C.11.2 FUNCTIONAL AREA TWO (2) – INFORMATION SYSTEMS ENGINEERING

 

(1)   System and Software Design, Development, Engineering, and Integration

i)    Software Development

ii)  System Design Alternative Studies

iii)    Software Distribution, Licensing, Maintenance

(2)   Information Technology (IT) Strategic Planning, Program Assessment, and Studies

i)    Feasibility Studies

ii)  Information Technology (IT) Strategic Planning and Mission Need Analysis

iii)    Information Technology Organizational Development

iv)Information Technology Program Analysis, Assessments and Studies

v)  Information Technology Research and Development

(3)   Automated Workflow System Development and Integration

(4)   Business Process Reengineering (BPR)

i)        Benchmarking/Operational Capability Demonstrations

ii)      Change Management

(5)   Chief Information Officer (CIO) Support

i)        Enterprise Resource Systems Management

ii)      Enterprise Resource Systems Planning

iii)    Information Assurance Activities

iv)    Information Operations

v)      Inter/Intra-Agency Enterprise Resource Planning

(6)   Global Information Systems

(7)   Software Life Cycle Management (SLCM)

i)        Cost Benefit Analysis, Cost Effectiveness Analysis

ii)      Risk Analysis and Assessment

iii)    Stakeholder Analysis

iv)    Total Cost of Ownership Studies

(8)   Software Engineering (SWE)

i)    Software Quality Assurance

(9)   Customer Relationship Management

(10)                  Information Technology Architecture (ITA) Support

(11)                  Infrastructure Quality Assurance

(12)                  Instructional Design, and Modeling & Simulation

(13)                  SCE/CMM/CMMI Analyses and Implementation Support

(14)  Anti-Virus Management Service

i)        Intrusion Detection and Prevention Service

ii)      Virus Detection, Elimination, and Prevention

(15)  Biometrics

i)        Smart Card Technologies

(16)  Computer Security Awareness, and Training

i)        Computer Security Incident Response

ii)      Computer Security Planning

iii)    Security Policy Compliance

(17)  Disaster Recovery, Continuity of Operations, and Contingency Planning

i)        Critical Infrastructure Protection

ii)      Hot-site and Cold-site Support Services

iii)    Incident Response Service

iv)    System Recovery Support Services

(18)  Hardware and Software Maintenance and /or Licensing

i)        Software/Hardware Maintenance and /or Licensing

(19)  Independent Verification and Validation (Security)

i)        Certification of Sensitive Systems

ii)      Mainframe Automated Information Security Support

iii)    Security for Small Systems, Telecommunications, and Client Service

(20)  Managed E-Authentication Service

(21)  Managed Firewall Service

(22)  Privacy Data Protection

(23)  Public Key Infrastructure (PKI)

i)        Crypto Systems

ii)      Digital Signature Technology

(24)  Secure Managed Email Service (SMEMS)

(25)  Security Certification and Accreditation

(26)  Systems Vulnerability Analysis/Assessment and Risk Assessment

(i)     Quantitative Risk Analysis of Large Sensitive Systems

(ii)   Vulnerability Scanning Service


 

C.12.2  FUNCTIONAL AREA TWO (2)

 

C.12.2.1   System and Software Design, Development, and Integration

 

C.12.2.1.1      Software Development

 

A set of activities that results in software products. Software development may include new development, modification, reuse, re-engineering, maintenance, or any other activities that result in software products. Providing for project management, planning, design, building and implementation of client ­specific applications, taking responsibility for achieving contractually specified results.

 

C.12.2.1.2      System Design Alternative Studies

C.12.2.1.3      Software Distribution, Licensing, Maintenance

 

The Contractor shall provide for software maintenance and/or software licenses from 3rd party vendors in support of tasks falling within this functional area

 

 

C.12.2.2   Information Technology (IT) Strategic Planning, Program Assessment, and Studies

 

The Contractor shall provide resources to support in the development, analysis, and implementation of IT strategies, architectures, program planning and assessment, and risk, trade-off, requirements, alternatives, and feasibility studies that advance the goals and objectives of the Government.

 


 

C.12.2.2.1      Feasibility Studies

 

The Contractor shall provide resources to facilitate evaluation of a prospective project for the purpose of determining if the project should be undertaken.  Feasibility studies normally consider the time, budget, and technology required for completion.

 

C.12.2.2.2      Information Technology (IT) Strategic Planning and Mission Need Analysis

C.12.2.2.3      Information Technology Organizational Development

C.12.2.2.4      Information Technology Program Analysis, Assessments and Studies

C.12.2.2.5      Information Technology Research and Development

 

The Contractor shall provide the resources to identify and research emerging technologies in the IT area.  Based on this research, the Contractor shall develop and evaluate prototype solutions and present findings and recommendations to the Government for their consideration.

 

C.12.2.3   Automated Workflow System Development and Integration

 

The defined series of tasks within an organization to produce a final outcome. Sophisticated workgroup computing applications allow you to define different workflows for different types of jobs. The workflow software ensures that the individuals responsible for the next task are notified and receive the data they need to execute their stage of the process.

 

C.12.2.4   Business Process Reengineering

 

The Contractor shall provide resources to support in the development, analysis, and implementation of improvements in the flow of business, work, and program processes and tool utilization.

 

C.12.2.4.1 Benchmarking/Operational Capability Demonstrations

C.12.2.4.2      Change Management

 

C.12.2.5   Chief Information Officer (CIO) Support

 

Typically, a CIO is involved with analyzing and reworking existing business processes, with identifying and developing the capability to use new tools, with reshaping the enterprise's physical infrastructure and network access, and with identifying and exploiting the enterprise's knowledge resources. Many CIOs head the enterprise's efforts to integrate the Internet and the World Wide Web into both its long-term strategy and its immediate business plans.

 

C.12.2.5.1      Enterprise Resource Planning Systems Development and Integration


 

 

An approach to organizational integration management that relies on integrated application software to provide data on all aspects of the enterprise, such as finance, inventory, human resources, sales, etcetera.  The objective of an Enterprise Resource Planning Systems is to provide data, when as needed, to enable an entity to monitor and control its overall operation.

           

C.12.2.5.2      Enterprise Resource Systems Management

C.12.2.5.3      Enterprise Resource Systems Planning

C.12.2.5.4      Information Assurance Activities

C.12.2.5.5      Information Operations

C.12.2.5.6      Inter/Intra-Agency Enterprise Resource Planning

 

C.12.2.6   Global Information Systems

 

C.12.2.7   Software Life Cycle Management (SLCM)

 

The Contractor shall provide resources to support any or all phases and stages of SLCM, including planning, analysis, troubleshooting, integration, acquisition, installation, operation, maintenance, training, documentation, and administration.  The Contractor may be responsible for obtaining and/or supporting the necessary software, hardware, firmware, resources, etc. required for a system project.

 

C.12.2.7.1      Cost Benefit Analysis, Cost Effectiveness Analysis

C.12.2.7.2      Risk Analysis and Assessment

C.12.2.7.3      Stakeholder Analysis

C.12.2.7.4      Total Cost of Ownership Studies

 

C.12.2.8   Software Engineering

 

The Contractor shall provide software engineering support (including planning, analysis, design, evaluation, testing, quality assurance, and project management) in the application of computer equipment through computer programs, procedures, tools, and associated documentation.

 

C.12.2.8.1      Software Quality Assurance

 

C.12.2.9   Customer Relationship Management

 

CRM entails all aspects of interaction a company has with its customer, whether it is sales or service related.

 

C.12.2.10 Information Technology Architecture (ITA) Support

 

C.12.2.11 Infrastructure Quality Assurance

 

C.12.2.12 Instructional Design, and Modeling & Simulation


 

The Contractor shall provide instructional design, and modeling & simulation. Instructional Design is the systematic development of instructional specifications using learning and instructional theory to ensure the quality of instruction. It is the entire process of analysis of learning needs and goals and the development of a delivery system to meet those needs. It includes development of instructional materials and activities; and tryout and evaluation of all instruction and learner activities.  Instructional Design is that branch of knowledge concerned with research and theory about instructional strategies and the process for developing and implementing those strategies.  Instructional Design is the science of creating detailed specifications for the development, implementation, evaluation, and maintenance of situations that facilitate the learning of both large and small units of subject matter at all levels of complexity.  Instructional Design can start at any point in the design process. Often a glimmer of an idea is developed to give the core of an instruction situation. By the time the entire process is done the designer looks back and she or he checks to see that all parts of the "science" have been taken into account. Then the entire process is written up as if it occurred in a systematic fashion.

 

C.12.2.13 SCE/CMM/CMMI Analyses and Implementation Support

 

Software Capability Evaluation (SCE) -- It may be necessary on certain task orders to perform software capability evaluations (SCE).  The Government may use the SCE developed by the Software Engineering Institute (SEI) Carnegie Mellon University (CMU)  www.sei.cmu.edu , Pittsburgh, PA, 15213, in evaluating the contractor’s/subcontractor’s task order proposal.  The SCE level required will be specified in individual task orders.  

 

Capability Maturity Model (CMM) -- The Capability Maturity Model for Software (or SW-CMM) is used for judging the maturity of the software processes of an organization and for identifying the key practices that are required to increase the maturity of these processes. 

 

Capacity Maturity Model Integration (CMMI) -- The Capability Maturity Model Integration (CMMI) provides models for achieving product and process improvement.  The output of the CMMI project is a suite of products, which provides an integrated approach across the enterprise for improving processes, while reducing the redundancy, complexity and cost resulting from the use of separate and multiple capability maturity models (CMMs).  To improve the efficiency of model use and increase the return on investment, the CMMI project was created to provide a single integrated set of models.

 

C.12.2.14  Anti-Virus Management Service (AVMS)

 

Reference Section C.12.1.26 for description.

 

C.12.2.15 Biometrics

 

Reference Section C.12.1.27 for description.


 

C.12.2.16       Computer Security Awareness and Training

 

Reference Section C.12.1.28 for description.

 
C.12.2.17  Disaster Recovery, Continuity of Operations, and Contingency Planning
 

Reference Section C.12.1.29 for description.

 

C.12.2.18 Hardware and Software Maintenance and/or Licensing

 

Reference Section C.12.1.30 for description.

 
C.12.2.19  Independent Verification and Validation (Security)
 

Reference Section C.12.1.31 for description.

 

C.12.2.20 Managed E-Authentication Service (MEAS)

 

Reference Section C.12.1.32 for description.

 

C.12.2.21 Managed Firewall Service

 

Reference Section C.12.1.33 for description.

 

C.12.2.22 Privacy Data Protection

 

C.12.2.23 Public Key Infrastructure

 

Reference Section C.12.1.35 for description.

 

C.12.2.24 Secure Managed Email Service

 

Reference Section C.12.1.36 for description.

 

C.12.2.25 Security Certification and Accreditation

 

C.12.2.26 Systems Vulnerability Analysis/Assessment and Risk Assessment

 

Reference Section C.12.1.38 for description.

 

C.13    INFORMATION SYSTEM SECURITY (ISS)

The General Services Administration, other civilian Federal Agencies, the Department of Defense, federally recognized Native American tribes, and state and local


 

Government entities require assistance in developing ISSxe "ISS" products, including implementation.  ISS addresses the security of information and computing resources at all organizational levels.  All security requirements were included in both Functional Area One (1) and Functional Area Two (2).  The descriptions in Section C.11 describe the ISS functional requirements and cover the location, source, and contact for any other information that the Contractor may need to know in order to perform ISS tasks.  This includes the results of any previous audits, reviews, studies, certifications, risk, and vulnerability analyses, etc. that address the computer security of a system(s). All work completed under this contract shall comply with the latest versions of all applicable agency ISS guidance (e.g., Office of Management and Budget (OMB) circulars, General Services Administration (GSA) issuances, Public Laws (PLs), American National Standards Institute (ANSI) standards, and National Institute of Standards and Technology (NIST) standards, including Federal Information Processing Standards (FIPS) publications.  Also, individual task/delivery orders will reference applicable versions of standards or exceptions as necessary.