Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
SAMDAILY.US - ISSUE OF APRIL 17, 2022 SAM #7443
SPECIAL NOTICE

70 -- Supply Chain Risk Management platform subscription

Notice Date
4/15/2022 9:07:16 AM
 
Notice Type
Justification
 
NAICS
511210 — Software Publishers
 
Contracting Office
6973GH FRANCHISE ACQUISITION SVCS OKLAHOMA CITY OK 73125 USA
 
ZIP Code
73125
 
Solicitation Number
6963GH-22-R-00124
 
Archive Date
05/15/2022
 
Point of Contact
Jason Perry
 
E-Mail Address
jason.m.perry@faa.gov
(jason.m.perry@faa.gov)
 
Award Number
6973GH-22-R-00124
 
Award Date
06/01/2022
 
Description
1.� Title of Procurement. Riskmethods Supply Chain Risk Management platform subscription with BitSight cybersecurity integration. 2.� Nature of Procurement Action This action is a follow-on to the riskmethods contract 6973GH-21-P-00794.� Riskmethods will provide access to the Supply Chain Risk Management platform with an increase from 100 to 500 supplier companies and including integrated cybersecurity data from BitSight for monitoring cybersecurity supply chain risk for 100 supplier companies.�� 3.� Description of Supplies/Services A follow-on to the existing riskmethods contract for total Supply Chain Risk Management services which includes a cybersecurity monitoring solution from BitSight.� The riskmethods platform provides comprehensive Supply Chain Risk Management monitoring via their Risk Radar, Impact Analyzer, Action Planner and Risk Assessment functions.� The requirement for Cybersecurity Supply Chain Risk Management (C-SCRM) is an essential component of a SCRM Program.� Also, Logistics Center and agency information is at risk of compromise through communication with the Supply Chain, especially since the status of Suppliers� systems, policies and practices are unknown. Riskmethods integrates BitSight data seamlessly into their system for Supply Chain Risk Management.� BitSight�s cybersecurity ratings provide an external, validated and continuously updated view into the security posture of a company.� BitSight applies sophisticated algorithms, producing daily security ratings that range from 250 to 900, to help organizations manage their own security performance, mitigate third party risk,�and assess aggregate risk.� The FAA Logistics Center understands the need for a comprehensive SCRM Program and including cybersecurity data is essential. This integrated solution is not available from any other known SCRM providers and has been integral to the organization�s establishment of a SCRM Program.� 4.� Authority The FAA proposes to procure this requirement on a single source basis as contemplated by AMS policy section 3.2.2.4. 5.� Rationale Supporting Use of a Single Source Standardization: The Logistics Center�s current contract for Supply Chain Risk Management data is with riskmethods.� Riskmethods does not have an alternative cybersecurity data provider that integrates into their platform.� BitSight is a single source for the data.� To obtain SCRM data separately from different providers would mean that the FAA would have to collect and attempt to integrate the data into a separate workflow management system which not only does not exist within the Program but also would substantially increase Program operating cost.� In addition, additional training would be required for Program users, hence compounding Program costs and degrading performance substantially.� This integrated solution is not available from any other known SCRM providers and has been integral to the organization�s establishment of a SCRM Program.� Continuing use of the �integrated riskmethods/ BitSight solution is essential to the Program and will allow for providing comprehensive analysis and monitoring of Supplier risk to the agency�s Supply Chain. Riskmethods is the only company that can meets the FAA�s requirement in a timely manner without any interruption in service. 6.� Market Analysis An informal market analysis was performed via internet as well as via other government contract vehicles such as NASA�s SEWP V and GSA Advantage.� No other providers were located that meet the needs of the Logistics Center for Supply Chain Risk Management with an integrated cybersecurity data in a single solution.� 7.� Other Facts Supporting Use of Single Source Future similar requirements are anticipated. Currently there are no additional vendors that can provide all Supply Chain Risk Management with an integrated cybersecurity data in a single solution. In the future, the requirements will continue to be purchased from riskmethods until another vendor that can provide all the required capabilities can be identified.
 
Web Link
SAM.gov Permalink
(https://sam.gov/opp/0861dcdc8a464c6ea272249375e94ae3/view)
 
Place of Performance
Address: USA
Country: USA
 
Record
SN06299311-F 20220417/220415230106 (samdaily.us)
 
Source
SAM.gov Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's SAM Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.