AMENDMENT #1: The purpose of this amendment is to provide historical award data.
The existing Multiple Award BPA was issued on 09/12/2016 as follows:
- TFSACFPBPA16006 (20343018A00006 replacement award number) - Booz Allen Hamilton Inc
- TFSACFPBPA16007 - Knowledge Consulting Group Inc
- TFSACFPBPA16008 - Deloitte Consulting Group LLP
REQUEST FOR INFORMATION
CYBERSECURITY SUPPORT SERVICES BPA
RFI-CFPB-23-037
This Request for Information (RFI) is issued by Fiscal Service Procurement on behalf of the Consumer Financial Protection Bureau (CFPB) to find a viable vendor pool for Cybersecurity Support Services. VENDORS MUST REVIEW THE ENTIRE REQUIREMENT AND SHALL ONLY RESPOND IF FULLY CAPABLE OF SATISFYING ALL ASPECTS OF THE REQUIREMENT.
I. SCOPE SUMMARY (see PWS for full requirement, included in Attachment RFI-CFPB-23-037)
The Contractor shall perform all task areas as required in support of planning, development, documentation, scheduling, and implementation of an Information Systems Security Program as directed by the Government.
Working in conjunction with members of the CFPB staff and other Contractor personnel, the Contractor may be required to assist in the following:
- Maintaining and operating a comprehensive information system security program and supporting technologies;
- Analyzing the posture of information security across the CFPB enterprise and providing recommendations for improvements;
- Providing operational monitoring, technical analysis, timely incident response, and effective remediation; and,
- Adapting to changes in the technology as well as risk and compliance requirements.
The Contractor shall provide support to the CFPB Cybersecurity team as directed by the Government. These modes include participation in team meetings and teleconferences, informal and formal briefings supported with appropriate audio-visual aids, written briefs and point papers, technical analyses and comparative studies, and formal documents delivered in CFPB-prescribed format. In addition, the Contractor shall provide operational security monitoring of CFPB systems. The Contractor shall demonstrate knowledge of US federal information security legislation, policies, directives, and practices and use that knowledge to systematically apply expertise and experience to inform, promote, and enhance the CFPB’s Cybersecurity program.
The purpose of this acquisition is to obtain Cybersecurity support to satisfy new and existing needs for Cybersecurity program management, risk management, engineering, architecture, and operational monitoring/analysis/response. The Contractor shall assist in the maintenance, operation and improvement of a Cybersecurity program consisting of all the following component task areas:
- CISO-COR Support
- Cybersecurity Program Management (CPM) Support
- Cybersecurity Safeguards and Risk Management (SRM) Support
- Security Architecture and Engineering (SAE) Support
- Cybersecurity Operations Support
The BPA(s) to be established shall be for non-personal services to provide Cybersecurity Services to the CFPB. The contractor shall provide all personnel and items necessary to perform the functional and technical support described in this PWS. The contractor shall perform all tasks identified in the PWS.
II. ANTICIPATED PERIOD OF PERFORMANCE
The anticipated Period of Performance will include one (1) 12-month base year and four (4) 12-month option years.
III. ADDITIONAL DETAILS
NO SOLICITATION IS AVAILABLE. A request for more information, or a copy of the solicitation, will not be considered an affirmative response to this Sources Sought notice. Telephone responses or inquiries to this Sources Sought notice will NOT be accepted.
It is anticipated that Small Business Participations Plans will be requested of the interested offerors as part of the solicitation. Prior to issuance of an award, Small Business Participation plans will be reviewed as part of the technical evaluation process.
Fiscal Service will consider written responses received no later than 10:00 AM EST, Monday, February 27, 2023. Responses must be submitted electronically to purchasing@fiscal.treasury.gov, Attn: Sanner/White Ref, RFI-CFPB-23-037. Vendor responses must include sufficient evidence that clearly shows the proposed services are capable of meeting all the aspects of the requirement as described within this RFI.
Qualified contractors must provide the following:
- The name and location of your company, contact information, and identify your business size and socioeconomic category (Large Business, Small Business, Disadvantaged Business, 8(a), Service Disabled Veteran Owned Small Business, HubZone, etc.). Please ensure contact information includes the name of the point of contact, email address, and telephone number should the Government have questions regarding individual responses.
- Whether your services are available through a Government contract vehicle or Open Market.
- A brief capabilities statement (not to exceed 5 pages) that includes a description of your company's standard line of business, as well as a list of customers for which your company currently provides these services.
- UEI Number.
The following file extensions are not allowable and application materials/data submitted with these extensions cannot be considered: .bat, .cmd, .com, .exe, .pif, .rar, .scr, .vbs, .hta,, .cpl, and .zip files.
Microsoft Office compatible documents are acceptable.
No other information regarding this Sources Sought notice will be provided at this time.
This notice does not restrict the Government to an ultimate acquisition approach. All firms responding to this notice are advised that their response is not a request that will be considered for contract award. All interested parties will be required to respond to any resultant solicitation separately from their response to this notice, should one be issued.
