Notice ID 75H70422R00008
1.0 General
The Indian Health Service (IHS) must comply with Office of Management and Budget (OMB) M-21-31 and meet and demonstrate adherence to newly established federal mandates. In an effort to address growing concerns about the maturity of cybersecurity practices within the Federal Government, in May of 2021 the White House released Executive Order (EO) 14028, improving the Nation’s Cybersecurity. This EO outlines a set of measures designed to improve the security of Federal networks, assets, and supply chains, to better identify and respond to cybersecurity incidents, and to set easily measurable compliance and effectiveness standards for agency risk management programs. In response to the EO, OMB has developed Memorandum M-21-31, which addresses the EO’s requirements and guides the implementation of logging, log retention, log management, and centralized access and visibility provisions of EO Section 8…
The IHS will comply with OMB M21-31 by performing the following tasks:
- Developing System Security Plans
- Capturing all artifacts
- Managing and assisting in maintaining the inventory
- Implementing identification and asset tagging
- Pushing cybersecurity compliance information to a federally mandated Enterprise Governance, Risk Management and Compliance tool (Archer) needed for logging…
The IHS Division of Information Security is in the process of acquiring a Splunk System-as-a-Service (SaaS) solution. Phase I builds IHS capabilities to meet M21-31 requirements, which will make IHS ready to ingest Agency data into the Splunk SaaS M21-31 package and define converging data points, providing full visibility of IHS Cybersecurity compliance architecture and furnishing IHS management the information it needs to make intelligent timely decisions.
This task consists of the phases below. Phase I is provided for awareness with this requirement consisting of Phase II.
Phase I: (Previous Project separate Project Funding)
Migrate Splunk Enterprise to Splunk Acquire and implement Splunk SaaS and implement M21-31 package to meet OMB M21-31 compliance requirements.
Phase II: (This Project)
Assemble a work force that uses newly implemented technology to collect information by building System Security Plans and uploading system cybersecurity-compliant information into the Federal Government-provided tool (Archer) and to support the project, which facilitates automated enterprise-wide compliance with the NIST Risk Management Framework’s six-step maturity model and Ransomware Framework.
Implementing IHS security event and incident management will provide IHS with the following benefits:
- Better visibility into data to support intelligent, risk-based decisions.
- Cost savings for the OIT portfolio.
- NIST-compliant maturity levels.
- Centralized access and visibility for the highest-level Agency security operations center.
- Improved log retention and log management…
1.1 Scope: The contractor shall provide all personnel, supervision, deliverables, and quality control necessary, except as specified in Paragraph 3.0 as Government Furnished, to perform SSP development tasks, configuring and maintaining M21-31 Splunk SaaS Package and provide the Splunk User Behavior Analysis dashboard, alerts and reports, and help managing Splunk SaaS operations and enhancements support Services, as defined in this PWS…
1.3 Period of Performance (PoP): The Period of Performance shall be one (1) Base Year of 12 months and four (4) 12-month option periods.