Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
SAMDAILY.US - ISSUE OF AUGUST 16, 2023 SAM #7932
SOURCES SOUGHT

R -- Operational Cyber Security Assessment & Engineering Services

Notice Date
8/14/2023 7:28:56 AM
 
Notice Type
Sources Sought
 
Contracting Office
WASHINGTON HEADQUARTERS SERVICES WASHINGTON DC 203011000 USA
 
ZIP Code
203011000
 
Solicitation Number
HQ0034-23-SS-0707MN
 
Response Due
8/12/2023 12:00:00 PM
 
Archive Date
08/25/2023
 
Point of Contact
Marge Niedzwicz, Patricia Watson
 
E-Mail Address
marge.a.niedzwicz.ctr@mail.mil, patricia.a.watson30.civ@mail.mil
(marge.a.niedzwicz.ctr@mail.mil, patricia.a.watson30.civ@mail.mil)
 
Description
This Sources Sought is cancelled Thank you for your interest in this market research effort.� To that end, a request for proposal (RFP) or solicitation will not be issued. As a reminder, the Government reserved the right to use any information provided by respondents for any purpose deemed necessary and legally appropriate, including using technical information provided by respondents in any future requirements. �Thus respondents are advised the Government will not provide or acknowledge receipt of the information received, provide feedback to firms with respect to any information submitted, or provide any follow-up information to include responding to follow-up emails. Washington Headquarters Services Raven Rock Mountain Complex (RRMC) Facility Related Control Systems (FRCS) Operational Cyber Security Assessment & Engineering Services�� General Information Document Type: Sources Sought Notice Title: Cyber Security Assessments Support Services� Sources Sought Post Date: July 7, 2023 � Sources Sought Response Date: July 12, 2023 at 15:00 PM (Eastern Time) NAICS Code: 541512 � Computer Systems Design Services | Size Standard $34M Product Service Code: R499 Support-Professional *Visit www.sba.gov to learn more about small business size standards and Federal Contracting programs. Sources Sought Notice This Sources Sought Notice is for informational purposes only. It is not to be construed as an obligation on the part of Washington Headquarters Services/Acquisition Directorate (WHS/AD).�� To proactively plan for future requirements, WHS/AD is conducting market research to locate qualified, experienced, and interested parties who have the capability to provide Cyber Security Assessments and Engineering Services under the North American Industry Classification System (NAICS) code assigned to this procurement as 541512 � Computer Systems Design Services with a small business size standard of $34 million. �This requirement has an estimated value of $341,523.78 and an estimated maximum dollar amount of $1,960,112.02. The Government encourages responses from �all� interested, capable business concerns. 8(a) Certified concerns, Historically Underutilized Business Zone (HUBZone) concerns, Service-Disabled Veteran-Owned Small Businesses (SDVOSBs), Women-Owned Small Businesses (WOSBs) and Economically Disadvantaged Women-owned Small Businesses (EDWOSBs)) are encouraged to respond to this notice. Small businesses are defined based on the size standard associated with the NAICS code. The Contracting Officer must determine if there is a reasonable expectation of obtaining offers from two or more responsible small business concerns that are competitive in terms of market prices, quality, and delivery in accordance with FAR 19.502-2(b) and FAR 19.203.� When responding, please also include any capabilities that will be performed through teaming arrangements (i.e., subcontracting and/or joint ventures). If at least two qualified small businesses are identified during this market research stage, any competitive procurement that may result will be conducted as a small business set-aside. This Sources Sought Notice is not a request for proposal (RFP), nor does it restrict the Government as to the final acquisition strategy.� No contract will be awarded from this announcement.� Responses in any form to this Notice are not offers.� Currently no solicitation exists, however a solicitation may be synopsized in the future. �The Government reserves the right to solicit from any business concern resulting from this Sources Sought Notice. �The Government will not reimburse respondents for any costs incurred in the preparation of a response to this Notice. The results of this Sources Sought Notice will assist the Contracting Officer in determining the best strategy for this procurement.� Responses to this Sources Sought Notice may also be used to aid in establishing realistic and achievable small business participation goals.� Background� Washington Headquarters Service (WHS) / Acquisition Directorate (AD) is seeking information on behalf of the Raven Rock Mountain Complex (RRMC) Facility Related Control Systems (FRCS) and other unique standalone networks essential for the protection and availability of the RRMC FRCS OT/IT systems to include but not limited to, Power generation, Uninterrupted Power Systems (UPS), navigation systems, cooling, air and water control data systems. RRMC FRCS�s mission is to provide quality and responsive Cybersecurity, Network, Systems, and Desktop Administration services for the Raven Rock Mountain Complex (RRMC) Facility Related Control Systems (FRCS) and other unique standalone networks.� Ensures highly available and secure network connectivity for electric power generation, Uninterrupted Power Systems (UPS), fuel systems, cooling, air and water control data systems, and other unique standalone systems in support of RRMC, thus providing an enduring platform from where the Department of Defense (DoD) can execute its mission essential functions (MEFs) in support of continuity of operations (COOP). To execute this mission, RRMC FRCS focuses on five (5) mission objectives for Control Systems, namely: Maintain System Availability - Preserving the ability to operate the system at the intended level within the desired time frame. Systems function without interruption. Maintain System Integrity - Ensuring the ability to execute the correct instructions using the correct data at the correct time to preserve the ability to operate the system in the intended way. Maintain Human Safety - Recognizing cybersecurity effects on control systems that impact personnel safety. Preventing injury, including loss of life, through Risk Assessment, Awareness and Training, Protective Technology, and Response Planning. Maintain Environmental Safety - Recognizing cybersecurity effects on control systems that impact environmental safety. Preventing harm to the environment through Governance, Risk Assessment, Awareness and Training, and Response Planning. Maintain Physical Security - Recognizing and securing physical controls that impact control systems. Preventing unauthorized access to a control system environment and preventing damage or tampering with physical assets directly related to the control system environment. Objective/Scope� The objective of this requirement is to conduct cyber assessments: � Utilizing the DoD Risk Management Framework (RMF) in concert with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) assess risk and configuration of the existing FRCS system architecture and other control systems standalone networks. Develop Threat Modeling matrix on FRCS and all RRMC standalone control systems. Assess existing Cyberspace Defense & Incident Response in the FRCS Environment Develop and implement RMF artifacts, Technical Guides, SOPs, and Engineering Drawings. Develop a roadmap/master plan to bring the RRMC FRCS architecture and systems security posture in line with assessment finding and recommendations. Place of Performance� Work performance will primarily be conducted at the RRMC located in Fairfield, Pennsylvania with possible work performed at Government facilities in and outside of the National Capital Region (NCR).� The NCR includes the District of Columbia and neighboring counties and cities of Maryland, West Virginia and Virginia, including Arlington, Loudoun, Fairfax, and Prince William counties in Virginia.� Teleworking may be permitted on Government approved devices or locations authorized for this contract including telework for continuation of work. Critical Task Elements Interested parties submitting a response to this announcement should address the performance of the following Service Requirement Critical Tasks Elements in their capabilities statement. Interested parties are requested NOT to submit marketing materials; but rather, speak directly and specifically to the required capabilities and service requirements critical/tasks elements outlined below: Gap Analysis and Innovation Report - The Contractor shall perform threat modeling to identify potential threats from various perspectives, including attacker, risk, and software points of view with the purpose of creating and maintaining a Threat matrix on RRMCF FRCS and stand-alone OT networks. Threat Matrix - The Contractor shall develop network health and status reports at the end of each network assessment.� Additionally, the contractor shall deliver a detailed FRCS network report that validates existing documentation, identifies any lack of documentation, incorrect documentation, or configuration issues. The report shall provide specific recommendations for future planning and improvements to the networking architecture of the Raven Rock Mountain Complex FRCS network, ensuring the network and connected systems are Information Assurance (IA) compliant while ensuring the functional needs of the facility are met. Collectively, the documents will be referred to as �Reports�. Provide network LAN/WAN design, implementation, consulting and leadership for data and converged communications infrastructure based largely on Juniper, Cisco, and SEL equipment for FRCS IT/OT networks. Anticipated Contract Award Date (If applicable): 4th Quarter Fiscal Year 2023 Anticipated Contract Start Date: 4th Quarter Fiscal Year 2023 Submission Requirements� Interested firms should submit their capability statement.� The capability statement should address your firm�s ability to meet the high-level needs of the task areas identified above. �Capability statements should be no more than 10 pages maximum in �Times New Roman� 12-point font on 8.5 x 11 paper. Respondents must submit documents in Word or PDF format. Neither zipped files will be accepted, nor telephone requests be honored. Vendors must demonstrate their ability to comply with the requirements in this Sources Sought Notice to be considered capable of satisfying the Government�s requirement.� Confidentiality Do not include proprietary, trade secrets, classified, confidential, or sensitive information in your response to this Sources Sought Notice. The Government shall not be held liable for any damages incurred if proprietary information is submitted, as it is clearly stated this type of information shall NOT be submitted. The Government reserves the right to use any information provided by respondents for any purpose deemed necessary and legally appropriate, including using technical information provided by respondents in any resultant solicitation. Responses to this Notice will not be returned. No telephone requests will be honored. All firms responding to this Sources Sought Notice are advised the Government will not provide or acknowledge receipt of the information received, provide feedback to firms with respect to any information submitted, or provide any follow-up information well after the deadline of this Sources Sought Notice. Submission of Responses Interested parties having the capability to provide Cyber Security Assessment Support Services, please submit capability statements to the following contact: marge.a.niedzwicz.ctr@mail.mil and provide a courtesy copy to patricia.a.watson30.civ@mail.mil. Contracting Office Address� Washington Headquarters Services, Acquisition Directorate, 4800 Mark Center, Suite 09F09, Alexandria, VA 22350� Points of Contact Contract Specialist: Marge Niedzwicz Email: marge.a.niedzwicz.ctr@mail.mil Contracting Officer: Patricia Watson Email: Patricia.a.watson30.civ@mail.mil Small Business Specialist: Emily Tarikt Email: emily.a.tarikt.civ@mail.mil
 
Web Link
SAM.gov Permalink
(https://sam.gov/opp/9937fff07ffa4af6921a53ed74161975/view)
 
Place of Performance
Address: Fairfield, PA 17320, USA
Zip Code: 17320
Country: USA
 
Record
SN06789955-F 20230816/230814230057 (samdaily.us)
 
Source
SAM.gov Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's SAM Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.