Loren Data Corp.

'

  
COMMERCE BUSINESS DAILY ISSUE OF DECEMBER 26, 2000 PSA #2754
SOLICITATIONS

D -- WEB-BASED COMPUTER SECURITY CERTIFICATION AND ACCEDITATION

Notice Date
December 21, 2000
Contracting Office
Department of Veterans Affairs (381), Austin Automation Center, 1615 E. Woodward St., Austin, TX 78772
ZIP Code
78772
Solicitation Number
101-01-1
Response Due
January 15, 2001
Point of Contact
Jay D. Anderson, Computer Specialist, email: Jay.Anderson@mail.va.gov
E-Mail Address
Click here to contact the point of contact by email (Jay.Anderson@mail.va.gov)
Description
The Department of Veteran Affairs InfoSec Program has an immediate requirement for a web-based application. The application will help prepare documents to support VA's security certification and accreditation (C&A) process. The application will reduce the time, effort, and expense to prepare C&A documents necessary for the development and management of VA IT Systems. The software should ensure compliance with civilian sector Government standards as described in general NIST C&A guidance, newly revised OMB A-130, CSA, FIPS 102 (and upcoming re-write), NIACAP, Common Criteria (CC), and the Clinger-Cohen Act. The software should be extensible by allowing the incorporation of VA policies and guidance. It should assist in providing necessary guidance and include the documentation templates necessary to support a complete and meaningful security certification and accreditation program. The software should simplify certification and accreditation and reduce costs by guiding users through easy-to-follow steps to determine vulnerability levels and assess network and system configuration compliance with VA guidance. The software should generate appropriate test procedures, process results, determine vulnerabilities, produce a risk assessment, and allow one to automatically publish a complete C&A documentation package known as a System Securty Authorization Agreement (SSAA) -- see the National Information Assurance Certification and Accreditation Process (NIACAP) document NSTISSI No.1000, April 2000. The accumulation of C&A data including configuration information on specific information systems makes this application sensitive. The contractor needs to discuss security capabilities and features that would be available. Offeror's who believe they can meet this requirement are required to submit in writing an affirmative response demonstrating an ability to provide a web-based certification and accreditation application for VA. All written responses must include a written narrative statement of capability, including detailed technical information demonstrating their ability to meet the above requirements. The response must be sufficient to permit agency analysis to establish a bona fide capability to meet the requirements. A determination by the Government not to open the requirement to competition based upon responses to this notice is solely within the discretion of the Government. Affirmative written responses must be received no later than the closing date of this publication of the synopsis. All information in response to this notification must be submitted in writing to the address contained at the header or emailed to Jay.Anderson@mail.va.gov, subject: CBD Response -- Web-Base C&A Software.
Record
Loren Data Corp. 20001226/DSOL011.HTM (W-356 SN5094H3)

D - Automatic Data Processing and Telecommunication Services Index  |  Issue Index |
Created on December 21, 2000 by Loren Data Corp. -- info@ld.com