DHS RFI: Cybersecurity Governance & Compliance

Notice ID: 70RTAC24RFI000005

The DHS Chief Information Security Officer Directorate (CISOD) is responsible for developing a comprehensive management approach for ensuring compliance with Federal legislation, regulation and guidelines, departmental policies, and procedures, as well as ensuring information systems operate at an acceptable level of risk based on the designated mode of operations. The DHS CISOD includes the DHS Enterprise and Management Directorate for cyber security management, oversight, and customer support.

Requirements include program management, professional services for the integrated planning, management, and execution of CISOD’s cybersecurity mission, National Security Systems support, Governance Risk and Compliance programs, and Cybersecurity through the Acquisition Life Cycle support for National Security and Sensitive but Unclassified/Controlled Unclassified Information programs and systems. Also, included is engineering and technical assistance for Cybersecurity related missions as required to meet DHS, Office of the Chief Information Officer (OCIO), and CISOD strategic plans, mission goals and objectives. The requirement will support sub-organizational units within the CISOD which include the National Security Cyber Division and Enterprise Cybersecurity Governance Division. This RFI requires interested contractors to indicate their ability to fulfill the requirements.

The Contractor shall support the following tasks:

Project Management – The Contractor shall provide program management services such as transition planning, resource management, quality assurance, risk management, status and problem reporting, and administrative support.
National Security System (NSS) Support – The contractor shall support the National Security Cyber Division (NSCD) with architecture and engineering support to review, update and create various system architectures. The contractor shall also analyze, create, document and review processes and methodologies to streamline and enhance cybersecurity processes to support the Governance, Risk, and Compliance (GRC) for the continuous monitoring processes. This shall include analysis and research of tools and creation of recommended utilization methodologies.
National Security Systems (NSS) Risk Management and Compliance Support – The contractor shall work with DHS HQ components, contractors, or other organizations within DHS to assess and evaluate DHS NSS Systems, Appliances and Applications, and provide cyber risks recommendations associated to DHS NSS. This task is inclusive of any cyber risk compliance and reporting activities and may stem from Cyber Supply Chain Risk Management risk assessments.
DHS Cybersecurity through the Acquisition Lifecycle – The Contractor shall provide cybersecurity review for all planned major acquisition systems as part of the Information Technology Acquisition Review (ITAR) process. Provides expertise, reviews, and develops documentation in support of activities in the Acquisition Lifecycle Framework (ALF) phases, Program Health Assessments, and Cyber Risk Recommendation Memos. The Contractor shall assist with the coordination, planning, and management of Cyber ALF Working Groups and Integrated Project Teams (IPTs) as appropriate.
Cybersecurity Awareness and Training – The Contractor shall provide the support to manage all aspects of delivery of the CISOD Cybersecurity training support services. Services include project planning, content development, instructional design, training tool support, status and problem reporting, and administrative support.
Enterprise Cybersecurity Governance – The contractor shall actively develop and support the compliance monitoring/reporting activities related to DHS Federal Information Security Management/Modernization Act (FISMA) and other official reporting (both internal and external to DHS).
Component Services: Risk Management and Compliance – The contractor shall provide Risk Management and Compliance support to FISMA systems within the MGMT-HQ FISMA Portfolio and to ensure security authorization and compliance metrics are maintained in accordance with DHS policy.
Enterprise Cybersecurity Risk and Reporting Analysis – The contractor shall support the project management, development, and administration of governance, risk, and compliance systems and tools. The Contractor shall provide support for the FISMA metrics program by preparing Quarterly and Annual DHS Federal Information Security Modernization Act (FISMA) Reports that are submitted to Office of Management and Budget (OMB) and Congress…

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

OrangeSlices AI

Discover More Today

DHS RFI: Cybersecurity Governance & Compliance

Leave a Reply

Cancel reply

DHS RFI: Cybersecurity Governance & Compliance

Leave a Reply

Cancel reply

User Agreement

Login