USAID M/CIO RFI: Cyber Security & Information Assurance Program

Notice ID: CyberRFI

“USAID M/CIO/IA has a requirement for comprehensive support services required to provide executive, technical, operational, and administrative support for information assurance, including services associated with cybersecurity and privacy compliance.

The purpose of this Statement of Objectives (SOO) is to convey USAID’s objectives, scope, constraints, and applicable documents in support of a comprehensive cyber security and information assurance program. The intent is to afford the maximum flexibility to each offeror to propose an innovative solution that meets or exceeds USAID’s objectives within the applicable constraints.

Further, USAID intends that the offerings provided in support of this SOO will provide USAID access to subject matter experts that can provide solution(s) that support information assurance specifically related to the objective areas of this SOO and the following priorities:

  1. Customer-centric solutions,
  2. Cybersecurity and privacy integration,
  3. Team structure/capabilities,
  4. Continuous improvement,
  5. Supporting Government-wide compliance requirements,
  6. Risk reduction,
  7. Early detection and prevention,
  8. Future trend analysis,
  9. Talent assessment,
  10. Taps analysis,
  11. Government/contractor interfaceCollaboration,
  12. Contract governance
  13. Innovation…”

This SOO is intended to allow for industry to provide all support necessary to USAID to meet the highest level of effectiveness of information security program maturity as outlined in the latest IG FISMA Reporting metrics (latest available reference: “FY 2020 Inspector General Federal Information Security Modernization Act of 2014 (FISMA) Reporting Metrics Version 4.0”) as it relates to the objectives and/or objective areas outlined in this document.

The contractor shall provide technical, operational and strategic management subject matter expertise, focusing on cyber security and privacy to further enhance USAID’s cyber security, risk management, and compliance posture. The outcomes of the work will enable enhancement of the agency-wide IA program that provides security for safeguarding information and information systems supporting the operations and assets of the agency, including those provided or managed by other agencies, contractors, or other sources. Services will span the following objectives…

  • Program and Contract Management
  • Performance Management
  • Investment Planning
  • Provide strategic support and visionary thought leadership to identify, prioritise, and present innovative cyber initiatives.
  • Develop, maintain, and operate a cyber and privacy program support hub to coordinate all cybersecurity and privacy functions.
  • Protect information systems and data privacy to ensure the confidentiality, integrity, and availability of sensitive information to minimize potential impacts on individuals.
  • Provide cyber/privacy incident response to minimize USAID systems’ impact during an cyber/privacy incident and meet OMB/DHS requirements.
  • Breach Response 9) Provide enterprise support to all USAID systems to ensure Governance, Risk, Compliance, and validation of continuous monitoring activities.
  • Provide a cyber/privacy incident response program that limits damage to IT systems and reduces recovery time and costs for the Agency.
  • Provide support for electronic discovery (e-Discovery) and forensic services and investigations on all types of devices (desktops, servers, mobile devices, removal media, Cloud vendors, etc.) for digital environment and electronically stored information.
  • Provide support for electronic discovery (e-Discovery) and forensic services and investigations on all types of devices (desktops, servers, mobile devices, removal media, Cloud vendors, etc.) for digital environment and electronically stored information.
  • Deliver an efficient cyber security strategy, architecture, guidance and analysis for services , applications, and data storage, including cloud services and emerging technologies that address valid security controls and M/CIO/IA operational requirements.
  • Improve and implement cyber security and privacy awareness and training programs
  • Improve USAID cybersecurity maturity by leveraging the Cybersecurity Framework (NIST CSF Core Function) as a reference for managing and reducing cybersecurity risks.
  • Provide Section 508 practitioner expertise that demonstrates industry knowledge to meet Section 508 requirements, standards, guidance, and best practices. This support will address all Agency 508 compliance requirements including those related to testing, evaluation, and reporting for all 508 related media. Additionally, USAID requires advice and development of agency-wide training for Section 508 requirements.
  • Deliver an efficient and proactive cyber Risk strategy, Architecture, guidance and significant and consistent analyses that maintain an automated and continuous Risk Score for the CIO to make informed decisions…”

Read more here.


This topic contains 0 replies, has 1 voice, and was last updated by  Jackie Gilbert 2 weeks, 2 days ago.

  • Author
  • #119174

    Replies viewable by members only


You must be logged in to reply to this topic.


Questions?. Send us an email and we'll get back to you, asap.


©2021 G2Xchange all rights reserved | Community and Member Guidelines | Privacy Policy | About G2Xchange FedCiv

Opportunities. Starting Points.

About our Data

The Vault is a listing of expiring contracts, task orders, etc. within a certain set of parameters, to include:

  • Have an initial total estimated contract value of $10 million or above
  • Federal Civilian Only – DHS, Transportation, Justice, Labor, Interior, Commerce, Energy, State, and Treasury Actions
  • NAICS codes include: 511210, 518210, 519130, 519190, 541511,
    541513, 541519, 541611, 541618,
    541690, 541720, 541990
  • Were modified within the last 12 calendar months
  • The data represented is based on information provided by the government

Who has access? Please note that ALL G2Xchange FedCiv Members will receive access to all basic and much of the advanced data. G2Xchange FedCiv Corporate Members will receive access to ALL Vault content (basic and advanced).

Feedback/Suggestions? Contact us at and let us know what you think. 

G2Xchange FedCiv

Log in with your credentials for G2Xchange FedCiv

Forgot your details?