Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
SAMDAILY.US - ISSUE OF DECEMBER 06, 2019 SAM #6581
SOLICITATION NOTICE

U -- SOFTWARE CM: STRATEGIES, TECHNIQUES & TOOLS� &

Notice Date
12/4/2019 12:41:47 PM
 
Notice Type
Combined Synopsis/Solicitation
 
NAICS
611430 — Professional and Management Development Training
 
Contracting Office
NAVAL SURFACE WARFARE CENTER PANAMA CITY BEACH FL 32407 USA
 
ZIP Code
32407
 
Solicitation Number
N6133120QVT11
 
Response Due
12/11/2019 7:00:00 AM
 
Archive Date
12/26/2019
 
Point of Contact
Vincent J. Tomasi, Phone: 8502355067
 
E-Mail Address
vincent.j.tomasi@navy.mil
(vincent.j.tomasi@navy.mil)
 
Small Business Set-Aside
WOSB Women-Owned Small Business (WOSB) Program Set-Aside (FAR 19.15)
 
Description
SOLE SOURCE MEMORANDUM TO ACQUIRE CMPIC COURSE 8“SOFTWARE CM: STRATEGIES, TECHNIQUES & TOOLS” &"CONFIGURATION MANAGEMENT COURSE 12"(PURCHASEREQUEST 1300824392, 1300825218)1. Identification of the agency and the contracting activity, and specific identificationof the document as a “Limited Source Justification.”This is a WOSB sole source justification. Contracting activity is the Naval SeaSystems Command, Naval Surface Warfare Center, Panama City Division (NSWCPCD), 110 Vernon Avenue, Panama City, FL 32407-7001 (Contracts Department Code02).2. Nature and/or description of the action being approved.This action will award a firm fixed price purchase order to CMPIC, LLC, 100 Lake Dr,Forest, VA 24551.3. A description of the supplies or services required to meet the agency’s needs(including the estimated value).On-site training of Software CM strategies, techniques, and tools - courses eight and 12.These four-day courses provide a basic introduction to the theory, principles, andtechniques of Software Configuration Management (SCM) in respect to software lifecycle.TheD caoyu r1se - SoCutMlin eF oshuanldl abtei oans sfollows:? Defining our Terms? Development Approaches? Evolution of SCM? Demo and Discuss Workshop: 3G/4G Capabilities? Core SCM Finctions? SCM Infrastructure? SCM WorkflowDay 2 - SCM Structures? Identity and Structure? Streams and Branches? Branching Strategy? Demo and Discuss Workshop: Branching Strategies? Requirements? Documentation? ReportingDay 3 - SCM Dynamics? Version Control? Change Control? Build Management? Demo and Discuss Workshop: Build Strategies? Test Management? Release Management? Dependency ManagementDay 4 - SCM Implementation? Standards and Frameworks? SCM Planning? Infrastructure Evaluation? Demo and Discuss Workshop: SCM Strategies? Technology and Tool Evaluation? SCM Implementation? Survey and Feedback? Certification ExamThis acquisition will be conducted using simplified acquisition procedures with a total estimatedvalue of $38,412.50. The Government's minimum needs have been verified by the certifyingtechnical and requirements personnel. This memo does not authorize acquisition for otherrequirements. This purchase will be funded with Navy Working Capital funding.4. Identification of the justification rationale and, if applicable, a demonstration of theproposed contractor’s unique qualifications to provide the required supply or service.10 U.S.C. 2304(c) (5) - Sole source awards under the WOSB Program, FAR 6.302-5(a)(7).NSWC PCD has many new professionals, many of whom are not overly familiar with SoftwareConfiguration Management. These courses are required as it is a basic introduction to thetheory, principles, and techniques of Software Configuration management. This CMPICtraining is owned and taught by CMPIC as it is proprietary.5. A determination by the ordering activity contracting officer that the order represents thebest value consistent with FAR 13.106-1(b).The Contracting Officer has determined that the order represents the best value and results inthe lowest overall cost alternative (considering price, reoccurring cost, administrative costs,engineering and redesign costs, etc.) to meet the Government’s needs.6. A description of the market research conducted among schedule holders and the results ora statement of the reason market research was not conducted.This action requires synopsis to be posted on theFederal Business Opportunities (FEDBIZOPPS) website per FAR 5.2. No additionalmarket research was conducted for the reasons discussed in paragraph 4 above.7. Any other facts supporting the justification: None.8. A statement of the actions, if any, the agency may take to remove or overcome anybarriers that led to the restricted consideration before any subsequent acquisition for thesupplies or services is made.As stated in paragraph 4 above, CMPIC, LLC is the only company that can meet therequirement.Section C - Specifications Minimum Requirements for Access to Controlled Unclassified Information (CUI): Prior to access contractor personnel requiring access to DON controlled unclassified information (CUI) or "user level access to DON or DoD networks and information systems system security and network defense systems or to system resources providing visual access and/or ability to input delete or otherwise manipulate sensitive information without controls to identify and deny sensitive information" contractors must have clearance eligibility or submit an Electronic Questionnaire for Investigation Processing (SF 86) to NSWC PCD Security for processing and subsequent adjudication by the DOD Consolidated Adjudications Facility. Minimum Protection Requirements for Controlled Unclassified Information: Security classification guides (OPNAVINST 5513 series) and unclassified limited documents (e.g. FOUO Distribution Statement Controlled) are not authorized for public release and therefore cannot be posted on a publicly accessible webserver or transmitted over the Internet unless appropriately encrypted.Controlled Unclassified Information (CUI): Controlled unclassified information (CUI) is official information that requires the application of controls and protective measures for a variety of reasons and has not been approved for public release to include technical information proprietary data information requiring protection under the Privacy Act of 1974 and Government-developed privileged information involving the award of contracts. CUI is a categorical designation that refers to unclassified information that does not meet the standards for National Security Classification under Executive Order 13526 but is (a) pertinent to the national interest of the United States or to the important interests of entities outside the Federal Government and (b) under law or policy requires protection from unauthorized disclosure special handling safeguards or prescribed limits on exchange or dissemination. For Official use Only (FOUO) is a document designation not a classification. This designation is used by Department of Defense (DoD) and a number of other federal agencies to identify information or material which although unclassified disclosure to the public of the information would reasonably be expected to cause a foreseeable harm to an interest protected by one or more provisions of the FOIA. This includes information that qualifies for protection pursuant to the provisions of the Privacy Act of 1974 as amended. FOUO must be marked controlled and safeguarded in accordance with DoD 5200.01 Vol. 4 DoD Information Security Program: Controlled Unclassified Information (CUI) February 24 2012 Security of Unclassified DoD Information on Non-DoD Information Systems (DoD 8582.01)DoD policy: adequate security be provided for all unclassified DoD information on non-DoD information systems. Appropriate requirements shall be incorporated into all contracts grants and other legal agreements with non-DoD entities.Information Safeguards are applicable to unclassified DoD information in the possession or control of non-DoD entities on non-DoD information systems to the extent provided by the applicable contract grant or other legal agreement with the DoD.Information Safeguards Unclassified DoD information that has not been cleared for public release may be disseminated by the contractor grantee or awardee to the extent required to further the contract grant or agreement objectives provided that the information is disseminated within the scope of assigned duties and with a clear expectation that confidentiality will be preserved. Examples include:a. Non-public information provided to a contractor (e.g. with a request for proposal)b. Information developed during the course of a contract grant or other legal agreement (e.g. draft documents reports or briefings and deliverables)c. Privileged information contained in transactions (e.g. privileged contract information program schedules contract-related event tracking)It is recognized that adequate security will vary depending on the nature and sensitivity of the information on any given non-DoD information system. However all unclassified DoD information in the possession or control of non-DoD entities on non-DoD information systems shall minimally be safeguarded as follows: a. Do not process unclassified DoD information on publically available computers (e.g. those available for use by the general public in kiosks or hotel business centers) b. Protect unclassified DoD information by at least one physical or electronic barrier (e.g. locked container or room logical authentication or logon procedure) when not under direct individual control of an authorized user. c. At a minimum overwrite media that have been used to process unclassified DoD information before external release or disposal. d. Encrypt all information that has been identified as CUI when it is stored on mobile computing devices such as laptops and personal digital assistants compact disks or authorized removable storage media such as thumb drives and compact disks using the best encryption technology available to the contractor or teaming partner. e. Limit transfer of unclassified DoD information to subcontractors or teaming partners with a need to know and obtain a commitment from them to protect the information they receive to at least the same level of protection as that specified in the contract or other written agreement. f. Transmit e-mail text messages and similar communications containing unclassified DoD information using technology and processes that provide the best level of privacy available given facilities conditions and environment. Examples of recommended technologies or processes include closed networks virtual private networks public key-enabled encryption and transport layer security (TLS) g. Encrypt organizational wireless connections and use encrypted wireless connections where available when traveling. If encrypted wireless is not available encrypt document files (e.g. spreadsheet and word processing files) using at least application-provided password protected level encryption. h. Transmit voice and fax transmissions only when there is a reasonable assurance that access is limited to authorized recipients. i. Do not post unclassified DoD information to website pages that are publicly available or have access limited only by domain or Internet protocol restriction. Such information may be posted to website pages that control access by user identification and password user certificates or other technical means and provide protection via use of TLS or other equivalent technologies during transmission. Access control may be provided by the intranet (vice the website itself or the application it hosts) j. Provide protection against computer network intrusions and data exfiltration minimally including: (1) Current and regularly updated malware protection services e.g. anti-virus anti-spyware. (2) Monitoring and control of both inbound and outbound network traffic (e.g. at the external boundary sub-networks individual hosts) including blocking unauthorized ingress egress and exfiltration through technologies such as firewalls and router policies intrusion prevention or detection services and host-based security services. (3) Prompt application of security-relevant software patches service packs and hot fixes. k. Comply with other current Federal and DoD information protection and reporting requirements for specified categories of information (e.g. medical proprietary critical program information (CPI) personally identifiable information export controlled) as specified in contracts grants and other legal agreements. l. Report loss or unauthorized disclosure of unclassified DoD information in accordance with contract grant or other legal agreement requirements and mechanisms. m. Do not use external IT services (e.g. e-mail content hosting database document processing) unless they provide at least the same level of protection as that specified in the contract or other written agreement.Operations SecurityOperations Security (OPSEC) is concerned with the protection of critical information: facts about intentions capabilities operations or activities that are needed by adversaries or competitors to bring about failure or unacceptable consequences of mission accomplishment.Critical information includes information regarding: - Operations missions and exercises test schedules or locations; - Location/movement of sensitive information equipment or facilities; - Force structure and readiness (e.g. recall rosters); - Capabilities vulnerabilities limitations security weaknesses; - Intrusions/attacks of DoD networks or information systems; - Network (and system) user IDs and passwords; - Movements of key personnel or visitors (itineraries agendas etc.); and - Security classification of equipment systems operations etc.The contractor subcontractors and their personnel shall employ the following countermeasures to mitigate the susceptibility of critical information to exploitation when applicable: - Practice OPSEC and facilitate OPSEC awareness; - Immediately retrieve documents from printers assessable by the public; - Shred sensitive and Controlled Unclassified Information (CUI) documents when no longer needed; - Protect information from personnel without a need-to-know; - When promulgating information limit details to that essential for legitimacy; - During testing and evaluation practice OPSEC methodologies of staging out of sight desensitization or speed of execution whenever possible.Section F - Deliveries or performance F.O.B. 52.247-34 Destination Section G 252.232-7003252.232-7006 Section I - Contract Clauses52.204-1052.204-22 Alternative Line Item Proposal (Jan 2017)52.204-25 Prohibition on Contracting for Certain Telecommunications and Video Surveillance Services or Equipment.52.204-13 System for Award Management Maintenance JUL 201352.209-652.211-1552.217-852.217-9 52.212-4 Contract Terms and Conditions -- Commercial Items (May 2015)52.222-52 Exemption from Application of the Service Contract Labor Standards to Contracts for Certain Services--Certification52.212-5 Contract Terms and Conditions Required to Implement Statutes or Executive Orders -- Commercial ItemsPreselected:52.203-19 Prohibition on Requiring Certain Internal Confidentiality Agreements or Statement (Jan 2017)52.204-1052.209-10 Prohibition on Contracting with Inverted Domestic Corporations (Nov 2015)52.233-3 Protest After Award (Aug 1996)52.233-4 Applicable Law for Breach of Contract Claim (Oct 2004) Select as Applicable for Set Aside Type:52.219-30 WOSB Sole sourceRequired:52.222-50 Combatting Trafficking in Persons (Mar 2015)52.223-18 Encouraging Contractor Policies to Ban Text Messaging While Driving (Aug 2011) 52.232-33 Payment by Electronic Funds Transfer--System for Award Management JUL 201352.222-53, Exemption from Application of the Service Contract Labor Standards to Contracts for Certain Services--Requirements (May 2014) (41 U.S.C. chapter 67).52.222-5352.232-39 Unenforceability of Unauthorized Obligations (Jun 2013)52.232-40 Providing Accelerated Payments to Small Business Subcontractors (Dec 2013) 52.243-1 Changes Fixed-Price52.246-4252.203-7000 Requirements Relating to Compensation of Former DoD Officials (SEP 2011)252.203-7002 Requirement to Inform Employees of Whistleblower Rights (Sep 2013) 252.204-7003 Control of Government Work Product (Apr 1992) 252.204-7008 Compliance with Safeguarding Covered Defense Information Controls (Oct 2016)252.204-7009 Limitations on the Use or Disclosure of Third-Party Contractor Reported Cyber Incident Information252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting (Oct 2016)252.204-7015 Notice of Authorized Disclosure of Information by Litigation Support (May 2016)252.213-7000 Notice to Prospective Suppliers on Use of Supplier Performance Risk System in Past Performance Evaluations (MAR 2018)252.225-7048 Export Controlled Items (Jun 2013)252.232-7010 Levies on Contract Payments (Dec 2006)252.247-7023 Transportation of Supplies by Sea (Apr 2014)252.215-7013252.247-702352.252-2Section K - Representations52.203-18 Prohibition on Contracting with Entities that Require Certain Internal Confidentiality Agreements or Statements--Representation (Jan 2017)52.204-852.204-19 Incorporation by Reference of Representations and Certifications (Dec 2014)52.204-24 Representation Regarding Certain Telecommunications and Video Surveillance Services or Equipment.52.209-11 Representation by Corporations Regarding Delinquent Tax Liability or a Felony Conviction (Feb 2016) Section L - Instructions Conditions and Notices to Bidders52.212-2 Evaluation Factors based on best value to the Government.52.217-5 Evaluation of Options52.211-14 Notice of Priority Rating for National Defense, Emergency Preparedness, and Energy Program Use (Apr 2008)
 
Web Link
SAM.gov Permalink
(https://beta.sam.gov/opp/3bd324d8d0ad418eb31856c192b268c3/view)
 
Place of Performance
Address: 54725, FL 32407, USA
Zip Code: 32407
Country: USA
 
Record
SN05508684-F 20191206/191204230256 (samdaily.us)
 
Source
SAM.gov Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's SAM Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.