Awardee Name: ALPHA OMEGA INTEGRATION LLC
Unique Entity ID: NF34JCA2PME3
Total Contract Value: $9,737,858.86
Action Obligation: $4,868,929.43
Department Name: HOMELAND SECURITY, DEPARTMENT OF
Funding Agency: U.S. COAST GUARD
Funding Office: DEPUTY COMDT 4 MISSION SUPP WASH DC
Description: information assurance security program (iasp) bridge contract
Number of Bidders: 1
Award ID: 70Z04424FESD40001
Referenced IDV ID: HHSN316201200182W
Contract Vehicle: CIO-SP3 SB
NAICS: 541512
Award Type: Delivery Order
Start Date: 2024-09-01
Ultimate Completion Date: 2025-08-31
Cybersecurity and Information Assurance and Security Program (IASP) Services
Background information about the requirement: This requirement was competed and
awarded on August 8, 2020, on the National Institute of Health (NIH) Chief
Information Officer Solutions and Partners 3 (CIO-SP3) Women Owned Small
Business GWAC contract. The final option IAW FAR 52.217-8 for contract
HHSN316201200182W, Task Order 70Z0G320FPWS33200 with Alpha Omega
Integration LLC will expire on August 31, 2024.
The C5ISC and CG-914 are competing the C5ISC Risk Management Framework (RMF)
IDIQ which will enable better management of all RMF services across the acquisition
and sustainment communities. The Procurement Planning Conference and Integrated
Procurement Team established Milestone dates where a complete procurement package
would be accepted by contracting on March 22, 2023, the Solicitation would be released
to industry on June 28, 2023, and the receipt of proposal would be August 27, 2023. The
circumstances creating the need to bridge these services that are out of the control of the
contract office (see FAR 37.111) include: a complete an actionable procurement
package was not received until April 19, 2023, creating a one-month delay. The
milestone for solicitation review was planned for 3 months and took 9 months to
complete based on the technical complexity of the requirement because the mission
partners could not agree on quality evaluation factors. This delay resulted in the
solicitation release date to slip to April 16, 2024. Furthermore, upon release of the
solicitation, 180 questions were received and processed causing an additional delay. The
revised anticipated award date is now March 01, 2025, if there are no further delays.
Due to these delays on the award of the RMF IDIQ, there will be no time to award a new
task order off the IDIQ prior to the end of this task order which is August 31, 2024. A
bridge contract with a base period of 6 months and one 6-month option will provide
sufficient time to award a base year plus 4 option years follow on task order against the
new RMF IDIQ vehicle. This will eliminate the possibility of a break in service as well
as reduce the transition risks associated with moving the work from one contractor to
another.
Description of Supplies/Services.
The USCG requires the continuation of Cybersecurity and Information Assurance and
Security Program (IASP) Services to support more than 50 USCG mission critical
information and technology systems that support all USCG Missions.
The Cybersecurity and Information Awareness functions performed by the IASP task
order protect the confidentiality, integrity, and availability of Command, Control,
Communication, Computer, Cyber Intelligence Service Center (C5ISC) information
systems and data, ensuring that mission essential Coast Guard functions are not
interrupted. Additionally, these functions ensure the integrity of, and perform information
systems security and analysis for all Enterprise-wide Classified and Sensitive But
Unclassified (SBU) Networks and Systems to include Non-Classified Internet Protocol
Router Network (NIPRNET), and Secret Internet Protocol Router Network (SIPRNET).
Rationale for using the authority: The USCG has a continued need for
Cybersecurity and IASP Services to support USCG Information Systems. The USCG
intends to limit competition pending the award IA RMF IDIQ Contract with task orders
issued for IASP services. The incumbent contractor, AOI, is on site and ready to
complete requisite tasks associated with Cybersecurity and Information Assurance and
Security Program (IASP) Services. Utilizing AOI will reduce the time and cost needed
to mobilize a new contractor to provide these services as well as remove any learning
curves associated with completing the task relating to this requirement. Awarding a one
year bridge contract to AOI will ensure there is no disruption of critical Information
Assurance and Security Program (IASP) services for the Coast Guard which supports
more than 50 supported USCG Systems. Failure to maintain accreditation of these
critical systems poses a great threat of USCG operational information systems.
(b) Details covering what events lead to the situation requiring use of other than full and
open competition procedures: The C5ISC and CG-914 are competing the C5ISC
Information Assurance (IA) Risk Management Framework (RMF) Support Services
IDIQ which will provide better management of all IA and RMF services across the
USCG. The current contract will expire on August 31, 2024. No work can be
segregated for competition. Awarding a one-year bridge contract to the current
contractor will ensure continuation of all mission critical services to protect and monitor
all USCG Information Systems
(c) Summarize alternatives considered and why they will not work:
AOI is the only company capable of continuing to provide IA and Security Program
services currently without a disruption of IA services. The current IA contract ensures
the 50 plus Coast Guard systems operate correctly to ensure all US Coast Guard
Missions are met. Transitioning from AOI to a new service provider is estimated to take
approximately one (1) month and would not be completed in time to prevent a gap in
these services, preventing the USCG from meeting mission essential requirements.
(d) Impact to the mission that would result if the J&A is not approved and, consequently,
the product or service not provided.
Failure to award this sole-source task order puts the USCG at serious risk of a break in
service and disruption of critical services, including but not limited to IA/Information
System Security Officer (ISSO)/Cyber services to the C5ISC Commander and
CGCYBER Commander. Not maintaining Cybersecurity compliance could potentially
put key systems at risk of being compromised and susceptible to potential disconnect
from Joint Force Headquarters-Department of Defense Information Network (JFHQDODIN)
or could lead to a cyber-attack. This could prevent the USCG from meeting
mission requirements and potential loss of life.
The USCG does not have the federal staffing to absorb and perform the technical
support necessary to ensure FISMA and Cybersecurity compliance for 50 plus systems
currently covered by the IASP task order. To fill this gap in services, it is necessary to
contract for support services with the required skill sets to maintain and implement an
enterprise-wide commercial software product. The USCG requires the uninterrupted
support for IA/ISSO/Cyber services for all USCG systems which is why a sole source to
the incumbent is in the best interests of the USCG. Failure to approve this J&A for
award this sole source contract will result in the interruption of requisite USCG IASP
and Cyber services ultimately impacting the overall USCG mission of defending the
maritime interests of the United States of America by:
• Ensuring the USCG network and all related systems function properly.
• Preventing a disruption of services for mission essential functions.
• Maintaining security and integrity of USCG Information Systems.
• Prohibit denial of service of USCG Information Systems.
Not Yet a Premium Partner/Sponsor? Learn more about the OS AI Premium Corporate and Individual Plans here. Plans start at $250 annually.