GSA Multiple Award Schedule (Formerly IT Schedule 70)
The GSA Multiple Award Schedule is the largest procurement vehicle and the most widely used acquisition offering in the federal government. It is an Indefinite Delivery Indefinite Quantity (IDIQ) contract that delivers federal agencies the tools and expertise needed to shorten procurement cycles, ensure compliance, and obtain the best value for innovative technology products, services, and solutions.
Contract Number: GS-35F-591GA
Contract Period: August 2, 2017 – August 1, 2022
8(a) Small Disadvantaged Business
SIN Codes: 541611, 54151S, OLM
The scope of the HACS SIN includes proactive and reactive cybersecurity services. Assessment services needed for systems categorized as High Value Assets (HVA) are also within scope of this SIN. It includes Risk and Vulnerability Assessments (RVA), Security Architecture Review (SAR), and Systems Security Engineering (SSE). Additionally, the scope of the SIN includes services for the seven step Risk Management Framework (RMF), and Security Operations Center (SOC) services.
- The seven-step RMF includes preparation, information security categorization; control selection, implementation, and assessment; system and common control authorizations; and continuous monitoring. RMF activities may also include Information Security Continuous Monitoring Assessment (ISCMA) which evaluate organization-wide ISCM implementations, and also Federal Incident Response Evaluations (FIREs), which assess an organization’s incident management functions.
- SOC services are services such as: 24x7x365 monitoring and analysis, traffic analysis, incident response and coordination, penetration testing, anti-virus management, intrusion detection and prevention, and information sharing.
There are five subcategories under the HACS SIN. Vendors listed within each subcategory in the GSA eLibrary have passed a technical evaluation for that specific subcategory. Solvitur Systems has passed the evaluation for all the five subcategories and is qualified to provide services on all of them;
- High Value Asset Assessments:
- Risk and Vulnerability Assessment (RVA)
- Security Architecture Review (SAR)
- Systems Security Engineering (SSE)
- Risk and Vulnerability Assessment
- Cyber Hunt
- Incident Response
- Penetration Testing