Forest Service seeks cybersecurity support in two RFIs
The Forest Service is plans to split an existing contract in two as it looks for ways improve compliance with cybersecurity regulations.
The U.S. Forest Service issued requests for information for two potential contracts in search of cybersecurity expertise as it continues to building its framework to meet federal regulations.
The Forest Service wants to learn about companies’ capabilities that can help the CIO’s cyber security organization, security administration and operations support branch.
The agency has a current contract called Comprehensive and Robust Information Security (CRIS2). The incumbent is Creative Alliant. Now though, the Forest Service is splitting the contract in two. First, Cyber Security Administration and Operations Support (CSAOS) will provide operations and administration support. Secondly, Cyber Security Internal Controls Support (CSICS) will provide oversight.
CSAOS’ required tasks include:
- Project management
- Information security outreach and awareness
- Vulnerability management
- Privilege access control management
- Vulnerability scanning and auditing
CSICS’ required tasks include:
- Program management
- Enterprise security program guidance and policy
- Framework and strategy refresh and monitoring
- Oversight and compliance verification
- Survivability and contingency program support
- Assessment and authorization testing
Both CSAOS and CSICS are anticipated to be four-year contracts beginning in April.
The Forest Service released the RFIs and draft performance work statements Dec. 5. Responses are due Dec. 15.
You can find the CSAOS RFI here. And the CSICS RFI here.