Thursday, November 28, 2024

NIH OCIO IT to host Industry Day related to Information Security Program Support task order

“It is the intent of the National Library of Medicine (NLM) on behalf of the National Institutes of Health (NIH) Office of the Chief Information Officer (OCIO) to sponsor an Industry Day for the discussion of the Performance Work Statement for the National Institutes of Health Information Security Contract.”

“The main objective of the NIH Information Security Program is to “safeguard the NIH personnel, patients, computers, networks and data that NIH relies on each day to fulfill its mission.” To achieve this objective, the NIH Information Security Program has established the following strategic goals:

  • Reduce High Risks: Reduce NIH high risk areas; prioritize/High Value Assets (HVAs)
  • Improve Protections: Improve protections for data, infrastructure, and staff
  • Complete Visibility: Provide continuous/increased visibility into IT assets, operations, threats, and risks
  • Integrate NIH Privacy Coordinators into accreditation and authorization processes…”

“These goals will be achieved via NIH-specific initiatives and government-wide projects to promote IT management best practices, including configuration and patch management, system administration, and change and operations management. These activities will also be accomplished via implementation of DHS Continuous Diagnostic & Mitigation (CDM) program guidance and technologies, the NIH information security modernization initiative, and other NIH and HHS information security projects intended to protect and serve the NIH mission, patients, and staff.”

“The Contractor shall provide information security support services to maintain the overall security posture of the NIH environment…”

“The Contractor shall support the following capabilities:

  • Enterprise information security governance, communications, program and project management, and security metrics and reporting
  • Threat identification and incident handling, including security event detection and situational awareness
  • Security awareness, education, and training…” Read more about the PWS and the proposed Industry Day here.

[related-post]

LEAVE A REPLY

Please enter your comment!
Please enter your name here

FedHealthIT Xtra – Find Out More!

Recent News

Don’t Miss A Thing

Jackie Gilbert
Jackie Gilbert
Jackie Gilbert is a Content Analyst for FedHealthIT and Author of 'Anything but COVID-19' on the Daily Take Newsletter for G2Xchange Health and FedCiv.

Subscribe to our mailing list

* indicates required