SAM #RFQ-CO-424362-IR

NATO Framework Agreement for Incident Response Services and Surge Capacity

This opportunity invites U.S. industry to participate in a NATO procurement for cyber incident response and surge capacity services. - Agency: Bureau of Industry and Security (BIS), U.S. Department of Commerce, facilitating for NATO Communications and Information Agency (NCIA) - Scope: Framework Agreement for Incident Response (IR) services and surge capacity - Schedule A: IR services via prepaid retainer credit model - 24/7/365 operational readiness - Surge capacity for remote and on-site support - Managed through contractor-owned platform - Schedule B: On-demand cyber security services - Proactive and reactive incident handling - Services procured from a catalogue in the Statement of Work - Duration: Three years, with annual renewal of IR Retainer via Task Orders - Requirements for U.S. prime contractors: - Professionally active facility in the U.S. - Facility Security Clearance (FCL) at SECRET or higher - Pre-approval for NATO Competitive Procurement (NCP) - Declaration of Eligibility (DOE) issued by DOC - Registration with NCIA's Neo eProcurement tool - Personnel clearances for unescorted work in Class II Security areas - No specific OEMs or vendors named; open to qualified U.S. firms - Place of performance includes Belgium (NATO HQ/NCIA) - Contracting office: Bureau of Industry and Security, U.S. Department of Commerce

Description

The NATO Communications and Information Agency (NCIA) intends to issue a Request for Quotation (RFQ) to establish a Framework Agreement for the provision of Incident Response (IR) services and surge capacity. Under the Agreement, NCIA will engage qualified industry partners to provide NATO with immediate access to specialized expertise, advanced technologies, and scalable resources to effectively prepare for, manage, mitigate, and recover from cyber security incidents.

Potential U.S. prime contractors must 1) maintain a professionally active facility (office, factory, laboratory, etc.) within the United States, 2) hold a Facility Security Clearance (FCL) at the level of SECRET or higher, 3) be pre-approved for participation in NATO Competitive Procurement (NCP), 4) be issued a Declaration of Eligibility (DOE) by the Department of Commerce (DOC), and 5) register with NCIA’s eProcurement tool, Neo: https://www.ncia.nato.int/business/procurement/neo-eprocurement 

In addition, contractor personnel will be required to work unescorted in Class II Security areas. Therefore, access can only be permitted to cleared individuals. Only companies maintaining such cleared facilities and the appropriate personnel clearances will be able to perform the resulting contract.

The reference for the RFQ is RFQ-CO-424362-IR and all correspondence concerning the RFQ should include this reference.

DESCRIPTION OF REQUIREMENT

The Framework will be divided into two Schedules to reflect the nature of the IR requirements of NCIA:

Schedule A - IR Retainer: IR services will be procured via a prepaid retainer credit model. The retainer will cover 24/7/365 operational readiness and surge capacity for remote and on-site support. The IR Retainer credits will be managed through a Contractor-owned platform, providing an overview of available and spent credits, a top-up and carry-over mechanism, and monthly reporting. The IR Retainer will be renewed annually via Task Orders.

Schedule B - On-Demand Cyber Security Services: NCIA will procure cyber security services for proactive and reactive incident handling from a non-exhaustive catalogue included in the SOW. The services will be procured on an as-needed basis and requested via Task Orders. Each Task Order shall define the scope, objectives, deliverables, required personnel and clearances, and place of performance for each requirement.

The IDIQ Contractor(s) shall deliver both Schedule A and Schedule B services for the duration of the Framework Agreement, which is expected to be for a 3-year period.

BECOMING ELIGIBLE TO BID

NCP requires that the U.S. Government issue a DOE for potential U.S. prime contractors interested in this project. Before the U.S. Government can do so, however, the U.S. Government must approve the U.S. firm for participation in NCP.  U.S. firms are approved for NCP on a facility-by-facility basis. 

The U.S. NCP application is a one-time application.  The application requires supporting documentation in the form of 1) a company resume or capability statement indicating contracts completed as a prime contractor and 2) an annual report or set of financial documents indicating compilation, review, or audit by an independent CPA.

U.S. firms can download a copy of the U.S. NCP application from the following website:

https://www.bis.gov/about-bis/bis-leadership-and-offices/SIES/business-opportunities-nato 

DOC is the U.S. Government agency that approves NCP applications. Please submit to the email address provided your application and supporting documentation (as attachments). If your firm is interested in a specific NCP project, please also include the following in the TEXT of your email:

- the title and/or solicitation number of the project - the name/phone/email of the company employee who should receive the bid documents

After approval of your one-time NCP application, DOC will then know to follow up by issuing a DOE for the project.  DOC will transmit the DOE to the NATO contracting agency.  

IMPORTANT DATES:

Request a DOE (and, for firms new to NCP, submit the one-time NCP application): 04 June 2026

NCIA distributes the RFQ (planned): 30 June 2026

Bid Closing (anticipated): 15 August 2026

Contract Award (estimated): 15 November 2026  

View original listing