R -- R -- COMMERCIAL FINANCIAL INFORMATION DATABASE

Notice Date

April 10, 2001

Contracting Office

Department of the Treasury, Internal Revenue Service (IRS), National Office Procurement (A:P), 6009 Oxon Hill Road, Suite 700, Oxon Hill, MD, 20745

ZIP Code

20745

Solicitation Number

TIRNO-01-Q-00108

Response Due

May 22, 2001

Point of Contact

Helen Carmona, Contract Specialist, Phone 202-283-1145, Fax 202-283-1514, Email helen.d.carmona@irs.gov -- Helen Carmona, Contract Specialist, Phone 202-283-1145, Fax 202-283-1514, Email

E-Mail Address

Helen Carmona (helen.d.carmona@irs.gov)

Description

The IRS intends to make award, on a sole-source basis, to STANDARD & POORS, to provide commercial financial databases (COMPUSTAT). It is anticipated that a firm, fixed-price contract will be awarded for these services. The performance period will be for 12 mos. from the award date, with 4 one-year option periods. Award is anticipated by Oct. 1, 2001. The Standard Industrial Classification/North American Industry Classification System (SIC/NAICS) code for these services is 523210; the sm. business size standard is $5,000,000. Numbered Note 22 applies to this acquisition. The Large and Mid-Size Business (LMSB) Division of the IRS requires access to commercial financial databases. Users include Economists, Research Analysts, International Examiners, Engineers, Large Case Examiners and others in LMSB. Information from these databases is necessary for the identification of workload, identification of issues, specific issue development (e.g. inter-company pricing and valuation issues), support of the pre-filing program, examination case reviews, and general industry research. The databases shall provide information in a standardized format on individual, publicly traded companies. The financial databases shall be derived primarily from company financial statements and SEC filings. The databases shall be searchable using SIC/NAICS codes, key words, and various other parameters. Access to financial information database information is provided to approximately 1000 LMSB employees via stand-alone desktop computers located in 49 IRS locations throughout the USA. Current users of the information generally work outside their IRS office. As a result they do not have direct access to the financial information. These employees have Pentium laptop computers running Windows NT. In addition, each employee can access the Intranet/Internet by dialing over a phone line, using encrypted modem technology, into a service point having a secure-dial-in communication server. Other users working outside of an IRS office have Pentium desktop computers with encrypted modem technology. Other potential users include approximately 3000 Engineers, Large Case Examiners and others in IRS LMSB Division. Users working outside of an IRS office would access database information by dialing over a phone line using encrypted modem technology into a regional service point having a secure-dial-in communication server. The request would pass through regional servers and through the IRS firewall; the data would be routed back through the firewall to the server and back out to the requester. Access to the financial information system shall: be usable on laptop and desktop computers with minimal hardware requirements; support secure dial-in and other appropriate security requirements for access; accommodate our evolving infrastructure; offer various types of user training on an ongoing basis; and be easy to use. The financial databases shall include, but are not limited to: Financial, statistical and market information, including income statements, balance sheets, changes in financial positions, and supplementary data, on industrial and non-industrial companies for the most recent 15 -- 20 yr. period. The companies shall include the largest and most significant firms listed on the New York Stock Exchange, American Stock Exchange and the Regional Stock Exchanges, as well as firms trading over the counter or trading solely in Canada. The data shall include inactive and active companies. Financial, statistical and market information covering the largest and most significant international companies operating outside of the US and Canada for the most recent 15 -- 20 yrs. Information shall include what is available from Form 10-K (Annual) and 10-Q (Quarterly) reports as filed with the Security and Exchange Commission. In addition, information shall include business descriptions; industry and business trends and projections, company SIC/NAICS codes, etc. The data available shall be standardized for comparability consistent with the standards and regulations of various recognized accounting principles and practices. The database shall include the company name, address and telephone number, and the names and addresses for up to four top officers, updated on a monthly basis. The databases shall allow the identification/selection of available company financial data: by searching on specific criteria such as SIC/NAISC codes, location, and stock exchange, by keyword search of business description and other significant database information. The databases shall allow the development and analysis of reports for key financial data and ratios. The databases shall have the ability to link to Microsoft Excel spreadsheet applications. The product shall be available using modem and dial-up networking connections. Access shall be via local and or toll free on-line telephone numbers. The product shall also be available on CD-ROM media for archive purposes at various IRS locations. Future enhancements (products/services) provided to the Vendor's commercial customers at no cost shall accrue to the government at no cost. Future enhancements (products/services) provided to the Vendor's commercial customers at an additional charge shall be offered to the government at a rate equal to or less than the commercial rate. The government reserves the right to accept or reject the enhancement offer. SECURITY REQUIREMENTS -- The IRS operates a large network comprising a nationwide telecommunications environment that connects approximately 1,000 locations, and over 100,000 networked workstations. Access to resources on this network is restricted and controlled to provide the maximum protection to IRS information. The protective measures include firewalls, protective routers, encryption equipment conforming to Federal standards, and tight controls on the workstations and the programming that runs on them. The network provides security at the level formerly designated as "C-2". This contract has an expectation that there will be connections established between the IRS network and the vendor's network and computing systems. The IRS is committed to providing access to needed services to all of its employees and fully supports implementation of Section 508. This implies that all content should be available, at least as an option, in formats that can be reasonably accommodating to provide service to hearing and/or vision impaired employees. Requirements to open TCP/IP ports to support other content are tightly restricted. This has included bars on several popular technologies, including UUCP, NFS, POP, and X protocols. All port usage should be documented prior to use. Where the use of specific, different client software programs, including "extensions" are planned, they must undergo the IRS Certification and Accreditation process, that includes the development of a Privacy Impact Assessment, a Risk Assessment, Security Plan, Security Test, Configuration Management plan, and other documentation to permit IRS assessment of the effects of the program in its environment. Use of persistent cookies and use of other methods to collect information about IRS users is prohibited, unless documented and approved prior to use. The site shall provide warning banners sufficient to meet the requirements detailed in the Privacy Impact Assessment for the system. Connectivity may be achieved by various technical means as appropriate for this contract. Where appropriate, IRS employees may access non-sensitive information using connections from the IRS located workstations through the Treasury firewall to the public Internet. These accesses are subject to the restrictions on delivery points cited above under 'Restrictions' on workstations processing. IRS-to-vendor through "linked" networking connection. Where appropriate and necessary, IRS employees may access non-sensitive information using connections from the IRS located workstations through a Treasury firewall to vendor's computer system network. These accesses are subject to the restrictions on delivery points cited above under 'Restrictions' on workstation processing. Requirements for line speed and terminations shall be defined in the documentation. The points of presence for connection to the IRS network will be defined. Non-networked IRS to vendor provided connections: Where appropriate and necessary, IRS employees may be provided computer systems that are not capable of being IRS connected, but which can access the vendor's network, through for instance direct modem connections or through the a non-IRS ISP and the Internet. These accesses should avoid the prohibitions cited above under 'Restrictions' on workstation processing. Requirements for these kinds of connections shall be defined in the documentation, along with any additional costing and risks to these workstations. Restrictions on Vendor Systems and Information: Administration of access controls -- Where user accounts and passwords are to be established as the means of access control, consideration must be given to their standards, how accounts are established, managed, terminated, and protected. The vendor shall describe the management scheme used for the maintenance of passwords in the event of loss or compromise. IRS user-id standards are comprised of a six alphabetic character and two numeric character string-based on the employee's name and location. It is preferred to use a user-id based on this standard to minimize user record keeping. IRS password standards are that the password should be composed of a mixture of upper case, lower case, and numeric characters and should range from between 8 and 14 characters. IRS password standards require an aging of passwords at periods ranging from 90 days to six months, depending upon the sensitivity of the system. Some IRS systems impose minimum password aging ranging from 1 day to 90 days. Cyber Security Operations: At all times the vendor shall maintain adequate security controls to protect any IRS information from disclosure other than as approved. In the event of any breach of security, the vendor shall notify as soon as practical, the IRS COTR, and as soon as practical, but within 24 hrs the IRS CERT at a phone number that will be provided. System Access should be available via the following methods: Internet Access -- The IRS requires secure access to a commercial web-server maintained by the Vendor. This secure access may be accomplished through the installation of a dedicated T1 circuit (or multiple fractional T1 circuits from regional access points) between selected nodes on the Vendor's network and the IRS Intranet, along with the installation of routers and appropriate 'firewall' software. The product shall be accessible using standard web browser software. The Vendor shall ensure that any web-based service eliminates any security concerns regarding the use of Java applets, ActiveX or similar client-side processing. Windows access (Windows 95/98/NT): The IRS requires the product to be available using modem and Dial-Up Networking connections. Modem access shall be available at the fastest commercially available speed that is compatible with IRS equipment; slower modem speeds shall also be accommodated. Access shall be via local and/or toll-free, on-line phone numbers. The Vendor shall support PPP and/or SLIP accesses protocols. Any Windows NT-based software shall be compatible with 32-bit architecture. No telephone inquiries will be accepted. Forward all inquiries to this e-mail address: helen.d.carmona@irs.gov and reference

Web Link

Visit this URL for the latest information about this (http://www.eps.gov/cgi-bin/WebObjects/EPS.woa/wa/SPF?A=P&P=TIRNO-01-Q-00108&L=1764)

Record

Loren Data Corp. 20010412/RSOL016.HTM (D-100 SN50I7X0)