The Department of the Interior (DOI) Office of the Chief Information Officer (OCIO) supports the Offices and Bureaus within the Department, as well as federal agency customers outside the Department, through its Information System Security Line of Business (ISSLoB). DOI provides a variety of services for itself and its customer agencies. DOI is one of six (6) Department of Homeland Security (DHS) sponsored Risk Management Framework (RMF) Shared Service Centers (SSCs). The RMF SSCs were established to facilitate the implementation of common RMF solutions for areas that many agencies are missing when striving to achieve greater efficiencies in executing the RMF Security Assessment & Authorization (SA&A) process. DOI currently offers a number of RMF services to its Federal customers, but seeks to expand current service offerings to potential Government and non-Government entities, clouds, as well as to provide superior service to its non-cloud customer base.
Spry will be responsible for performing Federal Information Security Management Act (FISMA) and Federal Risk and Authorization Management Program (FedRAMP) compliant activities for both DOI internal and external clients; in accordance with National Institute of Standards and Technology (NIST) standards, Agency control standards, and other associated Agency regulations. These activities include, but are not limited to:
- RMF Development and Integration
- SA&A Services
- Continuous Monitoring Strategy Development
- Continuous Monitoring Program Evaluation
- Technical Testing and Penetration Testing
- Security Policy and Documentation Development
- FedRAMP Documentation Development and Preparation
- Plan of Action and Milestone (POA&M) Support
- Cyber Security Assessment and Management (CSAM) Tool Support
For more information on this contract, please contact [email protected].