SOURCES SOUGHT
D -- Recovery - Development of Security Automation Specifications, Evolution of Existing Security Content Automation Protocol (SCAP) Specifications, Development and Evolution of Validation Programs, and Development of Quality-Assured Reference Data
- Notice Date
- 5/8/2009
- Notice Type
- Synopsis
- NAICS
- 541511
— Custom Computer Programming Services
- Contracting Office
- 100 Bureau Drive, Building 301, Room B129, Mail Stop 1640 Gaithersburg MD 20899-1640
- ZIP Code
- 20899-1640
- Solicitation Number
- 09-893-Sources_Sought-01
- Response Due
- 5/25/2009
- Point of Contact
- Joseph L. Widdup, Contracting Officer, Phone (301) 975-6324
- E-Mail Address
-
joseph.widdup@nist.gov
- Small Business Set-Aside
- N/A
- Description
- PURPOSE: This is a sources sought notice to support NIST’s market research efforts to identify qualified potential sources for an acquisition that NIST intends to solicit in Summer 2009 and award in Fall 2009. This is not a solicitation, and proposals are not being requested at this time. BACKGROUND: As a part of the NIST Federal Information Systems Management Act (FISMA) implementation plan, NIST seeks to automate assessment and implementation of Technical Family security controls as documented in Special Publication 800-53 Revision 2. To this end, NIST intends to use a portion of American Recovery and Reinvestment Act (ARRA) of 2009 funds to accelerate the development of security automation specifications, evolve existing Security Content Automation Protocol (SCAP) specifications, develop and evolve validation programs, and develop quality-assured reference data. So that NIST can ensure an appropriate acquisition strategy is employed for the forthcoming Security Automation Support Services acquisition, NIST seeks to identify sources that have current capability and experience to perform contract work for NIST in the following SCAP and security automation areas: 1. Evolution of the SCAP protocol and specifications thereof; 2. Feasibility studies, development, documenting, prototyping, and road-mapping of SCAP expansions (e.g., remediation capability) and analog protocols (e.g., Network Event Content Automation Protocol); 3. Implementation and maintenance support for the Security Automation Content Validation Program; 4. Maintenance support for the SCAP Product Validation Program; 5. Pilot, beta, and production support for SCAP and security automation use-cases; 6. Content development, modification, and testing; 7. Infrastructure and reference implementation development in JAVA, C++, and C programming languages; and 8. Data trust models and data provenance solutions. TO RESPOND TO THIS NOTICE: Sources that have current capabilities and experience in the areas specified above are asked to respond to this notice and provide the following in their response: a. A capability statement of a minimum one (1) page per area that provides a clear and complete narrative of current capabilities and experience for the area(s) noted above, including: i) Current number of employees with skill sets applicable to the area; ii) Historical involvement in community standardization/specification efforts relevant to the area as demonstrated by mailing list participation, conference participation, etc; and iii) A summary of any innovation and/or intellectual property developed by your organization in the area. b. A list of contracts/orders for work in the areas, including: i) Customer for whom work was performed; ii) Description of the nature of the work performed; iii) Period of performance when work was performed; iv) Indication of whether the source submitting a response to this notice was the prime contractor or was a subcontractor, as well as percent of work of entire prime contract amount performed (in terms of dollars) by employees of the source; v) Contract type utilized by the source submitting a response to this notice (e.g., cost-reimbursement, firm-fixed-price, time-and-materials, labor-hour); and vi) Total contract amount performed by the source submitting a response to this notice. c. Indication of whether the source has a GSA Federal Supply Schedule contract of its own for which the scope of this upcoming acquisition could fall within; if so, please provide a.pdf copy of that GSA FSS contract (including terms, conditions, labor categories and associated hourly rates) with the response to this notice. d. Indication of whether the source believes that its accounting system is adequate for determining costs applicable to federal cost-reimbursement contracts that are subject to the Federal Acquisition Regulation (FAR) (Chapter 1 of Title 48, Code of Federal Regulations (CFR). In other words, the source should indicate whether it believes that its accounting system is adequate to be used for a cost-reimbursement contract as described in FAR Subpart 16.3--Cost-Reimbursement Contracts. e. Indication of whether the source's accounting system has been audited by a cognizant federal audit agency (e.g., Defense Contract Audit Agency) within the past year. e. A one page overview of the source’s organization, to include location(s), years of operation, current number of employees, annual revenue, technical specialties, and size status of the organization as it relates to NAICS 541511 or NAICS 541511 (both with a size standard of $25 million). NOTE: THIS NOTICE WAS NOT POSTED TO FEDBIZOPPS ON THE DATE INDICATED IN THE NOTICE ITSELF (08-MAY-2009); HOWEVER, IT DID APPEAR IN THE FEDBIZOPPS FTP FEED ON THIS DATE. PLEASE CONTACT 877-472-3779 or fbo.support@gsa.gov REGARDING THIS ISSUE.
- Web Link
-
Link To Document
(https://www.fbo.gov/spg/DOC/NIST/AcAsD/09-893-Sources_Sought-01/listing.html)
- Record
- SN01812582-F 20090510/090509165621 (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |