DOD MDA Draft RFP: IT Operations and Engineering Solutions (MIOES) Partial Bidders Library

Notice ID: HQ085725R000X

This PWS supports the MDA CIO’s mission to ensure that the MDA’s IT services and resources are administered, acquired, managed, operated, and cyber defended in compliance with the goals and directives of existing statutes and DoD issuances and the priorities set by the MDA Director and MDA CIO. The primary scope of this PWS encompasses both the cybersecurity and Defensive Cyber Operations (DCO) actions required to operate and protect DoD IT systems.

This is a Firm-Fixed Price task order.

The Cybersecurity Maturity Model Certification (CMMC) Program requires contractors (DoD prime contractors and subcontractors, and private-sector businesses or other entities that are specified) to implement required security measures necessary to adequately safeguard Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) being processed, stored, or transmitted through the methodology provided in 32 CFR Part 170, Cybersecurity Maturity Model Certification (CMMC) Program.  Contractors entrusted with FCI and CUI will implement cybersecurity standards at progressively advanced levels, depending on the type and sensitivity of the information.

  • Meet and/or exceed the four-phased implementation plan of the CMMC Program requirements.
  • Implement the specified security requirements for the applicable CMMC Level (at or 91 above the level identified).
  • Ensure CMMC requirements are applied throughout the supply chain at all tiers that will processes, store, or transmit any FCI or CUI on contractor information systems in the performance of the DoD contract or subcontract, irrespective of the origin of the information.
  • Perform a self-assessment or obtain an independent assessment to verify the implementation of prescribed cybersecurity standards from either a CMMC Third-Party Assessment Organization (C3PAO) or Defense Contract Management Agency (DCMA) Defense Industrial Base Cybersecurity Assessment Center (DIBCAC).
  • Document implementation of the security requirements in a system security plan and POA&M when any unimplemented security requirements will not be met.
  • Report cyber incidents that affect that system or network …

Read more here.

Ad



Not Yet a Premium Partner/Sponsor? Learn more about the OS AI Premium Corporate and Individual Plans here. Plans start at $250 annually.

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

LEAVE A REPLY

Please enter your comment!
Please enter your name here