SPECIAL NOTICE
R -- Notice of Intent- Cybersecurity Risk Management and Assessment (CRMA)
- Notice Date
- 10/25/2023 10:27:40 AM
- Notice Type
- Special Notice
- NAICS
- 541512
— Computer Systems Design Services
- Contracting Office
- ATTN: MS S84 - OCS SPRINGFIELD VA 22150-7500 USA
- ZIP Code
- 22150-7500
- Solicitation Number
- HM0476-18-F-0215_102023
- Response Due
- 11/9/2023 9:00:00 AM
- Archive Date
- 11/24/2023
- Point of Contact
- Claudia Figueroa
- E-Mail Address
-
claudia.g.figueroa@nga.mil
(claudia.g.figueroa@nga.mil)
- Description
- Notice of Intent to Sole Source - Cybersecurity Risk Management and Assessment (CRMA) Pursuant to Federal Acquisition Regulation (FAR) 6.302-1, the National Geospatial-Intelligence Agency�s (NGA) Office of Contract Services (OCS) plans to award a sole source modification. The anticipated modification will be established as a hybrid contract Level-of-Effort, Firm-Fixed-Price, CLINs with a period of performance of a three (3)-month Base, five (5) month Options, to Deloitte Consulting LLC, located at 1919 N. Lynn Street, Suite 800, Arlington, Virginia, 22209. This sole-source modification will be awarded to support the Cybersecurity Risk Management and Assessment (CRMA) Order HM0476-18-F-0215.� Deloitte Consulting LLC is the only responsible source to provide CRMA support services within the required timeframe, without unacceptable delays in fulfilling the Agency�s mission- critical cybersecurity requirements.� This action will allow NGA/OCS the opportunity to complete the competitive award of a new contract that is currently in progress, and will ensure sufficient transition.� This extension will be effective from 18 December 2023 through 17 August 2024.� The NGA/CIO-T requires cybersecurity services to protect and defend against network cyber-attacks. Cybersecurity services must provide information assurance measures that protect and defend information and information systems (IS) by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. These measures include providing for restoration of information systems by incorporating protection, detection, and reaction capabilities.� The current contractor, Deloitte Consulting LLC, has the operational capability in place to provide for continuous cybersecurity support services to NGA�s Office of the Chief Information Officer (CIO) and Information Technology Services Directorate (CIO-T).� CIO-T�s mission is to safeguard the NGA mission through collaborative, forward-leaning, and risk-balanced solutions, by providing cybersecurity assessment and authorization, risk management, and Blue Team/information system security automation and optimization services, to ensure trust in GEOINT services and data.� NGA has defined and implemented a Risk Management Framework (RMF) based on National Institute of Standards and Technology (NIST) standards and Intelligence Community Directives (ICDs), carried out by the CRMA contract.� RMF processes, tasks, and documentation provide the framework upon which NGA manages risk throughout the information system lifecycle.� Assessment and Authorization (A&A) activities, performed using the RMF, are critical to provide NGA authorizing officials with accurate, sufficient, and timely information by which they can make risk-related decisions.� Blue Team assessment services are required to identify vulnerabilities and security gaps in support of A&A and other agency cybersecurity functions.� Finally, an Information System Security Automation and Optimization (ISSA&O) service provides technical solutions for meeting cybersecurity requirements and produces security architectures, designs, solutions, and configuration recommendations. Award to any other source would require a competitive acquisition and award, as well as transition and start-up time that would result in unacceptable delays in fulfilling ongoing critical agency requirements.� Further, this extension will avoid a break in cybersecurity service supporting NGA�s mission-critical risk management operations that protect and defend against network cyber-attacks. �This sole source award will thereby provide continuity of cybersecurity support services under the CRMA Order.��� This Notice of Intent is being published in accordance with FAR 5.2, which requires the dissemination of information on proposed contract actions. This synopsis is a Notice of Intent to issue an award using other than full and open competition and should not be construed as a request for competitive proposals. The determination of the Government not to open the subject requirement to full and open competition was made in accordance with (IAW) 10 U.S.C.2304(c)(1) and 6.302-1(a)(2)(iii)(B), ��Unacceptable delays in fulfilling the agency's requirements.�� A competitive follow-on was awarded on 10 April 2023 and is currently under corrective action as a result of a GAO Protest. For all the reasons stated in the previous paragraphs, NGA believes Deloitte is the only source reasonably available to satisfy the requirements. Other parties may express their interest and provide a capabilities statement to the requirement no later than (NLT)�Thursday, 9 November 2023, at 12:00 p.m. Eastern Standard Time (EST). Timely submitted capabilities statements shall be considered by the agency. A determination not to compete this proposed contract based on this notice is within the discretion of the Government. Responses are required to be sent via email to Claudia.G.Figueroa@nga.mil.
- Web Link
-
SAM.gov Permalink
(https://sam.gov/opp/c1dee25748504d03b8744fda3dd43995/view)
- Place of Performance
- Address: Springfield, VA, USA
- Country: USA
- Country: USA
- Record
- SN06867564-F 20231027/231025230100 (samdaily.us)
- Source
-
SAM.gov Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's SAM Daily Index Page |