The initial contract established as a result of this solicitation will be for two (2) years, beginning with FY 2026, with the option to renew for three (3) additional one-year terms at the same price, terms and conditions as stated on the original proposal. Exercising the option to extend must be by mutual agreement of the parties to the contract. CHESS shall evaluate all competitive sealed proposals received using an evaluation process. While most of the deliverables outlined in this Statement of Work (SOW) will be standardized to ensure a consistent and unified approach across CHESS and its member colleges, the shared services model is designed to be flexible and adaptable to accommodate the unique needs, operational structures, and resource constraints of each institution. Recognizing that smaller institutions may have distinct challenges, particularly in staffing and security operations, the shared services approach will provide tailored solutions to ensure effective cybersecurity implementation. Specifically: (a) Scalable Security Services – Institutions will have access to tiered support models, allowing them to leverage core shared services while also benefiting from institution-specific enhancements as needed. (b) Role Virtualization & Consolidation – In cases where dedicated personnel may not be feasible, key security functions can be centralized, virtualized, or consolidated. (c) Optimized Resource Allocation – Smaller colleges will benefit from pooled expertise, gaining access to cybersecurity engineers, compliance specialists, and security architects without the need for full-time in-house staff. (d) IT-as-a-Service (ITaaS) for Remediation & Configuration – To further enhance security readiness, services will include on-demand technical support for security remediation, system hardening, and ongoing configuration management.
