SOURCES SOUGHT
D -- Cyber Security (CS)/Information Management (IM)
- Notice Date
- 11/29/2016
- Notice Type
- Sources Sought
- NAICS
- 541519
— Other Computer Related Services
- Contracting Office
- Department of the Army, Army Contracting Command, ACC - RSA (W9113M) - (SPS), 5300 Martin Rd, Redstone Arsenal, Alabama, 35898-0000, United States
- ZIP Code
- 35898-0000
- Solicitation Number
- IA-IM0001
- Archive Date
- 12/24/2016
- Point of Contact
- Tarshalyn M. Sanders, Phone: 2569555949
- E-Mail Address
-
tarshalyn.m.sanders.civ@mail.mil
(tarshalyn.m.sanders.civ@mail.mil)
- Small Business Set-Aside
- Total Small Business
- Description
- PERFORMANCE WORK STATEMENT (PWS) FOR CYBER SECURITY (CS) / INFORMATION MANAGEMENT (IM) SUPPORT SERVICES PREPARED BY U.S. ARMY AVIATION AND MISSILE LIFE CYCLE MANAGEMENT COMMAND TABLE OF CONTENTS 1.0 SCOPE 4 1.1 GOAL 5 2.0 APPLICABLE DOCUMENTS 5 3.0 CYBER SECURITY PERFORMANCE REQUIREMENTS 5 3.1 Cyber Security Requirements Overview 5 3.2 Cyber Security General Information 5 3.3 Risk Management Framework Assess And Authorize Support 6 3.4 Technical Vulnerability Assessment And Validation Support 7 3.5 Cyber Security Program Status, Tracking, And Reporting Support 8 3.6 Information Assurance Vulnerability Management/Cyber Security Program Support 8 3.7 Cyber Security Program Awareness Support 9 3.8 Cyber Security Project/Planning Support 9 3.9 Security Assessment Support 10 3.10 Senior Cyber Security Subject Matter Expert Support 10 4.0 INFORMATION MANAGEMENT PERFORMANCE REQUIREMENTS 11 4.1 Information Management Requirements Overview 11 4.2 Information Management General Information 11 4.3 Business Process Management And Re-Engineering Support 12 4.4 Business Analysis Support 13 4.5 Information Technology Strategic, Capital, And Policy/Guidance Planning Support 14 4.6 Portfolio Management Support 14 4.7 Engineering Data Acceptance Support 15 4.8 Technical Data Package Operations Support 15 4.9 Data Analysis, Integrity, And Review Support 16 4.10 Information Technology Asset Management Support 17 4.11 Scanning Support 17 4.12 Office Automation, Presentation/Exhibit Development, Data Entry, And Content Management Support 18 4.13 Technical Writing/Editing Support 19 4.14 Information Management Project/Planning Support 20 4.15 Senior Information Management Subject Matter Expert Support 20 5.0 MANAGEMENT 21 6.0 OTHER DIRECT COSTS 21 7.0 DEGREE OF KNOWLEDGE AND EXPERIENCE 22 8.0 PLACE OF PERFROMANCE 22 9.0 SECURITY 22 10.0 TRAINING 23 11.0 ANTITERRORISM/OPERATIONS SECURITY 24 12.0 TRAVEL 26 13.0 GOVERNMENT FURNISHED FACILITIES, EQUIPMENT, AND INFORMATION 27 14.0 PRIVACY ACT 27 15.0 HOURS OF OPERATIONS 27 15.1 Normal Business Hours 28 15.2 Operational Business Hours 28 15.3 Overtime 28 15.4 On-Call Support 28 15.5 Critical Support 28 15.6 Continuity Of Operations/Disaster Recovery 28 15.7 Mission/Key Essential 28 16.0 HAZARDOUS MATERIAL 28 17.0 COMPLIANCE WITH ENVIRONMENTAL LAWS AND REGULATIONS 28 18.0 PHASE-IN, PHASE-OUT, AND CLOSE-OUT 29 18.1 Phase-In Effort 29 18.2 Phase-Out And Close-Out Effort 29 19.0 CONTRACT ADMINISTRATION 30 20.0 MEETINGS 30 20.1 Kick-Off Meeting 30 20.2 Other Meetings 30 21.0 PERFORMANCE OBJECTIVES METRICS 30 22.0 CONTRACT MANPOWER REPORTING 31 APPENDICES Appendix A Current Customers and Locations Appendix B Current Hardware and Software Appendix C Acronyms Appendix D Document Summary List Appendix E Performance Requirements Summary Matrix Exhibit A Contract Data Requirements Lists (CDRLS) Exhibit B CDRL Matrix 1.0 SCOPE. This Performance Work Statement (PWS) defines the Cyber Security (CS) and the Information Management (IM) Support Services requirements. Cyber Security (CS) Support Services A full range of CS services is necessary to satisfy enterprise missions, goals and objectives in the areas of) Risk Management Framework (RMF) Assess and Authorize (A&A); Technical Vulnerability Assessment and Validation; CS Project Planning; Information Assurance Vulnerability Management (IAVM) and CS Programs; Security Assessment; and variety of CS programs. These integrated services require expertise in a wide range of knowledge and disciplines in order to analyze, evaluate, report, coordinate, plan and implement approved strategies and policies in support of the CS programs, and to provide advice and recommendations on CS program goals and initiatives, organizational responsibilities, program synchronization, and CS strategic planning. The purpose of this effort is to provide the U.S. Army Aviation and Missile Life Cycle Management Command (AMCOM LCMC) Communities /Project Managers/Program Executive Offices (PM/PEO) and Red stone Arsenal tenant activities with CS expertise. These CS support services provide Weapon System Management, Industrial Base Operations, and System Information Technology (IT) life cycle support and solutions from concept development through sustainment. CS requirements include expertise in advanced state-of- the-art IT and providing system security services that will continue to expand due to new missions, IT enterprise initiatives, Base Realignment and Closure (BRAC) rulings, and changing customer requirements. Information Management (IM) Support Services A full range of Information Management (IM) support services is necessary to satisfy enterprise missions, goals and objectives in the areas of Information Technology (IT) Strategic and Capital Planning; Business Process Management and Re-engineering; Business Analysis; Portfolio Management; Data Analysis, Integrity and Review; Engineering Data Acceptance; Technical Data Package (TDP) Operation; Development of Service Level Agreements; Technical Writing/Editing; IT Asset Management; IM Project/Planning; Office Automation, Presentation/Exhibit Development, and Content Management Support; and scanning support. Furthermore, these integrated services require expertise in a wide range of disciplines including IT strategy and planning, business processes analysis and management, system analysis, information and data analysis and management, presentation/ exhibit development, configuration management, IM operations and communications for Department of Defense (DoD) organizations and other Federal Agencies throughout the Continental United States (CONUS) and Outside Continental United States (OCONUS). The purpose of this effort is to provide the U.S. Army Aviation and Missile Life Cycle Management Command (AMCOM LCMC) Communities which includes the Project Managers/Program Executive Offices (PM/PEO), and Redstone Arsenal tenant activities with IM support services to enable Weapon System Management, Industrial Base Operations, and System IT life cycle support and solutions from concept development through sustainment. IM support services include advanced business processes and state-of the art IM support services that will continue to expand due to new missions, IT enterprise initiatives, Base Realignment and Closure (BRAC) rulings, and changing customer requirements. 1.1 GOAL. The goal is to provide the customer base with efficient and effective CS support services that will result in cost effective management of IT, information systems, and network security services tailored to the customers' missions and provide the customer base with efficient and effective IM support services that will result in the cost effective management of IT services, data and information services, and continuous business process improvement which support the customers' missions. 2.0 APPLICABLE DOCUMENTS. Applicable top level documents are contained in ATTACHMENT 2 to the Contract, Document Summary List (DSL), by number, title, and date. The document versions specified on the DSL take precedence over the generic references (without revision letters) cited in the PWS. 3.0 CYBER SECURITY (CS) PERFORMANCE REQUIREMENTS. 3.1 REQUIREMENTS OVERVIEW. The Contractor shall perform CS support services and provide expertise for Weapon System management, Industrial Base Operations, and System IT Life Cycle support /solutions in accordance with the PWS. Current CS support services are being performed to the organizations and locations listed in Appendix A. The Government reserves the right to amend the list of supported organizations and locations over the life of this contract. The contract scope shall not be limited to currently identified IT and CS disciplines but also includes new innovations and advances in related technology, processes and procedures. Appendix B contains a sample of the current hardware and software supported by this PWS. The Contractor shall be knowledgeable of the functional, technical, business, and network environments of the customers supported and shall be responsible for responding and adapting to technology changes. The Contractor shall be knowledgeable of customer environments to include customer mission related acquisition, logistics, technology, information systems, network security programs, cyber space operations, DoD network operations, Defensive cyber operations, and life cycle support and solutions from concept development through sustainment. All services provided hereunder shall comply with Section 508 of the Rehabilitation Act of 1973, as amended (29 U.S.C. 794d), and shall meet the applicable accessibility standards at 36 CFR Part 1194. 3.2 GENERAL. The Contractor shall have knowledge of the Department of Defense (DoD) core competencies and provide CS services for a wide-range of activities to include: RMF A&A; assessments; analyzing, evaluating, reporting, coordinating, planning, and implementing strategies and policies in support of the CS Program; ensuring compliance with DoD and Army CS policies for all information systems and environments; and intrusion detection to include use of tools such as "Guardian" Intrusion Detection System (IDS). The Contractor shall provide advice and recommendations on CS program goals and initiatives, organizational responsibilities, program synchronization, and CS strategic planning. The Contractor shall provide and maintain knowledge of National, DoD, and Army regulatory policies related to CS, Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA), Public Key Infrastructure (PKI), DoD IT A&A processes, RMF, Tenant Security Plan (TSP), Enterprise Mission Assurance Support Servcie (eMASS), and IAVM. The Contractor shall comply with applicable regulations and policies including: DODI 8500.01, Cybersecurity; DODI 8510.01 Risk Management Framework; DODI 8580.1, Information Assurance (IA) In the Defense Acquisition System; DODD 5000.1, The Defense Acquisition System; DODI 5000.2, Operation of the Defense Acquisition System; Federal Information System Management Act (FISMA) security requirements; Appendix III of OMB A-130, Security of Federal Automated Information Resources; Federal Information Processing Standards (FIPS) 199, Standards for Security Categorization of Federal Information and Information Systems; FIPS 200, Minimum Security Requirements for Federal Information and Information Systems; National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53A, Guide for Assessing the Security Controls in Federal Information Systems; NIST SP 800-53A Rev 1, Guide for Assessing the Security Controls in Federal Information Systems and Organizations, Building Effective Security Assessment Plans; NIST SP 800-53A Rev. 3, Recommended Security Controls for Federal Information Systems and Organizations; NIST SP 800-53A Rev. 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans; NIST SP800-37 Rev 1, Guide for Applying the Risk management Framework to Federal Information System: A Security Life Cycle Approach; NIST SP800-70 Rev 3, National Checklist Program for IT Products: Guidelines for Checklist Users and Developers; NIST SP 800-60, Guide for Mapping Types of Information and Information Systems to Security Categories; best business practices; and lessons learned. 3.2.1 The Contractor shall provide information, knowledge, and services for CS and IT-related business areas; maintain awareness of and provide expertise on emerging technologies and the key dimensions of business requirements that drive technology change. The Contractor shall identify and leverage opportunities for potential new solutions to ensure cyber security, IA, IT, and business strategic alignment. The Contractor shall provide information, knowledge, and support services for risk analysis, trending analysis, posture analysis, and events/incident analysis. 3.2.2 The Contractor shall develop, schedule, and coordinate project plans as they relate to CS services. 3.2.3 The Contractor shall use effective written documentation and verbal presentations to convey technical solutions, problem analysis, and project planning. 3.3 RISK MANAGEMENT FRAMEWORK (RMF) ASSESS AND AUTHORIZE (A&A) SUPPORT. The Contractor shall provide knowledge of and assist with the establishment of RMF A&A processes, documentation, and assessments required to manage the implementation of CS capabilities and services, and provide visibility of authorization decisions regarding the operation of DoD Information Systems (IS), including Core Enterprise services-based and Web services-based software applications and systems, in compliance with DoD regulations and Best Business Processes (BBPs). All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable Technical Direction Order (TDO). Functions that the Contractor shall perform under individual TDOs include: 3.3.1 Implement, administer, support, and manage the RMF for Automated Information Systems (AIS) and networks; implement, administer, support and manage applicable TSPs that support designated network enterprise centers or other processing centers. The Contractor shall use the standard RMF /TSP business process, document templates and applications. 3.3.2 Ensure that all A&A documentation is in compliance with regulations, policies, and guidance. 3.3.3 Develop the required RMF and other CS documentation/artifacts in accordance with AR 25- 1, AR 25-2, DODI 8500.01, DODI 8510.01, DODI 8500.2, DODI 8580.1 and NIST SP 800 series for each assigned Government AIS and network. 3.3.4 Develop plans to facilitate RMF requirements and monitor RMF status, so that System Owners are able to maintain required RMF documentation, including the ), Authority to Operate (ATO), Authority to Connect (ATC), Certificate of Networthiness (CON), and the System Security Plan (SSP). 3.3.5 Plan, coordinate, conduct, and document RMF validations of AIS in accordance with the standard RMF document templates, business processes, and the applicable regulations, policies, and guidance. The Contractor shall apply a baseline set of CS controls for all AIS in accordance with regulations, policies, and guidance. The Contractor shall make recommendations to the System Owners for the completion of CS documentation and implementation of prescribed CS controls. The Contractor shall monitor, measure, and report the on-going status of CS controls over the lifecycle of the AIS. 3.4 TECHNICAL VULNERABILITY ASSESSMENT AND VALIDATION SUPPORT. The Contractor shall implement and support the standard CS Business Process to perform CS assessments and validations of the AIS in support of A&A requirements and in compliance with DoD regulation s and Best Business Processes (BBPs). The Contractor shall perform vulnerability assessments, system configuration reviews, and other activities to identify potential vulnerabilities, both internal and external. All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable TDO. Functions that the Contractor shall perform under individual TDOs include: 3.4.1 Verify that sufficient CS controls and security requirements are applied to AIS, based on the applicable information types, in accordance with DODI 8500.0l, DODI 8580.1, AR 25-2, NIST SP 800 series, and other applicable regulations. Provide guidance and assistance to System Owners in matters related to A&A of AIS. 3.4.2 Conduct vulnerability assessments utilizing most current DOD/DA approved tools, and report the findings along with recommendations for mitigation. The Contractor shall also conduct software testing and secure code reviews to identify vulnerabilities. 3.4.3 Develop and review system security architectural designs to ensure compliance with cyber security and information regulatory guidance, and make change recommendation s in cases where compliance is not being met. 3.4.4 Participate in incident and spillage handling actions; monitor and track responses; and prepare incident and spillage handling reports. 3.4.5 Implement new and emerging solutions for CS controls that meet DOD/DA requirements for CS Accreditation of AIS. 3.4.6 Provide recommendations that result in AIS with non-compliant CS solutions becoming compliant with DODI 8500.0 l, DODI 8580.1, Security Technical Implementation Guides (STIGS), AR 25-2, and BBPs. 3.4.7 Perform site assisted visit to remote locations in support of various inspections. 3.4.8 Participate and support cyberspace operations to include providing recommendations for DoD Information Network Operations and defensive cyber operations. 3.5 CYBER SECURITY PROGRAM STATUS, TRACKING, AND REPORTING SUPPORT. The Contractor shall track and report the status of Organization/Command CS Management Programs, including Information Assurance Vulnerability Management (IAVM), Federal Information System Management Act (FISMA) requirements, training, computer security incident reporting, planning, execution, and other applicable metrics reporting. All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable TDO. Functions that the Contractor shall perform under individual TDOs include: 3.5.1 Provide assistance to the Government CS manager in the planning, execution, tracking, and periodic reporting of all aspects of the organization/command CS Program. 3.5.2 Prepare briefings on a wide range of CS-related subjects. 3.5.3 Perform document and policy review; formulate and draft responses on a wide range of CS-related topics. 3.5.4 Gather, collate information, and prepare reports on new viruses and Trojans, external threats, new vulnerabilities, and on exploits and general network/AIS security issues. 3.5.5 Manage all aspects of computer security incident reporting. This shall include oversight, report and issuing correspondence on computer security incidents, and providing weekly briefings on the status of incidents. 3.5.6 Provide assistance to the Government CS manager in the planning, execution, tracking, and management of the FISMA program. 3.6 INFORMATION ASSURANCE VULNERABILITY MANAGEMENT (IAVM)/CYBER SECURITY (CS) PROG RAM SUPPORT. The Contractor shall provide knowledge of and assist with all aspects of the Organization/Command's IAVM and CS Program to enable compliance with regulations, policies, and guidance. All Contractor actions, findings and recommendation s shall be reported in the required documentation as directed in the applicable TDO. Functions that the Contractor shall perform under individual TDOs include: 3.6.1 Provide recommended guidance to implement actions required by new CS vulnerability messages. 3.6.2 Facilitate coordination efforts between the organization, the Army Cyber Command (ARCYBER), and the Regional Continental United States (CONUS) CERT (RCERT) on IAVM/CS Program matters. 3.6.3 Monitor the IAVM reporting process, track organizations IAVM reports and reports status, and provide IAVM metrics on an as-needed basis. 3.6.4 Provide technical support on Vulnerability Assessments perform vulnerability scans of selected systems, and provide technical support to organizations on the use of Army-approved vulnerability scanning software packages. 3.6.5 Provide recommended guidance to implement network security and defensives cyber operations in support of JWICS, NIPR, SIPR, DREN and SDREN. 3.7 CYBER SECURITY PROGRAM AWARENESS SUPPORT. The Contractor shall assist the Government CS manager with the development and the execution of organization-wide CS awareness programs. The Contractor shall be responsible for identifying target audiences, disseminating CS-related information, and using a variety of media to reinforce critical themes of the CS program. All Contractor actions, findings, and recommendations shall be reported in the required documentation as directed in the applicable TDO. Functions that the Contractor shall perform under individual TDOs include: 3.7.1 Perform requirements analysis for organization-wide CS educational, training, and awareness requirements and needs. 3.7.2 Coordinate with target organization s to identify CS requirements and needs; and develop the subject areas for organization-wide CS education, training, and awareness events based on these identified requirements and needs. 3.7.3 Coordinate, prepare and provide required CS educational materials to compliment periodic education, training, and awareness events. 3.7.4 Participate in the delivery of CS subject areas during the periodic education, training, and awareness events. 3.7.5 Track and manage the current level of CS education and training for personnel within target organizations utilizing the appropriate tracking tools. 3.8 CYBER SECURITY PROJECT/PLANNING SUPPORT. The Contractor shall be knowledgeable of the CS governing regulations and provide CS Project/Planning support using government best business practices. The support shall include analyzing, evaluating, reporting, coordinating, planning, and implementing approved strategies and policies. All Contractor actions, findings, and recommendations shall be reported in the required documentation as directed in the applicable TDO. Functions that the Contractor shall perform under individual TDOs include: 3.8.1 Apply CS Government regulations and associated BBPs to CS projects and planning processes. 3.8.2 Review new CS regulatory guidance and BBPs; and prepare/present briefs on updated requirements to the Government CS manager and staff. 3.8.3 Evaluate current processes to ensure that CS regulatory guidance and BBPs have been applied and are included. 3.8.4 Identify shortfalls in CS guidance and present findings/recommendations for improvement to the Government CS manager. 3.8.5 Develop and provide recommended solutions to the Government CS manager as it applies to CS project/planning. 3.9 SECURITY ASSESSMENT SUPPORT. The Contractor shall perform and assist with security assessments, also known as security audits or security reviews, to ensure that necessary security controls are integrated into the design and implementation of any IT project. The Contractor shall provide findings and documentation outlining any security gaps between a project design and applicable security policies, regulations, and guidelines. All Contractor actions, findings, and recommendations shall be reported in the required documentation as directed in the applicable TDO. Functions that the Contractor shall perform under individual TDOs include: 3.9.1 Conduct security assessments of organizations which shall include: • Security policy and operational procedure development • Security engineering and architecture design • Operational security management • Network security testing and evaluation • Computer security incident response • Vulnerability analysis • Malicious code analysis • Security risk assessment • Security certification and accreditation • Assess and Authorize • Site assisted visits for DISA CCRI inspections at remote locations • Risk analysis • Trending analysis • Event/Incidents analysis 3.9.2 Provide documentation of an organization's current security state, identify security vulnerabilities, and deliver recommendations for mitigating identified risks. 3.10 SENIOR CYBER SECURITY SUBJECT MATTER EXPERT (SME) SUPPORT. The Contractor shall provide Senior (Sr.) CS SME support to review, analyze, and recommend strategic and tactical options for improved management and performance of the CS architecture, AIS, and networks, which support the Enterprise and organizational mission requirements. Studies, analyses, options, and recommendations shall be documented in a technical report. All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable TDO. Functions that the Contractor shall perform under individual TDOs include: 3.10.1 Provide Sr. CS SME in support of Government IT Processes, Enterprise IT/CS Solutions, and Enterprise IT Service Delivery. 3.10.2 The Sr. CS SME support personnel shall be qualified to perform their assigned duties and have applicable experience and education, including management experience, in the disciplines of cyber security, information management, and project management. 3.10.3 The Sr. CS SME support personnel shall have knowledge and expertise to perform analysis and provide solutions in areas of: • CS Regulatory Guidance • CS Program Management • Emerging CS Technologies • CS Best Business Practices • CS Risk Management • IT Security • IT Contingency Plan I Continuity of Operations (COOP) • Cyber Space Operations for DoD Information Network Operations 4.0 INFORMATION MANAGEMENT (IM) PERFORMANCE REQUIREMENTS. 4.1 REQUIREMENTS OVERVIEW. The Contractor shall perform IM support services and provide technical resources to enable Weapon System management, Industrial Base Operations, and System IT Life Cycle support/solutions in accordance with the PWS. Current IM support services are being performed to the organizations and locations listed in Appendix A. The Government reserves the right to change this over the life of the contract if required. The contract scope shall not be limited to currently identified services but shall encompass all IM and IT disciplines to include new innovations and advances in technology, processes and procedures. A sample of current hardware and software is identified in Appendix B. The Contractor shall be knowledgeable of the functional, technical and business process environments of the customers supported and shall be responsible for responding and adapting to technology and business process changes. The Contractor shall be knowledgeable of the customers' mission related acquisition, logistics, technology, business programs, and life cycle support and solutions from concept development through sustainment. All services provided hereunder shall comply with Section 508 of the Rehabilitation Act of 1973, as amended (29 U.S.C. 794d), and shall meet the applicable accessibility standards at 36 CFR Part 1194. 4.2 GENERAL. The Contractor shall provide a wide variety of Information, Knowledge, and Data Management services in Schedule I (long term, repeatable level of effort) by applying industry best business practices in the management of information and data throughout the information lifecycle regardless of source or format. 4.2.1 The Contractor shall provide information, knowledge and data services for IM and IT- related business areas; maintain awareness of emerging technologies and the key dimensions of business requirements that drive technology change in order to assist with IM tasks. The Contractor shall identify and leverage opportunities for new solutions and ensure IM, IT, and business strategic alignment. 4.2.2 The Contractor shall develop, schedule, and coordinate project plans as they relate to IM services. 4.2.3 The Contractor shall use effective written documentation and verbal presentations to convey technical solutions, business process and re-engineering solutions, information and data analysis, problem analysis, and project planning. 4.3 BUSINESS PROCESS MANAGEMENT (BPM) AND RE-ENGINEERING SUPPORT. The Contractor shall use BPM methodologies, such as Lean Six Sigma, Capability Maturity Model Integration (CMMI), Information Technology Infrastructure Library (ITIL), best business practices, and emerging methodologies that promote business effectiveness, efficiency, process optimization, innovation, flexibility, and integration with technology. The Contractor shall: • Define - baseline the process or the process improvement; • Model - simulate the change to the process; • Analyze - compare the various simulations to determine an optimal improvement; • Improve - deploy the Government selected improvement as directed; • Control - upon deployment of the improvement, monitor the improvement in real time, and feed the performance information back into the simulation model in preparation for the next improvement iteration; and • Measure - determine the capability of the process by measuring before and after implementation. All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable Technical Direction Order (TDO). Functions that the Contractor shall perform under individual TDOs include: 4.3.1 Continually streamline and optimize the end-to-end business processes to ensure compliance with customer's needs. 4.3.2 Continually streamline and optimize the end-to-end business processes to ensure compliance with customer's needs. 4.3.3 Analyze and design workflows and processes within an organization which will result in a defined business outcome/process. 4.3.4 Perform functional decomposition in order to break up a large or complex business operation/function into smaller and more manageable chunks facilitating a better understanding of the business operation/function. 4.3.5 Identify, analyze and evaluate business process and functional requirements for sustained logistics, acquisition, and product life cycle management. 4.3.6 Use Business Information, or Data Workflow Analysis as a tool to streamline, automate, document, and improve the efficiency of business procedures and processes, and establish future goals or long term objectives. 4.3.7 Provide Software/Systems Process Engineering improvement support which shall include a tool kit of available skills used for causal analysis, problem solving, and continuous improvement. 4.3.8 Participate in continuous process improvement activities such as development, implementation, and monitoring of the Software/Systems Engineering Process (SEP). 4.3.9 Participate in and serve as a Subject Matter Expert (SME) for Lean Six Sigma, CMMI, and Information Technology Infrastructure Library (ITIL) practices or any other emerging process improvement methodology regarding process efficiencies and improvements. 4.3.10 Provide CMMI-Development, CMMI-Services Gap Analysis, and Standard CMMI Assessment Method for Process Improvement (SCAMPI) A, B, and C Appraisals to ascertain compliancy with the continuous or staged representation of the CMMI Model. This task includes appraisal planning and preparation of the Practice Implementation Indicator Document (PIID). In addition, the Contractor shall perform analysis of the appraisal results and provide recommendations for improvement and compliance. The Contractor shall also perform ITIL compliancy with processes and Gap Analysis. 4.3.11 Provide data analysis to include key performance metrics using Mini Tab or other Government identified performance measurement tools, analyzing trends, variations and upper/lower control specifications. 4.4 BUSINESS ANALYSIS (BA) SUPPORT. The Contractor shall provide BA support including Business Case Analysis (BCA), Economic Analysis (EA), Analysis of Alternatives (AoA) and other special studies that provide a best-value analysis considering not only cost, but other quantifiable and non-quantifiable factors supporting an investment decision. This includes performance, producibility, reliability, maintainability, and supportability enhancements. All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable TDOs. Functions that the Contractor shall perform under individual TDOs include: 4.4.1 Generate an expanded cost/benefit analysis with the intent of determining a best-value solution. For example, the relative cost versus benefits of different support strategies. 4.4.2 Document how each alternative fulfills the strategic objectives of the program; how it complies with product support performance measures; and the resulting impact on stakeholders. 4.4.3 Identify and recommend which alternative support options provide optimum mission performance given cost and other constraints, including qualitative or subjective factors. 4.4.4 Identify the sensitivity of the data to change; and perform the analysis and classification of risks. 4.4.5 Prepare formal Economic Analysis (EA) taking into account the opportunity costs of resources employed and the costs and benefits of the project to the organization(s). 4.5 INFORMATION TECHNOLOGY (IT) STRATEGIC, CAPITAL, AND POLICY/GUIDANCE PLANNING SUPPORT. The Contractor shall assist in developing Strategic Plans, Policies, and Guidance, and outline enforcement procedures that align with the organizational mission, goals, and objectives. The Contractor shall provide a basis for aligning organizational and budget structure with the strategic plans. The Contractor shall be responsible for staying abreast on changing laws, policies, and directives that could impact the planning. All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable TDOs. Functions that the Contractor shall perform under individual TDOs include: 4.5.1 Develop short and long-term information technology strategies through evaluation of current and future needs of the organization in relation to higher headquarter policies, directives, and strategic direction. 4.5.2 Develop optimal solutions to identified problems that can be implemented in the shortest period, with lowest total implementation costs. This combination will drive the new policies/guidance and strategic planning for years to come. 4.5.3 Identify IT strategies and alternative solutions to support agency goals and objectives. 4.5.4 Develop/monitor performance/metrics of IT Strategies, Capital Planning, policies and guidance. 4.6 PORTFOLIO MANAGEMENT (PfM) SUPPORT. The Contractor shall provide assistance and recommendations to the Government in the management of IT resources and investments using PfM strategies. The Contractor shall be responsible for staying abreast of changing laws, policies, and directives that could impact PfM. All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable TDOs. Functions that the Contractor shall perform under individual TDOs include: 4.6.1 Establish and track enterprise-level performance measures as a component of the transformation strategy, aligned with mission, vision, goals, and objectives. 4.6.2 Ensure registration of all IT investment items, to include all assigned networks, in the Army Portfolio Management Solution -Army IT Registry (APMS-AITR) module. 4.6.3 Provide system owners with regulatory guidance and recommendations on data calls and maintenance of accurate system records. 4.6.4 Ensure that IT expenditures meeting APMS entry criteria are vetted and approved by the appropriate Domain lead. 4.6.5 Provide assistance to the Government in the planning, execution, tracking, and periodic reporting of all IT investments and ensure appropriate business system certifications are obtained. 4.7 ENGINEERING DATA ACCEPTANCE SUPPORT. The Contractor shall maintain manual and electronic files to provide reference services for drawings, specifications, standards, and related documents to include Notice of Revisions (NORs) and stable-base drawings. The Contractor shall process requests for NOR's, and Engineering Change Packages (ECPs). All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable TDOs. Functions that the Contractor shall perform under individual TDOs: 4.7.1 Locate and retrieve all necessary technical data sheets and documentation to process NORs and ECPs; and scan NOR and ECP documents into a data repository. 4.7.2 Receive and process requests for engineering documents. The Contractor shall maintain manual and automated files for engineering documents and distribute hard copies, aperture cards, CDs, and other media to fulfill Government requests for information. 4.7.3 Receive, sort, and file various types of engineering documents as directed by the Government to maintain an up-to-date file repository. The Contractor shall ensure that the drawing index data is correct by verifying against original source documentation. 4.7.4 Update and maintain data repositories comprised of Stable Base Mylar documents, engineering and technical digital and aperture card documents, Engineering Change Proposals (ECPs), and NORs. 4.8 TECHNICAL DATA PACKAGE (TDP) OPERATIONS SUPPORT. The Contractor shall ensure TDP completion and track TDP deficiencies, as well as process TDP packages through the technical loop by utilizing programs, such as Interactive Configuration Management and Procurement Program (ICAPP), Engineering Data Information System (EDIS), and related or follow-on systems to verify the completeness and accuracy of the TDP before release. All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable TDOs. Functions that the Contractor shall perform under individual TDOs include: 4.8.1 Develop, coordinate, and maintain the status accounting records in order to support the acquisition of spare and repair parts. 4.8.2 Produce CDs utilizing defined processes and ensuring compliance with the DoD, Army, and customer organizations standards, policies, directives, and procedures. 4.8.3 Receive, track and process TDPs. 4.8.4 Fulfill requests for engineering data under the Freedom of Information Act (FOIA) by providing product data on various media types as directed by the Government. 4.9 DATA ANALYSIS, INTEGRITY, AND REVIEW SUPPORT. The Contractor shall provide independent analysis and review of Enterprise data, supporting Logistics, Engineering, and Financial processes, and assess the adequacy, accuracy, integrity, and timeliness of the data. The Contractor shall provide data integrity support that focuses on Army Data Management issues, such as data collection, cleansing, and migration of Enterprise data. The Contractor shall analyze the integration of input from a variety of sources in order to detect incorrect data and recommend/make corrections. All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable TDOs. Functions that the Contractor shall perform under individual TDOs include: 4.9.1 Provide support in the resolution of enterprise-wide automated management systems issues. This shall include analysis of emerging initiatives/systems and identification of problems and issues impacting the applicable Enterprise. 4.9.2 Identify, recommend, and take corrective actions to resolve erroneous/suspect data; coordinate with Major Commands (MACOMs), Major Subordinate Commands (MSCs), field activities, and all applicable sources, and conduct customer on-site surveys or agency visits. The Contractor shall utilize flowcharts, specifications, and systemic documentation to communicate problems and corrective actions. 4.9.3 Perform system analysis, recommend functional requirement changes, and provide documentation support for Data Management, in coordination and compliance with the Government Configuration Management (CM) processes. 4.9.4 Review emerging data management and data integrity problems as Legacy functionality is integrated into the Enterprise solutions, recommend applicable technical resolutions to Government representatives, and provide support in the implementation of corrective action. 4.10 INFORMATION TECHNOLOGY (IT) ASSET MANAGEMENT SUPPORT. The Contractor shall provide IT Asset Management to include receipt of asset, staging, barcoding, distribution/pick up, storage, inventory management, maintenance of hardware, software license, and input data into Government approved automated tracking systems. The Contractor shall use the organizational designated automated property book, the Property Book Unit Supply Enhanced (PBUSE) or any future directed processes and system. The Contractor shall comply with all Government and Army Property Management laws, directives, policies, and regulations. All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable TDOs. Functions that the Contractor shall perform under individual TDOs include: 4.10.1 Maintain and track software licenses. 4.10.2 Maintain accurate automated property records; review supply and equipment requests for proper approval; maintain and help manage hand receipts and the hand receipt process for nonexpendable accountable supplies and equipment; review registers of expendable and nonexpendable supplies and equipment to ensure compliance; and ensure that incoming IT equipment is placed on the automated property books. 4.10.3 Ensure that all accountable equipment is documented, labeled, bar coded, inventoried, and sub hand receipted to the end-user. 4.10.4 Reconcile discrepancies and make recommendations of the procedures to improve property accountability and the automated system. 4.10.5 Provide assistance in item identification; obtain guidance and operating instructions; and participate in equipment inspections. 4.10.6 Comply with internal government property management control systems. 4.10.7 Ensure proper coordination with appropriate property offices. 4.10.8 Ensure turn-in and disposal of equipment IAW the Army regulations and policies. 4.11 SCANNING SUPPORT. The Contractor shall convert archival materials to digital format using high-resolution scanners and state-of-the-art technology, to create digital collections of documents/information, including contracts, office files, financial files, and stablebase images. The Contractor shall properly handle fragile and rare archival materials; support the preparation of materials for scanning; and scan prints, photographs, and documents. The Contractor shall acknowledge applicable DoD and Army guidance and adhere to all policies for storage of files and materials. All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable TDOs. Individual TDOs will identify whether or not government furnished equipment and facilities are available to support the required scanning services; the scanning support may be performed by Contractor provided equipment and facilities. Functions that the Contractor shall perform under individual TDOs include: 4.11.1 Prepare and store digital images in Government repositories in accordance with applicable regulations, procedures, and guidance 4.11.2 Burn digital images to CD/DVD or any other designated media source. 4.11.3 Ensure that digital images are properly marked with security classifications according to applicable regulations, procedures, and guidance. 4.11.4 Perform all actions necessary to convert paper Technical Manuals to electronic format ensuring that all content visible on the paper page is captured. 4.12 OFFICE AUTOMATION, PRESENTATION/EXHIBIT DEVELOPMENT, DATA ENTRY, AND CONTENT MANAGEMENT SUPPORT. The Contractor shall provide office automation, data entry, and content management support. The Contractor shall provide presentation/exhibit development support, including development of charts, exhibits, marketing materials, training materials, graphs, briefings, slide presentations, video slide show presentations, and electronic media presentations. All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable TDOs. Functions that the Contractor shall perform under individual TDOs include: 4.12.1 Establish and maintain an electronic logging system of all charts, graphic images, presentations and/or electronic briefings, and perform proper storage. 4.12.2 Develop project schedules, presentations, briefings, and other documents using tools such as MS Project, Visio, MS Word, MS Excel, Power Point, Photo Shop and other emerging technologies. 4.12.3 Provide data entry support in order to input/update data in a variety of Commercial-Off- the-Shelf (COTS) or Government-Off-the-Shelf (GOTS) software packages. 4.12.4 Post a broad range of content including data, articles, pictures, and documents to web portals, web sites, SharePoint, and other locations in accordance with the Government and Army Security/Information Assurance regulations, policy and directives. 4.12.5 Provide support for maintenance of Electronic Technical Manual repository libraries to include placing updated/revised files in the repository, and ensuring accuracy and access to repository files over the worldwide web. 4.12.6 Create and prepare presentations, marketing materials, training materials, brochures, displays, posters and exhibits for both internal and external use/display/distribution. 4.12.7 Create and set up exhibits featuring lighting and movement. 4.12.8 Perform video editing utilizing video digitizing hardware and software for output to screen, videotape, and multimedia presentations. 4.12.9 Assist the Government in developing and enforcing records management plans, procedures, and training. The Contractor shall provide support for functional management of the records management programs in compliance with the applicable Government and Army regulations and policies including AR 25-1 Army Knowledge Management and Information Technology, AR 25-400-2 Army Records Information Management System, DA 25-51 Information Management Records Management Program, and PAM 25-403 Guide to Recordkeeping in the Army. 4.13 TECHNICAL WRITING/EDITING SUPPORT. The Contractor shall write/edit technical materials, such as reports of IT or IM findings; scientific or technical articles; news releases; and periodicals on scientific, research, or technical subjects. The Contractor shall draw on a substantial knowledge of customer programs and activities to develop informational materials and to select and present information in a form and at a level suitable for the intended audience. These information materials may be for internal or external dissemination, and shall include internal reports and publications; research/analysis protocols; summaries of research/analysis, reports of research/analysis findings, and news articles. The Contractor shall possess a broad range of sources of pertinent information; skills to analyze and present the information gathered; and knowledge of publishing practices, standards, and technologies for the media used. All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable TDOs. Functions that the Contractor shall perform under individual TDOs include: 4.13.1 Be responsible for preparing or updating pamphlets, policies, procedures, guides, and regulations by gathering information, evaluating related documentation/policy, and consulting with Subject Matter Experts (SMEs). 4.13.2 Develop on-line help, tutorials, and process guidance which could include multimedia content, online demos, and tutorials. 4.13.3 Ensure that documentation is clear, concise, usable, and conforms to established policies and standards. The Contractor shall utilize and ensure compliance of publications/documents with DoD, Army, and other required specifications/regulations. 4.13.4 Collect information and metrics to generate Service Level Agreements (SLAs)/Memoranda of Agreements (MOAs). The SLAs/MOAs shall designate/delegate responsibility between parties. 4.13.5 Collect functional and physical configurations of system interfaces to generate System Interface Agreements. 4.14 INFORMATION MANAGEMENT PROJECT/PLANNING SUPPORT. The Contractor shall provide IM Project/Planning support using appropriate industry best business practices. The support shall include identifying, analyzing, evaluating, reporting, coordinating, planning, and implementing approved strategies and policies. The Contractor shall execute approved IM support services within the specified cost, schedule and performance parameters of the individual IM projects/programs and applicable work directive. The Contractor shall provide a variety of project planning activities such as: Project Planning; Project Scheduling, Work Breakdown Structure, Task break down, and Project Maintenance/Sustainment; Project Cost Estimating; Cost and Resource Management; Change and/or Version Control; Project Change Control; Project Issue Tracking; Problem Tracking; and Risk/Issue Assessment, Risk Management and Risk tracking. All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable TDOs. Functions that the Contractor shall perform will be identified under individual TDOs. 4.15 SENIOR INFORMATION MANAGEMENT SUBJECT MATTER EXPERT (SME) SUPPORT. The Contractor shall provide Senior (Sr.) IM/SME support to review, analyze, and recommend strategic and tactical options for improved management and performance of the organizational mission and its enterprise requirements. All Contractor actions, findings and recommendations shall be reported in the required documentation as directed in the applicable TDOs. Functions that the Contractor shall perform under individual TDOs include: 4.15.1 Provide Sr. IM/SME support services in support of Government IT Processes, Enablement of Command Mission with Enterprise IT/IM Solutions, and enablement of Enterprise IT Service Delivery. 4.15.2 The Sr. IM/SME support personnel shall have appropriate experience and education for tasks assigned, including management experience in disciplines such as: business process management, systems analysis, information technology/management, strategic direction, capital planning, and project management. 4.15.3 The Sr. IM/SME support personnel shall have appropriate knowledge and expertise for the subject area they are assigned, so that they can perform analysis and provide solutions in areas such as: • Information/Knowledge/Data Management • IM Program Management - review and assess: program/project documentation, and project implementation methodology, reporting and communications. • Emerging IM Technologies • Business Process Management • IM Best Business Practices • Systems/Software Process Engineering • Strategic and Capital Planning - guidance, review, and assessment • Risk Management • Business Analysis • Workflow Analysis - data, information, and business • DoD Architecture Framework (DoDAF) - guidance, review, and document formulation 5.0 MANAGEMENT. For Contractor's management and administrative needs, the Contractor shall provide necessary labor, materials, supplies, services, facilities, and equipment to perform the specific work and services required to support contract performance. The Contractor shall provide only fully trained, experienced, qualified, and technically proficient personnel. 5.1 All work under this contract shall be performed by the Contractor only to the extent authorized by discrete TDOs which have been approved by the Contracting Officer. 5.2 The Contractor shall have access to Government data and information for the accomplishment of work under this PWS. The effort required to perform the tasks awarded under this PWS shall in no case constitute personal services. 5.3 The Contractor shall manage and control the resources necessary to ensure timely achievement of all contract requirements in the most economical manner possible. Frequent coordination by the Contractor shall be required with the customer base. 5.4 The Contractor shall support various Government offices requiring CS and/or IM support services as coordinated through the Government COR or as designated by the Contracting Officer. Contractor staff shall be required to be co-located with various customers to support mission needs as required by the COR for the duration of this contract. 5.5 The Contractor shall employ a management system that emphasizes the DoD Management Philosophy of continuous process improvement in providing required services, information and products. 5.6 The Contractor shall remain knowledgeable in the customer mission areas, business process areas, data management and information assurance areas, network properties and security, Government policy and standards, and emerging technology and hardware/software products in compliance with the Army's/DoD standards and policies throughout the duration of this contract. 5.7 The Contractor shall be knowledgeable of the customers mission related acquisition, logistics, technology, and cyber security programs and their life cycle support systems. 5.8 The Contractor shall be knowledgeable of the business, functional, technical, and network environments of the customers supported and shall be responsible for responding and adapting to technology changes. 6.0 OTHER DIRECT COSTS. The Contractor may be required to purchase incidental items, training, claim local mileage and other miscellaneous items as Other Direct Costs (ODC). ODCs are for incidental expenses only. ODCs shall be requested and approved by the COR prior to incurring any costs/expenses and reimbursed to the Contractor. Any single item purchased under ODC with a value of $25K or more shall be approved by the Contracting Officer prior to incurring any costs/expenses. The Contractor shall establish a purchasing plan that maximizes use of small disadvantaged, HUB Zone, and Service Disabled Veteran firms. 7.0 DEGREE OF KNOWLEDGE & EXPERIENCE. The customer base supports a variety of legacy, GOTS and COTS application/system environments. These environments require a variety of expertise to perform CS/IM support service activities, for which the Contractor shall provide qualified personnel with leading skills and experience. Current environments require expertise in CS/IM program goals and initiatives, organizational responsibilities, program synchronization, and CS/IM strategic planning for which the Contractor shall provide qualified personnel with leading skills and experience. The Contractor shall provide specialists, SMEs, and other specific skill sets as identified in the individual TDOs. Individual TDOs will specify the education, experience, training, and certifications required for TDO performance. 8.0 PLACE OF PERFORMANCE. Contractor personnel shall work primarily on-site at Redstone Arsenal, Huntsville, Alabama. TDOs may be performed in part or in full at other locations. Off-site and temporary travel to other locations shall be required. The CS/IM support services shall be performed for organizations and locations listed in Appendix A and others as necessary. 9.0 SECURITY. Contractor employees shall adhere to the provisions set forth in AR 380-5, Army Information Security Program; AR 25-1, Army Knowledge Management Program ; AR 25-2, Information Assurance; AR 380-67, Personnel Security Program; Federal Information Processing Standards Publication 201-1, Personal Identity Verification (PIV) of Federal Employees and Contractors; DoD Instruction 5200.2, DoD Personnel Security Program; and Directive-Type Memorandum (DTM) 08-006, "DoD Implementation of Homeland Security Presidential Directive-1 2, HSPD-12". 9.1 Contractor personnel shall comply with local security requirements for entry and exit control for personnel and property at the Government facility and the installation, as applicable. The Contractor shall observe and comply with the security provisions in effect at the Government facility. Identification badges shall be worn and displayed as required. 9.2 All Contractor personnel that access Government owned or operated automated computer systems, networks, or databases shall have the minimum of a National Agency Check with written Inquiries (NACI) and a favorable completion of a Federal Bureau of Investigation (FBI) fingerprint check, or a DoD-determined equivalent investigation, or greater. 9.3 All Contractor personnel that require a Common Access Card (CAC) in performance under this contract shall obtain the card prior to commencement of work unless otherwise authorized by the contracting officer or COR. All Contractors must be able to maintain a CAC during entire contract performance. 9.4 The Government may require security clearances up to Top Secret for performance of any TDO under this contract. A TDO specific DD Form 254 will be incorporated for each TDO. The level of classified access required shall be indicated in the individual TDO. The Contractor shall provide sufficient personnel with the required security clearances to perform the work as specified in individual TDOs. 9.5 Contractor personnel not requiring a personnel security clearance, but performing Automated Data Processing (ADP) sensitive duties, are subject to investigative and assignment requirements IAW DoDI 5200.2, DoD Personnel Security Program, AR25-2, Information Assurance, and affiliated regulations. 9.6 The Contractor shall bear the cost of any security clearances required for performance. 9.7 Failure to comply with security requirements can be cause for termination of employment/contract/TDO. 9.8 Contractor personnel shall comply with all security requirements of the applicable DD Form 254, Department of Defense Contract Security Classification Specification. Contractor employees are required to complete all required Security and Information Assurance training required by DoD and Army regulations, and supplements thereto. Applicable regulations, supplements, and standard operating procedures will be provided Contractor employees at their assigned organizations. 9.9 The Contractor shall not allow access to any Government information, system, computer, software, database, code, or any other Government assets associated with this PWS or applicable TDO to anyone who does not hold at the time of access the appropriate security clearance. Violation of this will subject the Contractor and Contractor personnel to any and all applicable laws and penalties. 10.0 TRAINING. 10.1 The Contractor shall provide a workforce possessing the skills, knowledge, training and certifications to satisfactorily perform the services required by this PWS. Personnel performing work under this PWS shall be employees of the Contractor and shall not be considered employees of the Government. 10.2 The Contractor shall have full responsibility for keeping its personnel current and abreast of state-of-the-art technology in the contract disciplines, CS classifications, required certifications (i.e. ITIL, CMMI, PMI PMP, SAP), required labor positions, and the hardware/software environments that are applicable to specific TDO efforts. The Contractor shall be responsible for all new and recurring training and certifications of Contractor personnel in such a manner as to assure that all tasks required by this PWS are performed properly. 10.3 The Defense Federal Acquisition Regulation Supplement (DFAR) Clause 252.239-7001 (Information Assurance Contractor Training and Certification) applies to this contract. This contract is subject to the mandates of DoDD 8570.01, which establishes baseline technical and management CS skills for personnel performing CS functions within the DoD. Functions spanning multiple levels require certification of the highest level functions. Certification holders shall ensure that their certificates remain active and are renewed prior to expiration. Contractor personnel supporting CS shall be appropriately certified prior to starting work on this contract. Contractor personnel shall utilize the ATCTS website athttps://atc.us.army.mil to create and maintain an account for documentation of successful completion of mandatory training, certification, and re-certification. 10.4 The Government will identify in the TDO the CS classification level for each Contractor's functional role. The CS classification level will indicate at which Certification level, either I, II or III, the Contractor needs to be trained. CS Certification training must be in accordance DoD Directive 8140.01, Cyberspace Workforce Management; DoD Directive 8570.01-M, Information Assurance Workforce Improvement Program; AR 25-2; Army Training and Certification Best Business Practices, including 05-PR-M-0002, IA Training and Certification; and applicable guidance/policy. Contractor shall supply fully certified CS personnel to begin performance under this contract unless otherwise approved in writing by the contracting officer or COR. If approved by the Contracting Officer or COR, Contractor CS training must comply with all applicable guidance/policy. The Contractor personnel shall supply/retain/maintain the identified CS classification level throughout performance of this contract. 10.5 Training at Government expense will not be authorized for replacement personnel, for training Contractor personnel on TI requirements, or for keeping Contractor personnel abreast of the state of art technologies unless specifically authorized by the Contracting Officer. 10.6 The Contractor shall not bill for labor hours or travel costs associated with Contractor employee training unless Government directed training is specifically required and authorized in a TDO. The Contractor shall be required to obtain written approval from the COR prior to the start of Government directed training. If travel costs are involved, reimbursement will be in accordance with Section 12.0. 10.7 In addition to noted training, education, and experience requirements, the Contractor and their subcontractors shall be required to take Government directed training to support the contract effort. The Government will identify required training that is at government expense. 11.0 ANTITERRORISM/OPERATIONS SECURITY (AT/OPSEC). The Contractor shall have full responsibility for keeping all its personnel fully trained and certified. Failure to comply with training and certification requirements can be cause for termination of employment/TI/contract. 11.1 Antiterrorism (AT) Level I training is required for Contractor employees with an area of performance within an Army controlled installation, facility or area, or providing direct support to the contract. All Contractor employees requiring access to Army installations, facilities and controlled access areas shall complete AT Level I awareness training within 30 calendar days after contract start date or effective date of incorporation of this requirement into the contract, whichever is applicable. The Contractor shall submit certificates of completion for each affected Contractor employee to the COR or to the contracting officer within 30 calendar days after completion of training by all Contractor employees. AT level I awareness training is available at the following website: http://jko.jten.mil. 11.2 AT Awareness Training for Contractor Personnel Traveling Overseas. Contractor employees shall make available and receive government provided area or responsibility (AOR) specific AT awareness training as directed by AR 525-13. Specific AOR training content is directed by the combatant commander with the unit Antiterrorism Officer (ATO) being the local point of contact. 11.3 iWATCH Training is required for all Contractor employees with an area of performance within an Army controlled installation, facility or area, or providing direct support to the contract. The Contractor shall brief all employees on the local iWATCH program (training standards provided by the requiring activity ATO). This local developed training shall be used to inform employees of the types of behavior to watch for and instruct employees to report suspicious activity to the Commanding Officer (CO). This training shall be completed within 30 calendar days of contract award and within 30 calendar days of new employees commencing performance with the results reported to the COR NLT 30 calendar days after completion of training. Training website: http://www.myarmyonesource.com/FamilyProgramsandServices/iWatchProgram/Default.aspx 11.4 Army Training Certification Tracking System (ATCTS) registration is mandatory for Contractor employees who require access to government information systems. All Contractor employees with access to government information systems shall be registered in the ATCTS (Army Training Certification Tracking System) at commencement of services, and shall successfully complete the DoD Information Assurance Awareness prior to access to the IS and then annually thereafter. 11.5 For CS/IT training. All Contractor employees shall complete the DoD IA awareness training before issuance of network access and annually thereafter. All Contractor employees working IA/IT functions shall comply with DoD and Army training requirements in DoDD 8570.01 and AR 25-2. 11.6 For CS/IT certification. Per DoDD 8570.01, DFARS 252.239.7001 and AR 25-2, the Contractor employees supporting CS/IT functions shall be appropriately certified prior to providing support under this contract and shall maintain mandatory minimum training requirements during contract performance. The baseline certification as stipulated in DoDD 8570.01-M must be completed prior to providing support under this contract and shall maintain mandatory minimum training requirements during contract performance. 11.7 OPSEC training. Per AR 530-1, the contractor employees must complete Level I OPSEC Awareness training. New employees must be trained with 30 calendar days of their reporting for duty and annually thereafter. 11.8 For Contract Requiring Performance of Delivery in a Foreign Country. DFARS Clause 252.225-7043, Antiterrorism/Force Protection for Defense Contractors outside the US. This clause applies to both contingencies and non-contingency support. All non-local national Contractor personnel shall comply with theater clearance requirements. The combatant commander shall exercise oversight to ensure the Contractor's compliance with combatant commander and subordinate task force commander policies and directives 11.9 Handling or access to classified information. Contractor employees shall comply with FAR 52.204-2, Security Requirements. The Contractor shall comply with: (1) The Security Agreement (DD Form 441), including the National Industrial Security Program Operating Manual (DoD 5220.22-M) and, (2) any revisions to DoD 5220.22-M, notice of which has been furnished to the Contractor 11.10 Access and general protection/security policy and procedures Contractor employees with an area of performance within an Army controlled installation, facility, or area shall provide all information required for background checks to meet installation access requirements to be accomplished by installation Provost Marshal Office, Director of Emergency Services or Security Office. Contractor workforce shall comply with all personal identity verification requirements (FAR clause 52.204-9, Personal Identity Verification of Contractor Personnel) as directed by DoD, HQDA and/or local policy. In addition to the changes otherwise authorized by the changes clause of this contract, should the Force Protection Condition (FPCON) at any individual facility or installation change, the Government may require changes in contractor security matters or processes 11.11 For Contractors requiring a Common Access Card (CAC). Before CAC issuance, the Contractor employee requires, at a minimum, a favorably adjudicated national Agency Check with Inquiries (NACI) or an equivalent or higher investigation in accordance with Army Directive 2014-05. The Contractor employee shall be issued a CAC only if duties involve one of the following: (1) both physical access to a DoD facility and access, via logon, to DoD networks on-site or remotely; (2) remote access, via logon, to a DoD network using DoD-approved remote access procedures; or, (3) physical access to multiple DoD facilities or multiple non-DoD federally controlled facilities on behalf of the DoD on a recurring basis for a period of 6 months or more in direct support of this contract. 11.12 Per AR 381-12, Threat Awareness and Reporting Program (TARP), all Contractor employees with security clearances shall receive annual TARP training by a CI agent or other trainer as specified in 2-4b. This training shall be completed annually with the results provided to the COR NLT 30 days after completion of the training. 12.0 TRAVEL. The Government, in accordance with Joint Travel Regulation (JTR) and FAR 31.205-46, will reimburse the Contractor for all approved travel incurred in the performance of the TDOs. The Contractor is required to obtain written approval from the COR prior to conducting travel. Travel requirements shall be limited to that required to support the TDOs. The Contractor shall be responsible for travel arrangements for Contractor personnel under this TDO and for securing any required personnel clearances, as needed at various locations. This includes travel, subsistence, and associated labor charges for travel time. Contractors shall be required to have a valid passport and current immunizations for OCONUS travel. The Contractor shall be responsible for obtaining passports, immunizations, and/or visas for traveling Contractor personnel. The Contractor shall use only the minimum number of travelers and rental cars needed to accomplish the trip purpose. Travel shall be scheduled during normal duty hours whenever possible. Airfare will be reimbursed for actual common carrier fares which are obtained by the most reasonable and economical means. 12.1 When the COR has approved tasks to be performed in part or in full at other locations/offsite (See Appendix A) and this requires travel to a location other than the Contractor personnel 's' assigned duty station, travel shall be reimbursed in accordance with applicable regulations and guidance. Travel performed for personal convenience and daily travel to and from work at the Government or Contractor's facility will not be reimbursed. 13.0 GOVERNMENT FURNISHED FACILITIES, EQUIPMENT & INFORMATION. 13.1 The Government will provide the following when Contractor employees are co-located with Government personnel at Government facilities: • A work area for Contractor personnel • Personal computers with network printing capabilities, E-mail and Web (Intranet/Internet) access • Software required in performing task activities • Class A, VoIP, or other Government approved telephones • Contractor personnel identification badges, which shall be worn in the workplace • Applicable User Ids and passwords • Expendable office supplies (pencils, pens, tape, paper, etc.) • Desktop Locks for laptops and/or CPUs, when needed The Government may provide non-co-located Contractor personnel access to Government computers, software, IDs, passwords when it is required for TDO performance. 13.2 Government property will not be taken from the work place, nor modified without written request to the Government and written Government permission by the authorized Government COR or Contracting Officer. 13.3 The Contractor shall be fully responsible for the acceptability of its employees for purposes of facilities access and network access. Any failure of Contractor employees to gain access to either facilities or the network and any resultant delay in contract performance is not the responsibility of the Government. 13.4 The Government may provide GFE as required in individual TDOs issued under this contract. The Contractor shall be responsible for reimbursement to the Government, for only the repair or replacement of GFE that is in his possession and that is damaged or lost due to negligence, misuse, or abuse on the part of the Contractor's employees. 13.5 The Government will provide the hardware and software components integral to the implementation of Contractor services identified in Section C of this Contract. 13.6 Government Furnished Information (GFI) is any technical data, drawings, or models necessary for contract performance that are in the Government's possession. The COR will determine if the GFI identified in individual TDOs is in the Government' s possession and make the determination as to whether the requested data /drawings/models can be released to the Contractor. 14.0 PRIVACY ACT. Work under this contract may require that Contractor personnel have access to Privacy Information. Personnel shall adhere to the Privacy Act, Title 5 of the U.S. Code, Section 552a and applicable agency rules and regulations. 15.0 HOURS OF OPERATION. The Contractor shall perform the functions under this PWS as dictated by the operational requirements of the customers that are being supported. 15.1 NORMAL BUSINESS HOURS. The Contractor normal business hours of operation are 0600 hours to 1800 hours, Monday through Friday. The normal duty day will consist of eight work hours with a meal break. Individual TDOs shall identify normal business hours. 15.2 OPERATIONAL BUSINESS HOURS. The Contractor operational business hours for some customers may be up to 24 hours a day, 7 days a week, and 365 days a year. Individual TDOs shall identify hours of operation. 15.3 OVERTIME. The Contractor shall identify hours in excess of 40 hours per week that are necessary to meet requirements and shall notify the COR/KO of the labor category, justification, date(s), time(s) and estimate of hours necessary to support TDO requirements. Overtime shall be requested and approved by the COR/KO prior to incurring any overtime. Overtime hours that are not authorized by the COR/KO will not be reimbursed to the Contractor, by the Government. Under no circumstances shall Contractor personnel exceed the approved allotment of overtime hours. 15.4 ON-CALL SUPPORT. The Government may require on-call support on a periodic, temporary or pem1anent basis. Individual TDOs shall identify the on-call requirements. 15.5 CRITICAL SUPPORT. The Contractor shall provide support, after Normal Business Hours and for Operational Hours, as stated in 15.1 and 15.2, for mission critical support, when necessary. Critical CS-related functions may be performed in response to individual TDO requirements. Any Continuity of Operations (COOP) requirements shall be identified in the individual TDOs. 15.6 CONTINUITY OF OPERATIONS (COOP)/DISASTER RECOVERY. The Contractor shall comply with COOPs and the Disaster Recovery Plans for all areas supported during routine operations and emergencies. 15.7 MISSION/KEY ESSENTIAL. The Government may designate certain Contractor positions as emergency/key essential positions which are required to support vital services during inclement weather, base closure or other situations. The Contractor positions that are designated as emergency/key essential positions may be required to stay on the job or report to work while fellow workers are excused. The Contractor shall comply with the emergency/key essential requirements for all areas supported. 16.0 HAZARDOUS MATERIAL. Hazardous Material activities are not anticipated in the performance of the tasks identified in this PWS. In the event of contact or exposure to hazardous material, the Contractor and subcontractor activities shall be in compliance with applicable Federal, state and local environmental laws and regulations. 17.0 COMPLIANCE WITH ENVIRONMENTAL LAWS AND REGULATIONS. Contractor shall comply with all applicable federal, state, and local environmental laws, statutes, regulations, executive orders, permits, Army regulations (with supplements), as well as Major Subordinate Command (MSC) and installation regulation, policy, Host Tenant Agreement, Interagency Service Support Agreement, or Status-of-Forces Agreement. Contractor shall immediately report any conflicts between applicable federal, state, local environmental laws, statutes, executive orders, and provisions of Army Regulation 200-1, and any specifications within this contract to the Contracting Officer Representative (COR). 18.0 PHASE-IN, PHASE-OUT, and CLOSE-OUT. The following phase-in, phase-out and close-out requirements describe how continuity of operations shall be maintained for serviced organizations during transition of performance from out-going Contractors to incoming Contractors/Government. The objective is to coordinate on-going efforts so that user/customer services are not impacted. These requirements will be initiated at the Government's discretion through individual TDOs. 18.1 PHASE-IN EFFORT. The Contractor shall work in coordination with the outgoing Contractor/Government for a period not to exceed 60 days after TDO approval to ensure that support is transitioned in a smooth, uninterrupted effort. A. During the phase-in period, the Government may provide the Contractor written descriptions and procedures of ongoing and recurring activities. B. The Government COR or assigned TM will provide access to all documentation pertinent to the TDO effort (e.g., manuals, regulations, reports, schedules, activity logs, and all required computer related passwords). 18.2 PHASE-OUT and CLOSE-OUT EFFORT. For each TDO under this PWS, the Contractor shall provide transition information to and coordinate with the incoming Contractor/Government as described below or shall provide close-out information to the Government. Hand-off of all materials/projects developed, purchased or under development, including licenses shall be accomplished in an orderly fashion. This shall include all materials in which ownership is in dispute, which shall be resolved under contract close-out procedures. These requirements are in addition to standard procedures such as clearing of post. The Phase-Out or Close-Out requirements will be initiated at the Government's discretion through individual TDOs. A. The Contractor shall work in coordination with the incoming Contractor/Government during the transition period not to exceed 60 days prior to the TDO completion date. Additional workspace may be provided by the Government during this period. B. As required by individual TDOs, the Contractor shall provide the COR with a detailed Phase-Out Report that includes written descriptions and procedures for all ongoing and recurring activities no later than 60 days prior to the end of the TDO IAW DI-MISC-80508, CDRL A004. C. As required by individual TDOs, the Contractor shall provide the COR with a detailed Close-Out Report that includes an overview of the TDO tasks including timelines, actions, activities, and lessons learned no later than 30 days prior to the end of the TDP IAW DI-MSC-80508, CDRL A005. D. During the final 60 day period of each TDO effort, the Contractor shall promptly provide to the COR all documentation and work-in-progress applicable to the TDO effort, return any Government furnished property in its possession, and identify all required passwords utilized in connection with the TDO. The Contractor shall make no further changes to passwords without notification to the COR. 19.0 CONTRACT ADMINISTRATION. The Contractor shall provide all its own necessary administrative support to successfully accomplish the requirements of this PWS including management, word processing, accounting, secretarial, and administrative labor. 19.1 The Contractor shall prepare a Work Plan IAW DI-MGMT-81117, CDRL A002 for every TDO issued, which shall delineate the Contractor's approach for accomplishment of the work. This Work Plan will be approved by the Government prior to the Contractor expending any effort on the task, except that work can begin before Work Plan approval when the Government determines that the urgency of the task is such that any delay would not be in the Government's best interest. The Contracting Officer or COR may authorize the Contractor to begin work before Work Plan approval. 19.2 The Contractor shall prepare a comprehensive monthly status and progress report IAW DI-MGMT-80227, CDRL A001, at the overall contract level and for each TDO. 19.3 The Contractor shall prepare a Training Report which identifies the status of mandatory training IAW DI-MISC-80508, CDRL A006, for each TDO. 19.4 The Contractor shall ensure that all personnel in-processing and out-processing requirements, such as security clearances, personnel badges and vehicle registrations are completed. The Contractor shall comply with AR 25-2, AR 380-67, AR 385-10, DoD and Army security regulations, and local Standard Operating Procedures (sops) and guidelines as required and applicable. These regulations/policies/guidance will be made available upon assignment to the responsible organization. 20.0 MEETINGS. 20.1 Kick-Off Meeting: The Contractor shall perform a kick off meeting within 10 days of contract award. The Meeting will include the Contracting Officer, the COR/CORs, the Contractor Project Team, and the Government Project Team and their representatives. 20.2 Other Meetings: The Contractor shall attend, participate in, contribute to and/or conduct meetings in accordance with the requirements and schedule of the individual project/program and applicable TDO. Meetings may include CS/IT Briefings, General Staff Meetings/Briefings, TDO Status/Update meetings, and TDO subject specific meetings. 21.0 PERFORMANCE OBJECTIVES METRICS. The performance objectives and metrics discussed below have been established for utilization under this contract and subsequent TDOs. The contract performance metrics are set forth at Appendix E, Performance Requirements Summary Matrix. Individual TDOs may establish a Performance Requirements Matrix at a higher acceptable quality level. 21.1 Appendix E, Performance Requirements Summary Matrix. This performance-based service contract incorporates the following performance objectives: (1) Delivery of high quality technical performance; (2) Adherence to TDO schedules, milestones, and delivery requirement s; (3) Efficient and effective control of labor resources; and (4) Establish appropriate and proficient business relations. It is the Contractor's responsibility to employ the necessary resources to ensure accomplishment of these objectives. The Government's assessment of the Contractor's performance in achieving these objectives will utilize the standards, acceptable quality levels, surveillance methods, and performance assessments described in the Performance Requirement s Summary Matrix. The performance assessments will be in accordance with Federal Acquisition Regulation (FAR), Part 37 and Part 42. 21.2 The performance objectives, standards, and acceptable quality levels in this contract shall be applied on the basis of each individual TDO. The Government will conduct informal performance review sessions with the Contractor's Program/TDO Manager to identify any active TDO performance that is not meeting the acceptable quality levels. These sessions will provide the Contractor a fair opportunity and adequate time to improve its performance level and will occur at a minimum of annually as part of the past performance evaluations and contract quality assurance actions required by FAR 42.1502, 46.l02 and 46.l04. 21.3 The Control of Labor Resources criteria will be reflected under the "Cost" category of the performance assessment. Although the criterion of Management of Key Personnel is not specifically included in the Performance Requirements Summary Matrix, the overall performance assessment will continue to include this criterion. 21.4 The Contractor will be notified, in writing, of the Government's determination of its performance level for each performance objective including all instances where the Contractor failed to meet the acceptable quality level. 22.0 CONTRACT MANPOWER REPORTING (CMR). The Secretary of the Army has required all Army contracting agencies comply with the "Accounting for Contractor Man-hours" memo dated 7 January 2005. The Contractor shall report manpower and cost data into the Army's contractor manpower database as described below. 22.1 Accounting for Contractor Man-Hours: The Army's Office of the Assistant Secretary of the Army (Manpower & Reserve Affairs) operates and maintains a secure Army data collection site where the Contractor shall report ALL Contractor manpower (including subcontractor manpower) required for performance of this contract. The Contractor is required to completely fill in all the information in the site's format using the following web address https://cmra.army.mil/. The required information includes: a. Contracting Office, Contracting Officer, Contracting Officer's Technical Representative; b. Contract number, including task and delivery order number; c. Beginning and ending dates covered by reporting period; d. Contractor Company name, name of Contractor employee entering data, Government office address; phone number and e-mail address; e. Estimated direct labor hours (including subcontractors); f. Estimated direct labor dollars paid this reporting period (including subcontractors); g. Total payments (including subcontractors); h. Predominant Federal Service Code (FSC) reflecting services provided by Contractor (and separate predominant FSC for each subcontractor if different) - for this work, the code is "D" for Information Technology; i. Estimated data collection cost; j. Organizational title associated with the Unit Identification Code (UIC) for the Army Requiring Activities; k. Locations where Contractor and sub-Contractors perform the work (specified by zip code in the United States and nearest city, country, when in an overseas location, using standardized nomenclature provided on website); l. Presence of deployment or contingency contract language; and m. Number of Contractor, and subcontractor employees deployed in theater this reporting period (by country). As part of its submission, the Contractor shall also provide the estimated total cost (if any) incurred to comply with this reporting requirement. The Reporting period will be the period of performance, not to exceed 12 months ending September 30 of each Government fiscal year and must be reported upon contract award and annually thereafter (by 31 October of each calendar year) for the duration of the contract. The Contractor may use a direct XML data transfer to the database server or fill in the fields on the website. The XML direct transfer is a format for transferring files from a Contractor's systems to the secure web site without the need for separate data entries for each required data element at the web site. The specific formats for the XML direct transfer may be downloaded from the web site. NOTE: ALL POTENTIAL BIDDERS ARE REQUIRED TO SUBMIT CAPABILITY STATEMENTS WITH THEIR RESPONSES.
- Web Link
-
FBO.gov Permalink
(https://www.fbo.gov/notices/e0358e10b3afe3bc6b4704a6285bf247)
- Place of Performance
- Address: Redstone Arsenal, Huntsville, Alabama, 35898, United States
- Zip Code: 35898
- Zip Code: 35898
- Record
- SN04338252-W 20161201/161129234337-e0358e10b3afe3bc6b4704a6285bf247 (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |