with Hourly Rates and Estimated Travel Information by Jun 22, 2015 @ 11:00AM EST. Service Information is to include the requested information IAW the Attached Statement of Work that the Offeror is proposing. Estimated Travel Costs are to be proposed as a separate line item. Price Proposals shall be submitted on company letterhead stationery and must include the following information: Cost Breakdown, Unit Price, Extended Price, Total Price, Payment Terms, discount offered for prompt payment, Company DUNS and Cage Code. Email quotes are acceptable and may be emailed to D05-SMB-C4ITSC-CPD-C3CEN-TeamS@uscg.mil Anticipated Award Date for the PO Contract is Jun 24, 2015, this date is approximate and not exact. INSPECTION AND ACCEPTANCE: The Contractor shall only tender for acceptance those Items that conform to the requirements of this Order/Contract. The Government/USCG reserves the right to Inspect or Test any Supplies or Services that have been tendered for Acceptance. The Government may require repair or replacement of nonconforming supplies or re-performance of nonconforming Services at no increase in contract price. If repair/replacement or re-performance will not correct the defects or is not possible, the Government/USCG may seek an equitable price reduction or adequate consideration for acceptance of nonconforming supplies or services. The Government must exercise its post-acceptance rights- (1) Within a reasonable time after the defect was discovered or should have been discovered; and (2) Before any substantial change occurs in the condition of the item, unless the change is due to the defect in the item. Final Inspection and Acceptance will be performed by Gov/USCG Authorized Personnel at the point and location of Destination as stated on the Order/Contract, unless otherwise stated on the Order/Contract. Schedule B: Line Item 1: 1 EA of - Engineering Services IAW Attached SOW (Period of Performance is for six (6) months ARO. NOTE: If it is necessary to break out the Engineering Services based on an Hourly Labor Category please do so, leaving the Travel Line Item last. Line Item 2: 1 JB - NTE Travel - (IAW JFTR) TOTAL for All Line Items: NOTE: PLEASE DO NOT EDIT THE SOW AT ALL FOR SUBMISSION IAW FAR 22.1101, the Service Contract Act is not appicable to this Aquistion due to the Services are being performed by bona fide Proffesional Employees/Engineers as defined. • The Following FAR Provisions/Clauses apply to this Solicitation: FAR 52.212-1 -- Instructions to Offerors -- Commercial Items (Apr 2014) FAR 52.212-2 -- Evaluation -- Commercial Items (Oct 2014). Award will be made to the Offeror proposing the Best Value to the Government considering specification, price, delivery, past performance and quality. FAR 52.212-3 -- Offeror Representations and Certifications -- Commercial Items (Dec 2014) to include Alt I (Dec 2014). An Offeror shall complete only paragraphs (b) of this provision if the Offeror has completed the annual representations and certificates electronically via http://www.acquisition.gov. If an Offeror has not completed the annual representations and certifications electronically at the System for Award Management (SAM) website, the Offeror shall complete only paragraphs (c) through (o) of this provision. • The Following Clauses apply to this Solicitation and awarded contract. FAR 52.212-4 -- Contract Terms and Conditions -- Commercial Items (Dec 2014) FAR 52.212-5 -- Contract Terms and Conditions Required to Implement Statutes or Executive Orders -- Commercial Items (Mar 2014) FAR 52.252-2 -- Clauses Incorporated by Reference (Feb 1998), the full text of the clause may be accessed electronically at Internet address http://www.arnet.gov/far; A Data Universal Numbering System (DUNS) Number is the primary identifier in FAR 52.204-7 System for Award Management (Jul 2013). Contractors are located and identified in SAM by their DUNS number. To facilitate payment via Electronic Funds Transfer - contractors should be registered in SAM. A DUNS number can be obtained via www.dnb.com and SAM registration can be obtained via www.sam.gov • The following Clauses and others as indicated by the Contracting Officer as applicable shall apply to the awarded contract. FAR 52.222-3 -- Convict Labor (June 2003) FAR 52.222-19 -- Child Labor-Cooperation with Authorities and Remedies (Jan 2014) FAR 52.222-21 -- Prohibition of Segregated Facilities (Feb 1999) FAR 52.222-26 -- Equal Opportunity (May 2007) FAR 52.222-36 -- Affirmative Action for Workers with Disabilities (Jul 2014) (29 U.S.C. 793) FAR 52.222-50 -- Combating Trafficking in Persons (Mar 2015) FAR 52.223-18 - Encouraging Contractor Policies to Ban Text Messaging While Driving (Aug 2011) FAR 52.225-13 -- Restriction on Certain Foreign Deliveries (Jun 2008) (E.O. 12722, 12724, 13059, 13067, 13121 and 13129) FAR 52.232-33 -- Payment by Electronic Funds Transfer--Central Contractor Registration (Jul 2013) (31 U.S.C. 3332) FAR 52.233-3 -- Protest after Award (Aug. 1996) FAR 52.233-4 -- Applicable Law for Breach of Contract Claim (OCT 2004) • The above/following clauses are incorporated by reference, entire clause(s) available at https://www.acquisition.gov/far NOTICE TO OFFERORS CONCERNING REPRESENTATIONS AND CERTIFICATIONS: This solicitation contains FAR Clause 52.204-7, System for Award Management (Jul 2013) and FAR Provision 52.204-8, Annual Representations and Certifications (Dec 2014). In accordance with FAR 4.1201 (a) Prospective contractors shall complete electronic annual representations and certifications at SAM accessed via https://www.acquisition.gov as a part of required registration. Please ensure completion prior to submission of your quote. Also note that paragraph (b) of FAR 52.204-8, applies. STATEMENT OF WORK 1. TITLE: LINK INTEGRATION STATEMENT OF WORK 2. PLACE(S) OF PERFORMANCE: a. Austin, TX and/or San Diego, CA b. U.S. Coast Guard Command, Control, and Communications Engineering Center (C3CEN), Portsmouth, VA 3. REFERENCES: a. FAR 31.205-46 Travel Costs b. Federal Travel Regulations c. COMDTINST M5500.13 (series), U. S. Coast Guard Security and Information Assurance Manual d. Physical Security & Force Protection Program Manual, COMDTINST M5530.1(series) e. DHS Management Directive 140-1Information Technology System Security, DHS 4300A Sensitive Systems Handbook, and DHS 4300B National Security Systems Handbook f. DHS Management Directive 4010.2, Section 508 Program Management Office and Electronic and Information Technology Accessibility g. Department of Homeland Security Acquisition Workforce Policy Number: 064-04-003 4. PERIOD OF PERFORMANCE: This contract shall be for a period of 6 months from date of award. 5. PERSONNEL: a. Contracting Officer: TBD b. Contracting Officer Representative (COR): Mr. Charles N. Huthmaker, USCG C3CEN, 757-686-4080, Charles.N.Huthmaker@uscg.mil 6. DESCRIPTION OF WORK/SERVICES: a. Scope: The purpose of this order is to acquire Contractor technical, administrative and engineering support services for the U.S. Coast Guard Command, Control and Communications Engineering Center (C3CEN) Core Technologies Division, C2 Systems Branch (CT-C). Specifically, this order requires Contractor support for the development of the Air Defense Systems Integrator (ADSI) interface with the Coast Guard's Command and Control system - SeaWatch. Development support includes, but is not limited to, system design support, system integration support, hardware integration support, software integration support, and system testing and evaluation support. b. Background: The Coast Guard currently interfaces with the ADSI on WHEC class cutters through the Global Command and Control System - Joint (GCCS-J) multi-TADIL capability segment. This interface is only capable of providing near real-time tracks. The Coast Guard has a requirement to provide real-time tracks into the Tactical Data Link environment. The Coast Guard is in the process of developing an interface between SeaWatch and ADSI to provide a real-time capability. c. Requirements: a. The Contractor shall possess knowledge and experience in Linux and Windows operating system development and integration b. The Contractor shall provide 1 week of on-site ULTRA Common Services Infrastructure (CSI) training at C3CEN for the SeaWatch development team. c. The Contractor shall provide the Draft CSI Interface Control Document within 5 days after the CSI training completes. d. The Contractor shall provide remote engineering support to the C3CEN development team via email and or 24 hours of phone as requested by the COR. e. The Contractor shall provide support for 1 week of on-site testing at C3CEN to test final interface developed by C3CEN developers. f. The Contractor shall consult with the COR on any system changes that will enhance the system in keeping with current trends and industry standards. 7. Contractor Personnel: a. Program Manager: The Contractor shall provide a Program Manager who shall be responsible for all Contractor work performed under this task order. The Program Manager is further designated as Key by the Government. b. Project Manager: The Contractor shall provide a Project Manager who shall be a single point of contact for the Contracting Officer and the Contracting Officer's Representative (COR). It is anticipated that the Project Manager shall be one of the senior level employees provided by the Contractor for this work effort. The name of the Project Manager, and the name(s) of any alternate(s) who shall act in the absence of the Project Manager, shall be provided to the Government as part of the Contractor's proposal. During any absence of the Project Manager, only one alternate shall have full authority to act for the Contractor on all matters relating to work performed under this task order. The Project Manager and all designated alternates shall be able to read, write, speak and understand English. The Contractor shall not replace the Project Manager without prior written acknowledgement from the Contracting Officer. The Project Manager is designated as Key by the Government. c. The Project Manager shall be available to the COR via telephone between the hours of 0800 and 1600 EST, Monday through Friday, and shall respond to a request for discussion or resolution of technical problems within four (4) hours of notification. d. Labor Categories and Estimated Hours for Performance: a. Hours estimated on the following: 1 Full Time Equivalent (FTE) = 693 hours (4 months) b. The Government has historically used the following labor categories for this type of work: Key Person (Y/N) Labor Categories Estimated Hours Program Manager 22 Project Manager 10 Engineer/Scientist 5 136 e. Key Personnel Replacement and Substitution: a. Before replacing any individual designated as Key by the Government, the Contractor shall notify the Contracting Officer no less than 15 business days in advance, submit written justification for replacement and provide the name and qualifications of any proposed substitute(s). All proposed substitutes shall possess qualifications equal to or superior to those of the key person being replaced. The Contractor shall not replace Key Contractor personnel without approval from the Contracting Officer. The Government may designate additional Contractor personnel as Key at the time of award. b. The Contractor shall not substitute key personnel assigned to perform work under this contract without the prior approval of the Contracting Officer. Requests for approval of substitutions shall be in writing and shall provide a detailed explanation of the circumstances necessitating the proposed substitutions. The request must contain a complete resume for the proposed substitute and any other information requested or needed by the Contracting Officer to approve or disapprove the request. Proposed substitutes must have qualifications that are equal or higher than the key personnel being augmented. The Contracting Officer or his authorized representative shall evaluate such requests and promptly notify the Contractor in writing whether the proposed substitution is acceptable. c. The provisions of this clause shall be fully applicable to any subcontract which may be entered into. 8. SPECIFICATIONS: a. DHS Enterprise Architecture Compliance All solutions and services shall meet DHS and USCG Enterprise Architecture policies, standards, and procedures. Specifically, the Contractor shall comply with the following Homeland Security Enterprise Architecture (HLS EA) and Coast Guard Enterprise Architecture (CGEA) requirements: 1. All developed solutions and requirements shall be compliant with the HLS EA and CGEA. 2. All IT hardware or software shall be compliant with the HLS and USCG EA Technical Reference Model (TRM) Standards and Products Profiles. 3. Description information all data assets, information exchanges and data standards, whether adopted or developed, shall be submitted to the DHS Enterprise Data Management Office (EDMO) for review and insertion into the DHS Data Reference Model and Enterprise Architecture Information Repository. 4. Development of data assets, information exchanges and data standards will comply with the DHS Data Management Policy MD 103-01 and all data-related artifacts will be developed and validated according to DHS data management architectural guidelines. 5. Applicability of Internet Protocol Version 6 (IPv6) to DHS-related components (networks, infrastructure, and applications) specific to individual acquisitions shall be in accordance with the DHS Enterprise Architecture (per OMB Memorandum M-05-22, August 2, 2005) regardless of whether the acquisition is for modification, upgrade, or replacement. All EA-related component acquisitions shall be IPv6 compliant as defined in the U.S. Government Version 6 (USGv6) Profile National Institute of Standards and Technology (NIST) Special Publication 500-267) and the corresponding declarations of conformance defined in the USGv6 Test Program. 9. SECURITY REQUIREMENTS: a. Contractor employee access to classified, and sensitive but unclassified (for-official-use-only) information is required. Due to the time-sensitive nature of this contract, key personnel delivering services must hold US citizenship and are required to possess, at a minimum, a valid in-scope national security clearance at the SECRET level in order to perform work on classified systems. Persons determined by the KO and COR to be a substantial risk to U.S. national security interests will not be employed under this contract. Contractor employees must maintain their security clearance eligibility for the duration of this task order. b. The contractor will perform classified-related work at the following location(s): • US Coast Guard Command, Control and Communications Engineering Center (C3CEN), 4000 Coast Guard Blvd, Portsmouth, VA 23703 • There is no requirement for the contractor to process or store classified information at company owned facilities. c. Classified level access is required to perform engineering support and testing regarding the C3CEN developed software interfacing with the Air Defense System Integrator (ADSI). The contractors must perform this work in classified restricted areas at C3CEN. Access to classified information cannot be precluded by escorting personnel due to the nature of this work. d. Contractor shall provide a visit authorization letter (VAL) to the place of performance at least five business days in advance of commencing work. All requests shall contain the information required by the National Industrial Security Program Operating Manual (NISPOM), DOD 5220.22-M, and shall not exceed the completion date of the contract or a 12 month period, whichever is shorter. Additionally, the VAL shall note the applicable government COR, Alternate COR, or Technical Assistant (TA) responsible for coordinating the visit so that the host location can verify "Need-To-Know," as necessary. e. All Contractor personnel requiring routine (1) unescorted logon access to a DHS/CG Computer Information System, (2) unescorted access to CG controlled classified material, (3) unescorted access to federal facilities, or (4) requiring Public Key Infrastructure (PKI) authentication to perform their required duties under this task order shall be issued a Common Access Card (CAC) A completed background investigation (BI) with favorable adjudication must be completed in order for a CAC to be issued. For persons without a completed BI, a BI must have been initiated. f. Contractor employees working on-site at government facilities shall wear a government issued identification badge. All Contractor employees shall identify themselves as Contractors when their status is not readily apparent and display the government issued badge in plain view, on front and above the waist at all times. All Contractor employees working on-site shall be required to complete a security arrival brief upon check-in. g. The government may, at its sole discretion, direct the Contractor to remove any Contractor employee from Coast Guard and Department of Homeland Security facilities for misconduct or security reasons. Removal does not relieve the Contractor of the responsibility to continue providing the services required in this task order. The government will provide the Contractor with an immediate written explanation of the request to remove the employee through the Coast Guard KO. h. Contractor personnel shall read, complete and sign the Department of Homeland Security Non-Disclosure Agreement - DHS Form 11000-6 (series). This form will be maintained on file by the Contracting Officer, Contracting Officer's Representative, or servicing CG Command Security Officer i. All Contractor developed processes and procedures, and other forms of intellectual property developed under this task order shall be considered government property. j. All documents, records, reports and correspondence generated under this task order by the Contractor employee are the property of the U.S. government. Any disposal or destruction of such material must be pre-approved by the COR. k. The Contractor employee shall be responsible for safeguarding all government equipment, information and property provided for Contractor use. At the close of each work period, the Contractor employee shall secure work areas, equipment and materials to prevent loss. l. The Contractor employee shall be responsible for all keys issued by the government and shall ensure that keys are not lost, misplaced, or used by unauthorized persons. The Contractor employee shall not duplicate keys issued by the government. Opening of locked areas by the Contractor employee to permit access by persons other than those specifically authorized for the performance of official work is strictly prohibited. The Contractor employee shall ensure that combinations to locks are protected from unauthorized disclosure. m. The government is the only source for media release information. The Contractor employee shall not provide any government-related information to the media and shall refer all queries to the COR or KO n. All hardware, software, and services provided must be compliant in accordance with 140-01 Information Technology Systems Security and the DHS Sensitive Systems Handbooks 4300A for SBU Systems and 4300B for Secret Classified systems. o. All systems shall be certified and accredited in compliance with the requirements of national level policies, DHS policies, procedures, and practices; and following the direction provided in the Designated Accrediting Authority (DAA) approved certification and accreditation (C&A) process. C&A is a comprehensive process to ensure implementation of security measures that effectively counter relevant threats and vulnerabilities. C&A consists of several iterative, interdependent phases and steps whose scope and specific activities may vary with the each IS being certified and accredited. p. A risk assessment shall be performed for each IS to identify specific areas that require safeguards against deliberate or inadvertent unauthorized disclosure, modifications, or destruction of information; denial of service; and unauthorized use of the IS. In addition, a risk assessment shall be performed to evaluate changes to the department's intelligence enterprise to ensure changes to the enterprise have not created additional threats and vulnerabilities. Countermeasures shall be applied in those areas to eliminate or adequately reduce the identified risk. The risk assessment shall be based on accepted methodologies', input for the organization's counterintelligence component, the organization's mission requirements, the classification and sensitivity of the information, and a balanced, cost-effective application of security disciplines and technologies. q. FIPS 140-2 and FIPS 197 Advanced Encryption Standard (AES) 256 encryption compliance: All hardware and software interfaces shall meet FIPS 140-2 and FIPS 197 Advanced Encryption Standard (AES) 256 encryption compliance. r. Federal Desktop Core Configuration (FDCC) Clause: All hardware and software shall be Federal Desktop Core Configuration (FDCC) compatible. s. Security Certification/Accreditation: USCG shall provide personnel with the appropriate clearance levels to support the security certification/accreditation processes under this Agreement in accordance with DHS MD 4300A, DHS Sensitive Systems Policy and Handbook. During all SDLC phases of USCG systems, USCG personnel shall develop documentation and provide any required information for all levels of classification in support of the certification / accreditation process. In addition, all security certification / accreditation will be performed using the DHS certification/accreditation process, methodology and tools. t. DHS Sensitive Systems Policy Directive 4300 A, Section 4.1.4 requires the "Separation of duties to prevent a single individual from being able to disrupt or corrupt a critical security process." The Policy requires the following: "Components shall divide and separate duties and responsibilities of critical IT system functions among different individuals to minimize the possibility that any one individual would have the necessary authority or system access to be able to engage in fraudulent or criminal activity." Security testing is but one critical systems function that needs to be performed by a provider (either government or Contractor) other than the system designer / developer / operator. This requirement is based, in part, on NIST 800-53 Rev 3, Security Control CA-2 Security Assessments - enhancement 1 which requires "The organization employs an independent assessor or assessment team to conduct an assessment of the security controls in the information system." Consequently, the vendor that provides C&A services may not perform the security controls testing. 10. CONTRACTOR EMPLOYEE ACCESS 1. Sensitive Information, as used in this Chapter, means any information, the loss, misuse, disclosure, or unauthorized access to or modification of which could adversely affect the national or homeland security interest, or the conduct of Federal programs, or the privacy to which individuals are entitled under section 552a of title 5, United States Code (the Privacy Act), but which has not been specifically authorized under criteria established by an Executive Order or an Act of Congress to be kept secret in the interest of national defense, homeland security or foreign policy. This definition includes the following categories of information: a. Protected Critical Infrastructure Information (PCII) as set out in the Critical Infrastructure Information Act of 2002 (Title II, Subtitle B, of the Homeland Security Act, Public Law 107-296, 196 Stat. 2135), as amended, the implementing regulations thereto (Title 6, Code of Federal Regulations, Part 29) as amended, the applicable PCII Procedures Manual, as amended, and any supplementary guidance officially communicated by an authorized official of the Department of Homeland Security (including the PCII Program Manager or his/her designee); b. Sensitive Security Information (SSI), as defined in Title 49, Code of Federal Regulations, Part 1520, as amended, "Policies and Procedures of Safeguarding and Control of SSI," as amended, and any supplementary guidance officially communicated by an authorized official of the Department of Homeland Security (including the Assistant Secretary for the Transportation Security Administration or his/her designee); c. Information designated as "For Official Use Only," which is unclassified information of a sensitive nature and the unauthorized disclosure of which could adversely impact a person's privacy or welfare, the conduct of Federal programs, or other programs or operations essential to the national or homeland security interest; and d. Any information that is designated "sensitive" or subject to other controls, safeguards or protections in accordance with subsequently adopted homeland security information handling procedures. 2. "Information Technology Resources" include, but are not limited to, computer equipment, networking equipment, telecommunications equipment, cabling, network drives, computer drives, network software, computer software, software programs, intranet sites, and internet sites. 3. Contractor employees working on this contract must complete such forms as may be necessary for security or other reasons, including the conduct of background investigations to determine suitability. Completed forms shall be submitted as directed by the Contracting Officer. Upon the Contracting Officer's request, the Contractor's employees shall be fingerprinted, or subject to other investigations as required. All Contractor employees requiring recurring access to Government facilities or access to sensitive information or IT resources are required to have a favorably adjudicated background investigation prior to commencing work on this contract unless this requirement is waived under Departmental procedures. 4. The Contracting Officer may require the Contractor to prohibit individuals from working on the contract if the government deems their initial or continued employment contrary to the public interest for any reason, including, but not limited to, carelessness, and insubordination, incompetence, or security concerns. 5. Work under this contract may involve access to sensitive information. Therefore, the Contractor shall not disclose, orally or in writing, any sensitive information to any person unless authorized in writing by the Contracting Officer. For those Contractor employees authorized access to sensitive information, the Contractor shall ensure that these persons receive training concerning the protection and disclosure of sensitive information both during and after contract performance. 6. The Contractor shall include the substance of this clause in all subcontracts at any tier where the subContractor may have access to Government facilities, sensitive information, or resources. 7. Before receiving access to IT resources under this contract the individual must receive a security briefing, which the Contracting Officer's Representative (COR) will arrange, and complete any nondisclosure agreement furnished by DHS. 8. The Contractor shall have access only to those areas of DHS information technology resources explicitly stated in this contract or approved by the COR in writing as necessary for performance of the work under this contract. Any attempts by Contractor personnel to gain access to any information technology resources not expressly authorized by the statement of work, other terms and conditions in this contract, or as approved in writing by the COR, is strictly prohibited. In the event of violation of this provision, DHS will take appropriate actions with regard to the contract and the individual(s) involved. 9. Contractor access to DHS networks from a remote location is a temporary privilege for mutual convenience while the Contractor performs business for the DHS Component. It is not a right, a guarantee of access, a condition of the contract, or Government Furnished Equipment (GFE). 10. Contractor access will be terminated for unauthorized use. The Contractor agrees to hold and save DHS harmless from any unauthorized use and agrees not to request additional time or money under the contract for any delays resulting from unauthorized use or access. 11. Non-U.S. citizens shall not be authorized to access or assist in the development, operation, management or maintenance of Department IT systems under the contract, unless a waiver has been granted by the Head of the Component or designee, with the concurrence of both the Department's Chief Security Officer (CSO) and the Chief Information Officer (CIO) or their designees. Within DHS Headquarters, the waiver may be granted only with the approval of both the CSO and the CIO or their designees. In order for a waiver to be granted: a. The individual must be a legal permanent resident of the U.S. or a citizen of Ireland, Israel, the Republic of the Philippines, or any nation on the Allied Nations List maintained by the Department of State; b. There must be a compelling reason for using this individual as opposed to a U.S. citizen; and c. The waiver must be in the best interest of the Government. 12. Contractors shall identify in their proposals the names and citizenship of all non-U.S. citizens proposed to work under the contract. Any additions or deletions of non-U.S. citizens after contract award shall also be reported to the contracting officer. 13. Per COMDTINST 5200.3 Information Assurance (IA) professionals in significant information security roles are required to have a professional certification. Also, as a person completes the certification requirements set forth for various competences, evidence must be provided to administrative personnel (e.g. unit Training Office) to have the certifications added to the member's record. 11. SECURITY REQUIREMENTS FOR UNCLASSIFIED INFORMATION TECHNOLOGY RESOURCES a. The Contractor shall be responsible for Information Technology (IT) security for all systems connected to a DHS network or operated by the Contractor for DHS, regardless of location. This clause applies to all or any part of the contract that includes information technology resources or services for which the Contractor must have physical or electronic access to sensitive information contained in DHS unclassified systems that directly support the agency's mission. b. The Contractor shall provide, implement, and maintain an IT Security Plan. This plan shall describe the processes and procedures that will be followed to ensure appropriate security of IT resources that are developed, processed, or used under this contract. 1. Within 30 days after contract award, the Contractor shall submit for approval its IT Security Plan, which shall be consistent with and further detail the approach contained in the offertory's proposal. The plan, as approved by the Contracting Officer, shall be incorporated into the contract as a compliance document 2. The Contractor's IT Security Plan shall comply with Federal laws that include, but are not limited to, the Computer Security Act of 1987 (40 U.S.C. 1441 et seq.); the Government Information Security Reform Act of 2000; and the Federal Information Security Management Act of 2002; and with Federal policies and procedures that include, but are not limited to, OMB Circular A-130. 3. The security plan shall specifically include instructions regarding handling and protecting sensitive information at the Contractor's site (including any information stored, processed, or transmitted using the Contractor's computer systems), and the secure management, operation, maintenance, programming, and system administration of computer systems, networks, and telecommunications systems. c. Examples of tasks that require security provisions include: 1. Acquisition, transmission or analysis of data owned by DHS with significant replacement cost should the Contractor's copy be corrupted; and 2. Access to DHS networks or computers at a level beyond that granted the general public (e.g., such as bypassing a firewall). d. At the expiration of the contract, the Contractor shall return all sensitive DHS information and IT resources provided to the Contractor during the contract, and certify that all non-public DHS information has been purged from any Contractor-owned system. Components shall conduct reviews to ensure that the security requirements in the contract are implemented and enforced. 12. SECURITY ASSURANCE REQUIREMENTS FOR UNCLASSIFIED INFORMATION TECHNOLOGY RESOURCES a. The assurance of the security of unclassified facilities, Information Technology (IT) resources, and sensitive information during the acquisition process and contract performance are essential to the DHS mission. DHS Management Directive (MD) 11042.1 Safeguarding Sensitive But Unclassified (For Official Use Only) Information, describes how Contractors must handle sensitive but unclassified information. DHS MD 4300.1 Information Technology Systems Security and the DHS Sensitive Systems Handbook prescribe policies and procedures on security for IT resources. Contractors shall comply with these policies and procedures, any replacement publications, or any other current or future DHS policies and procedures covering Contractors specifically for all Task Orders that require access to DHS facilities, IT resources or sensitive information. Contractors shall not use or redistribute any DHS information processed, stored, or transmitted by the Contractor except as specified in the task order. b. Security Review a. The Government may elect to conduct periodic reviews to ensure that the security requirements contained in this contract are being implemented and enforced. The Contractor shall afford DHS including the organization of the DHS Office of the Chief Information Officer, the Office of the Inspector General, authorized Contracting Officer's Representative (COR), and other government oversight organizations, access to the Contractor's facilities, installations, operations, documentation, databases, and personnel used in the performance of this contract. The Contractor will contact the DHS Chief Information Security Officer to coordinate and participate in the review and inspection activity of government oversight organizations external to the DHS. Access shall be provided to the extent necessary for the government to carry out a program of inspection, investigation, and audit to safeguard against threats and hazards to the integrity, availability, and confidentiality of DHS data or the function of computer systems operated on behalf of DHS, and to preserve evidence of computer crime. c. Interconnection Security Agreements a. Interconnections between DHS and non-DHS IT systems shall be established only through controlled interfaces and via approved service providers. The controlled interfaces shall be accredited at the highest security level of information on the network. Connections with other Federal agencies shall be documented based on interagency agreements; memoranda of understanding, service level agreements or interconnect service agreements. 13. GOVERNMENT FURNISHED INFORMATION (GFI): a. The Government will make available to the Contractor, upon request, all referenced documentation identified in this SOW. All GFI will be returned to the designated COR upon completion of this task order. 14. GOVERNMENT FURNISHED MATERIAL (GFM): a. N/A 15. GOVERNMENT FURNISHED EQUIPMENT (GFE): a. The government will provide at C3CEN the use of 2 Seawatch systems configured with an ADSI TDL system. 1 server with Red Hat Linux Enterprise Operating System v 6.4 installed. b. All GFE will be returned to the designated COR upon completion of this task. 16. CONTRACTOR ACQUIRED PROPERTY (CAP): a. Any equipment not specifically approved by the COR will not be charged to this task. All equipment purchased to support this task order using Government funds shall become the property of the U.S. Government and shall be handled, stored and safeguarded in accordance with current instructions for such Government - owned equipment. 17. CONTRACTOR FURNISHED MATERIAL (CFM): a. The Contractor will provide a Draft CSI Interface Control Document. 18. TRAVEL REQUIREMENTS: a. Travel and Subsistence/Per Diem are authorized for visits C3CEN and will be reimbursed in accordance with reference (a). The Contractor shall be responsible for obtaining COR approval (Electronic Mail is acceptable) for all reimbursable travel in advance of each travel event. b. Estimated costs for travel and subsistence/per diem is Not-To-Exceed (NTE) $9,439.00. 19. TRANSPORTATION OF EQUIPMENT/MATERIAL: a. Transportation of equipment/material is authorized when timely means by the Government is unavailable. Due to the delicacy of the equipment involved, the Contractor shall make maximum use of ground transportation whenever possible. 20. DATA DELIVERABLES: a. The Government requires delivery of one complete set of all documentation deliverables. Electronic versions shall be provided in electronic format with read/write capability using applications that are compatible with USCG Standard Workstation III (e.g. Windows 7, Microsoft Office, Adobe Acrobat, etc.). b. All documentation shall be submitted via email. c. Hard copy of documentation updates shall be submitted on a request-only basis. When hard-copy is requested, the Government requires delivery of one unbound copy of all draft and one bound copy of all final documents submitted to satisfy the previously specified tasks. d. Progress Reports. The Project Manager shall provide a monthly progress report to the COR via electronic mail. This report shall include a summary of all Contractor work performed, including a breakdown of labor hours by labor category, all direct costs by line item, an assessment of technical progress, schedule status, any travel conducted and any Contractor concerns or recommendations for the previous month period. e. After Action Reports. The Contractor shall provide the COR with an After Action report after each site visit within 5 business days of return. The report should include names of unit personnel that Contractor met with, requirement requests and shortfalls, work accomplished, problems encountered, and any other significant issues. 21. SUB-CONTRACTING REQUIREMENTS: N/A 22. OTHER CONDITIONS/REQUIREMENTS: a. SECTION 508 OAST COMPLIANCE: The following OAST Section 508 clauses are applicable for services provided under this statement of work: a. Section 508 of the Rehabilitation Act, as amended by the Workforce Investment Act of 1998 (P.L. 105-220) requires that when Federal agencies develop, procure, maintain, or use electronic and information technology, they must ensure that it is accessible to people with disabilities. Federal employees and members of the public who have disabilities must have equal access to and use of information and data that is comparable to that enjoyed by non-disabled Federal employees and members of the public. b. All EIT deliverables within this work statement shall comply with the applicable technical and functional performance criteria of Section 508 unless exempt. Specifically, the following applicable standards have been identified: c. 36 CFR 1194.21 - Software Applications and Operating Systems, applies to all EIT software applications and operating systems procured or developed under this work statement including but not limited to GOTS and COTS software. In addition, this standard is to be applied to Web-based applications when needed to fulfill the functional performance criteria. This standard also applies to some Web based applications as described within 36 CFR 1194.22. d. 36 CFR 1194.22 - Web-based Intranet and Internet Information and Applications, applies to all Web-based deliverables, including documentation and reports procured or developed under this work statement. When any Web application uses a dynamic (non-static) interface, embeds custom user control(s), embeds video or multimedia, uses proprietary or technical approaches such as, but not limited to, Flash or Asynchronous JavaScript and XML (AJAX) then "1194.21 Software" standards also apply to fulfill functional performance criteria. e. 36 CFR 1194.23 - Telecommunications Products, applies to all telecommunications products including end-user interfaces such as telephones and non end-user interfaces such as switches, circuits, etc. that are procured, developed or used by the Federal Government. f. 36 CFR 1194.25 - Self Contained, Closed Products, applies to all EIT products such as printers, copiers, fax machines, kiosks, etc. that are procured or developed under this work statement. g. 36 CFR 1194.26 - Desktop and Portable Computers, applies to all desktop and portable computers, including but not limited to laptops and personal data assistants (PDA) that are procured or developed under this work statement. h. 36 CFR 1194.31 - Functional Performance Criteria applies to all EIT deliverables regardless of delivery method. All EIT deliverable shall use technical standards, regardless of technology, to fulfill the functional performance criteria. i. 36 CFR 1194.41 - Information Documentation and Support, applies to all documents, reports, as well as help and support services. To ensure that documents and reports fulfill the required "1194.31 Functional Performance Criteria", they shall comply with the technical standard associated with Web-based Intranet and Internet Information and Applications at a minimum. In addition, any help or support provided in this work statement that offer telephone support, such as, but not limited to, a help desk shall have the ability to transmit and receive messages using TTY. j. Section 508 Applicable Exceptions 1. Exceptions for this work statement have been determined by DHS and only the exceptions described herein may be applied. Any request for additional exceptions shall be sent to the COR and determination will be made in accordance with DHS MD 4010.2. DHS has identified the following exceptions that may apply: a. 36 CFR 1194.3(b) Incidental to Contract, all EIT that is exclusively owned and used by the Contractor to fulfill this work statement does not require compliance with Section 508. This exception does not apply to any EIT deliverable, service or item that will be used by any Federal employee(s) or member(s) of the public. This exception only applies to those Contractors assigned to fulfill the obligations of this work statement and for the purposes of this requirement, are not considered members of the public. b. 36 CFR 1194.2(b) (COTS/GOTS products), When procuring a product, each agency shall procure products which comply with the provisions in this part when such products are available in the commercial marketplace or when such products are developed in response to a Government solicitation. Agencies cannot claim a product as a whole is not commercially available because no product in the marketplace meets all the standards. If products are commercially available that meets some but not all of the standards, the agency must procure the product that best meets the standards. When applying this standard, all procurements of EIT shall have documentation of market research that identify a list of products or services that first meet the agency business needs, and from that list of products or services, an analysis that the selected product met more of the accessibility requirements than the non-selected products as required by FAR 39.2. Any selection of a product or service that meets less accessibility standards due to a significant difficulty or expense shall only be permitted under an undue burden claim and requires authorization from the DHS Office of Accessible Systems and Technology (OAST) in accordance with DHS MD 4010.2. k. Section 508 Compliance Requirements: 1. All tasks for testing of functional and/or technical requirements must include specific testing for Section 508 compliance, and must use DHS Office of Accessible Systems and Technology approved testing methods and tools. For information about approved testing methods and tools send an email to accessibility@dhs.gov. 23. LIST OF ATTACHMENTS: Link Integration - Ultra Support Services Item13 Continuation.docx
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/notices/afecd0e4658cf7c1d9725314cfd545db)
 
Record
SN03757035-W 20150610/150608235203-afecd0e4658cf7c1d9725314cfd545db (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.