Cross Domain Enterprise Service (CDES) Testing and Certification & Accreditation (C&A) Support Services
SOURCES SOUGHT ANNOUNCEMENT
The Defense Information Systems Agency (DISA) is seeking sources that can perform Cross Domain Enterprise Service (CDES) Testing and Certification & Accreditation (C&A) Support Services.
CONTRACTING OFFICE ADDRESS:
DISA, Procurement Directorate (PLD) Defense Information Technology Contracting Office (DITCO)-Scott, 2300 East Drive Bldg 3600, Scott AFB, IL 62225-5406
INTRODUCTION:
This is a SOURCES SOUGHT to determine the availability and technical capability of small businesses (including the following subsets, Small Disadvantaged Businesses, HUBZone Firms; Certified 8(a), Service-Disabled Veteran-Owned Small Businesses and Woman Owned Small Business) to provide the required products and/or services.
The DISA Mission Assurance (MA) directorate Cross Domain Solutions (CDS) Program Office is seeking information from potential sources for Cross Domain Enterprise Services (CDES) Testing and C&A Support services. Services include security testing, performance and functional testing, and C&A support.
DISCLAIMER:
THIS SOURCES SOUGHT IS FOR INFORMATIONAL PURPOSES ONLY. THIS IS NOT A REQUEST FOR PROPOSAL. IT DOES NOT CONSTITUTE A SOLICITATION AND SHALL NOT BE CONSTRUED AS A COMMITMENT BY THE GOVERNMENT. RESPONSES IN ANY FORM ARE NOT OFFERS AND THE GOVERNMENT IS UNDER NO OBLIGATION TO AWARD A CONTRACT AS A RESULT OF THIS ANNOUNCEMENT. NO FUNDS ARE AVAILABLE TO PAY FOR PREPARATION OF RESPONSES TO THIS ANNOUNCEMENT. ANY INFORMATION SUBMITTED BY RESPONDENTS TO THIS TECHNICAL DESCRIPTION IS STRICTLY VOLUNTARY.
CONTRACT/PROGRAM BACKGROUND:
Contract/Task Order Number: GS-35F-5151H/ HC1028-10-F-2806
Contract Type: Firm-Fixed Price (FFP) for labor and Cost Reimbursable for Other Direct Costs (ODC)
Incumbent and their size: Artel, Inc., Small Business (currently a Large Business)
Method of Previous Acquisition: Small Business Set-Aside on GSA Advantage
CURRENT PROGRAM/EFFORT:
DISA CDS is responsible for providing the DoD enterprise-wide cross domain capabilities and services. The mission of CDS is mandated by the Chairman Joint Chiefs of Staff Instruction (CJCSI) 6211.02d. The CDES provides hardware, software, and related support for the transfer of information between DoD classified and unclassified networks with high assurance, speed, and integrity. This transfer of information is controlled, secured, and accredited. The CDES capabilities are provided to combatant commands, military services, and defense agencies for a fee. The cross domain technologies used within the enterprise continues to grow and evolve.
DISA CDS requires expertise to ensure its CDES remains secure and continues to comply with the DoD Certification and Accreditation (C&A) requirements. This requirement will provide support in the following areas: Contract Level Management, Testing, and C&A Support. This requires significant collaboration and coordination of an integrated Government (GOV) and multi-contractor team to ensure mission success.
The anticipated Period of Performance (PoP) is September 29, 2015 through September 28, 2016 with four (4) one-year option periods. The majority of work will be performed at the GOV facilities, and some work will be performed at the Contractor's own facilities.
REQUIRED CAPABILITIES:
Responses to this Source Sought shall address the following requirements in support of CDES Testing and C&A:
•1. Describe your experience in providing Contract Level Management Controls Support. The experience should include services required to provide testing and C&A related services for this effort.
•2. Describe your experience in Testing Support. Support shall include providing the expertise needed for different types of testing activities, to ensure the components and subsystems of the CDES are secure and meet DoD Information Assurance (IA) controls requirements. The testing shall include, but is not limit to:
•· Security Test & Evaluation (ST&E)
•· Certification Test & Evaluation (CT&E)
•· Independent Verification and Validation (IV&V)
•· Operational Test & Evaluation (OT&E)
•· Government Acceptant Test (GAT)
•· Performance & Functional Test
Evidence of experience shall also include development test plans, test scenarios, test data, and test reports for cross domain.
•3. Describe your experience in Certification and Accreditation Support. Support shall include the following C&A support to CDES:
•· Creating and updating C&A documentation for all phases of the DoD IA C&A Process (DIACAP)/Risk Management Framework (RMF) and lifecycle updates for CDES systems and customers' requirements;
•· Providing documents in the specified GOV formats and include the required technical information with quality control for high accuracy;
•· Coordinating with respective stakeholders to complete C&A packages; Continuous Monitoring and Risk Scoring (CMRS), Assured Compliance Assessment Solutions (ACAS), and Host Based Security System (HBSS) are required in support of C&A activities and ensure that C&A packages are compliant with all IA controls;
•· Providing support at DoD Cross Domain Technical Advisory Board (CDTAB) and Defense IA/Security Accreditation Working Group (DSAWG) meetings to have CDES customer requirements approved through 4 phases of CDS approval process to achieve Initial Operational Capability (IOC);
•· Providing support at DoD Unified Cross Domain Services Management Office (UCDSMO) and Cross Domain Solutions Element (CDSE) Working Group meetings to improve the process of CDES implementation.
SPECIAL REQUIREMENTS:
All personnel involved with the identified services should have a minimum DoD SECRET clearance.
SOURCES SOUGHT:
The anticipated North American Industry Classification System Codes (NAICS) for this requirement are 541511, with the corresponding size standard of $27.5M. This Sources Sought Synopsis is requesting responses to the following criteria from small businesses that can provide the required services under the NAICS Code.
To assist DISA in making a determination regarding the level of participation by small business in any subsequent procurement that may result from this Sources Sought, you are also encouraged to provide information regarding your plans to use joint venturing (JV) or partnering to meet each of the requirements areas contained herein. This includes responses from qualified and capable Small Businesses, Small Disadvantaged Businesses, Service Disabled-Veteran Owned Small Businesses, Women-owned Small Businesses, HUBZone Small Businesses, and 8(a) companies. You should provide information on how you would envision your company's areas of expertise and those of any proposed JV/partner would be combined to meet the specific requirements contained in this announcement.
In order to make a determination for a small business set-aside, two or more qualified and capable small businesses must submit responses that demonstrate their qualifications. Responses must demonstrate the company's ability to perform in accordance with the Limitations on Subcontracting clause (FAR 52.219-14).
SUBMISSION DETAILS:
Responses should include:
•1) Business name and address;
•2) Name of company representative and their business title;
•3) Type of Small Business;
•4) Cage Code;
•5) Contract vehicles that would be available to the Government for the procurement of the product and service, to include ENCORE II, General Service Administration (GSA), GSA MOBIS, NIH, NASA SEWP, Federal Supply Schedules (FSS), or any other Government Agency contract vehicle. (This information is for market research only and does not preclude your company from responding to this notice.)
Vendors who wish to respond to this should send responses via email NLT Wednesday, September 15, 2014 4:00 PM Eastern Daylight Time (EDT) to disa.meade.peo-ma.mbx.acquisition@mail.mil and donald.j.petterson.civ@mail.mil. ; Interested businesses should submit a brief capabilities statement package (no more than five pages) demonstrating ability to perform the services listed in this Technical Description.
Proprietary information and trade secrets, if any, must be clearly marked on all materials. All information received that is marked Proprietary will be handled accordingly. Please be advised that all submissions become Government property and will not be returned. All government and contractor personal reviewing RFI responses will have signed non-disclosure agreements and understand their responsibility for proper use and protection from unauthorized disclosure of proprietary information as described 41 USC 423. The Government shall not be held liable for any damages incurred if proprietary information is not properly identified.
Donald J. Petterson , Phone 6182299791, Email donald.j.petterson.civ@mail.mil
