Skip to content Skip to left sidebar Skip to right sidebar Skip to footer

Tag: request for information

CMMC RFI

The Department of Defense (DoD) has issued a request for information for the “long-term implementation, functioning, sustainment, and growth” of the Cybersecurity Maturity Model Certification (CMMC). (FedBizOps.gov, October 3, 2019)

Last month, DoD issued version 0.4 of the CMMC. Contractors may now see the cybersecurity standards required when working on projects with controlled but unclassified information. CMMC will assist DoD to secure more than 300,000 organizations. (Fed Scoop, October 4, 2019)

The accreditation body does not directly perform the assessments but manages third-party organizations that do. It is  a nonprofit that utilizes “revenues generated through dues, fees, partner relationships, conferences, etc.” to fund the work.  The deadline to submit feedback is October 21, 2019. (FedBizOps.gov ibid)

We’d be glad to discuss this RFI with you. Just give us a call.

TSA = Try Speedy Action?

The Transportation Security Administration (TSA) powers that be can stress out, just like TSA lines can stress us all out, especially running late for a flight. But to keep lines short and travelers safe, TSA requires the latest technology, which often becomes antiquated while in testing/evaluation. (Nextgov, April 2019Now the agency is turning to contractors to help speed the timeline.

In 2014 TSA began work on a third-party testing program, finalizing it this January. (Prior to 2014 TSA relied on the Homeland Security Department’s Science and Technology Directorate to provide testing teams and data.) The new third-party testing allows TSA to review and accept data from external data sources and includes third-party testing organizations for use in system evaluation, per a Request For Information (RFI) posted in Fedbizopps last week. (ibid)

TSA wants to step away from the process, handing it off to a contractor that can handle the entire testing lifecycle, including managing cooperation between the manufacturer, industry provider, and testing organization. According to the RFI, bidding companies must already maintain a stable of pre-vetted/qualified testing organizations for all required areas, prior to their bid submission. (ibid)

Fedbizopps shows that TSA will consider small businesses and consortiums of multiple complementing firms and of potential third-party testing organizations. (ibid)

Questions are due by 29 April, RFI responses by noon on 22 May.

Interesting, huh? This could be worth a lot of money to the right contractors. Call us at 301-913-5000 if you’d like to discuss the RFI requirements further.