Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF OCTOBER 25, 2008 FBO #2525
SOURCES SOUGHT

D -- Request for Information (RFI) for Ginnie Mae Enterprise Wide System Security

Notice Date
10/23/2008
 
Notice Type
Sources Sought
 
NAICS
541519 — Other Computer Related Services
 
Contracting Office
Department of Housing and Urban Development, OCPO, Office of Program Operations, Office of Program Operations, NP, 451 7th Street S.W., Washington, District of Columbia, 20410, United States
 
ZIP Code
20410
 
Solicitation Number
R-2009-TN-00001
 
Point of Contact
Gina E. Lassiter,, Phone: (202) 402-3997, James D. Mills,, Phone: (202) 402-7102
 
E-Mail Address
Gina.E.Lassiter@hud.gov, James.D.Mills@hud.gov
 
Small Business Set-Aside
Service-Disabled Veteran-Owned
 
Description
Synopsis: U.S. Department of Housing and Urban Development, 451 S. 7th Street NW, Washington, DC 20410 THIS IS NOT A REQUEST FOR PROPOSAL, QUOTATION, OR INVITATION FOR BID NOTICE. THIS IS A REQUEST FOR INFORMATION ONLY. Summary: The Office of the Management Operations /Information Management Division of the Government National Mortgage Association (Ginnie Mae) is conducting market research (for informational purposes only) to identify Service-Disabled Veteran-Owned Small Businesses (SDVOSB) who have the qualifications and experience to provide the services stated in the Description of Services in support of the implementation and maintenance of Ginnie Mae’s Enterprise Information Systems Security Program. Background: Ginnie Mae is a wholly-owned corporate instrumentality of the United States within the Department of Housing and Urban Development (HUD). Its authority is generally prescribed in Title III of the National Housing Act, as amended (12 U.S.C. 1716 et seq.). Through its Mortgage Backed Securities (MBS) programs, Ginnie Mae guarantees privately issued securities backed by pools of mortgages insured or guaranteed by the Federal Housing Administration (FHA), the Department of Veterans Affairs (VA), the Rural Housing Service of the Department of Agriculture (RHS), or HUD’s Native American Program (PIH). Ginnie Mae guarantees the registered holder of the securities the timely payment of scheduled monthly principal and interest payments, loan prepayments and early recoveries of principal on the underlying mortgages. Description of Services: A. Overview Provide technical and administrative support services to assist the agency in meeting the requirements of; Public Law 107-347,Title III (Federal Information Security Management Act of 2002) Homeland Security Presidential Directive #7 (Critical Infrastructure Identification, Prioritization, and Protection), OMB Circular A-130 Appendix III (Security of Federal Automated Information Resources), and OMB Circular No. A-11 (2002), Exhibit 300. This shall include, but may not be limited to: conducting a Cost Benefit Analysis (CBA); achieving initial information system security Certification and Accreditation; performing a Privacy Impact Assessment; producing a risk mitigation plan; recording, updating and inputting data into the Department of Homeland Security Federal Information Security Management Act (FISMA), and Trusted Agent Tool for the generation of NIST required documentation. The Contractor shall assign a certified project manager to this contract through the contract duration and have appropriate security clearances. The contractor shall complete within the Certification and Accreditation the FISCAM and FISMA audit/review. B. Certification and Accreditation Analysis: Conduct a Cost Benefit Analysis (CBA) and Certification and Accreditation (C&A) and Analysis of Ginnie Mae service contracts and systems, and follow appropriate agency DITSCAP, NIACAP, NIST guidance and standards to perform the C&A analysis along with industry best practices. Support the agency in analysis, documentation, and development of a consistent, on-going Certification and Accreditation process and data privacy policy. Review system documentation, pertinent regulations, and statutory provision with which the system must comply. Input the agency Security Self-Assessment into the DHS Trusted Agent Tool in accordance with the NIST Special Publication 800-26 or current publications. Evaluate the existing statement of system security requirements and make recommendations for revision. Prepare a control matrix identifying the basic strategy and the control techniques implemented to contain threats, address vulnerabilities, and achieve security objectives. Review the control matrix and security requirements to determine if additional safeguards are required and make recommendations. Prepare a security certification package for all IT contractor sites and backup in accordance with NIST Special Publication 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems. The security certification package shall contain: an updated security plan, the security test and evaluation report, and the plan of action and milestones. Prepare a security accreditation package for all Ginnie Mae Contractor systems and services in accordance with NIST Special Publication 800-37 or current publication, Guide for the Security Certification and Accreditation of Federal Information Systems. The security accreditation package shall contain at a minimum: •The security accreditation decision letter, to be signed by the authorizing (agency) official, conveying the accreditation decision •Supporting rationale for the decision •Any terms and conditions placed on the system owner •Any supporting documentation related to the security certification and accreditation process that the authorizing official wishes to provide to the system owner •Coordinate the accreditation decision letter with the Ginnie Mae CIO. C. Administrative Support Provide the CIO all findings and supporting documentation used to make the security certification and security accreditation packages. Identify at the CIO’S discretion electronic transactions or record keeping that is covered by the Government Paperwork Elimination Act (GPEA) and review and revise, if necessary, the current agency GPEA plan. Provide to the GTR all findings and supporting documentation used to revise the GPEA plan. Perform a Privacy Impact Assessment to ensure compliance with the Privacy Act. Provide the CIO all findings and supporting documentation gathered during the Privacy Impact Assessment. Perform data privacy assessment and provide the CIO with all findings and recommendations. Develop a plan to meet the current NIST, FISMA, FISCAM requirements for Ginnie Mae audit requirements In response to this sources sought, all SDVOSBs are encouraged to submit the following: 1. Capability packages with detailed technical information demonstrating their ability to meet the above requirement. 2. The company must identify the three (3) most recent contracts and provide the following information for each: a. Contract type b. Contract number c. Technical description d. Dollar amount e. Period of performance f. Customer reference name and telephone number Note: This information must be submitted on either on-going or completed contracts not more than 3 years ago, that demonstrate performance relevant to the requirements stated above. The Government will not recognize any costs associated with this request for information. Interested parties, please submit 1 electronic and 2 hard copies to: U.S. Department of Housing and Urban Development 451 S. 7th Street NW Washington, DC 20410 Attention: Gina E. Lassiter or via email to Gina.E.Lassiter@hud.gov Due to the intermittent nature of electronic communication, it is the vendor's responsibility to ensure receipt. Submittals are requested no later than noon on Friday, November 7, 2008. After review of the responses to this sources sought notice, a company may be requested to meet with the Ginnie Mae CIO. A synopsis and/or solicitation announcement may be published at a later date.
 
Web Link
FedBizOpps Complete View
(https://www.fbo.gov/?s=opportunity&mode=form&id=ceb9091d719e419f279e23691ecd3445&tab=core&_cview=1)
 
Place of Performance
Address: Government National Mortgage Association (Ginnie Mae), Office of Management Operations/Information Management Division, Washington, District of Columbia, 20024, United States
Zip Code: 20024
 
Record
SN01695408-W 20081025/081023220338-ceb9091d719e419f279e23691ecd3445 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.