DHS RFI: Cybersecurity Governance & Compliance

Notice ID:  70RTAC24RFI000005

The DHS Chief Information Security Officer Directorate (CISOD) is responsible for developing a comprehensive management approach for ensuring compliance with Federal legislation, regulation and guidelines, departmental policies, and procedures, as well as ensuring information systems operate at an acceptable level of risk based on the designated mode of operations. The DHS CISOD includes the DHS Enterprise and Management Directorate for cyber security management, oversight, and customer support.

Requirements include program management, professional services for the integrated planning, management, and execution of CISOD’s cybersecurity mission, National Security Systems support, Governance Risk and Compliance programs, and Cybersecurity through the Acquisition Life Cycle support for National Security and Sensitive but Unclassified/Controlled Unclassified Information programs and systems. Also, included is engineering and technical assistance for Cybersecurity related missions as required to meet DHS, Office of the Chief Information Officer (OCIO), and CISOD strategic plans, mission goals and objectives. The requirement will support sub-organizational units within the CISOD which include the National Security Cyber Division and Enterprise Cybersecurity Governance Division.  This RFI requires interested contractors to indicate their ability to fulfill the requirements.

The Contractor shall support the following tasks:

  1. Project Management – The Contractor shall provide program management services such as transition planning, resource management, quality assurance, risk management, status and problem reporting, and administrative support.
  2. National Security System (NSS) Support – The contractor shall support the National Security Cyber Division (NSCD) with architecture and engineering support to review, update and create various system architectures. The contractor shall also analyze, create, document and review processes and methodologies to streamline and enhance cybersecurity processes to support the Governance, Risk, and Compliance (GRC) for the continuous monitoring processes. This shall include analysis and research of tools and creation of recommended utilization methodologies.
  3. National Security Systems (NSS) Risk Management and Compliance Support – The contractor shall work with DHS HQ components, contractors, or other organizations within DHS to assess and evaluate DHS NSS Systems, Appliances and Applications, and provide cyber risks recommendations associated to DHS NSS. This task is inclusive of any cyber risk compliance and reporting activities and may stem from Cyber Supply Chain Risk Management risk assessments.
  4. DHS Cybersecurity through the Acquisition Lifecycle – The Contractor shall provide cybersecurity review for all planned major acquisition systems as part of the Information Technology Acquisition Review (ITAR) process. Provides expertise, reviews, and develops documentation in support of activities in the Acquisition Lifecycle Framework (ALF) phases, Program Health Assessments, and Cyber Risk Recommendation Memos. The Contractor shall assist with the coordination, planning, and management of Cyber ALF Working Groups and Integrated Project Teams (IPTs) as appropriate.
  5. Cybersecurity Awareness and Training – The Contractor shall provide the support to manage all aspects of delivery of the CISOD Cybersecurity training support services. Services include project planning, content development, instructional design, training tool support, status and problem reporting, and administrative support.
  6. Enterprise Cybersecurity Governance – The contractor shall actively develop and support the compliance monitoring/reporting activities related to DHS Federal Information Security Management/Modernization Act (FISMA) and other official reporting (both internal and external to DHS).
  7. Component Services: Risk Management and Compliance – The contractor shall provide Risk Management and Compliance support to FISMA systems within the MGMT-HQ FISMA Portfolio and to ensure security authorization and compliance metrics are maintained in accordance with DHS policy.
  8. Enterprise Cybersecurity Risk and Reporting Analysis – The contractor shall support the project management, development, and administration of governance, risk, and compliance systems and tools. The Contractor shall provide support for the FISMA metrics program by preparing Quarterly and Annual DHS Federal Information Security Modernization Act (FISMA) Reports that are submitted to Office of Management and Budget (OMB) and Congress…

Read more here.

Ad



Not Yet a Premium Partner/Sponsor? Learn more about the OS AI Premium Corporate and Individual Plans here. Plans start at $250 annually.

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

LEAVE A REPLY

Please enter your comment!
Please enter your name here