SAM #HHM402-2X-RMIC

Enterprise Risk Management and Internal Control Support Services for DIA

The Virginia Contracting Activity (VaCA), supporting the Defense Intelligence Agency (DIA), is seeking industry input for a multi-year Blanket Purchase Agreement (BPA) for Risk Management and Internal Control (RMIC) Support Services. - Government Buyer: - Defense Intelligence Agency (DIA), Virginia Contracting Activity (VaCA) - OEMs and Vendors: - No specific OEMs or vendors are named; ServiceNow is referenced as the required platform for Integrated Risk Management (IRM) - Products/Services Requested: - Enterprise-wide support for ERM and RMIC activities in highly classified (TS/SCI) environments - Services include risk assessment, control testing, deficiency reporting, corrective action support, assurance statement preparation, and quality control - Coverage across domains: Internal Control Over Reporting for Financial Reporting (ICOR-FR), Financial Systems (ICOR-FS), Management Operations (ICOR-O), non-financial IT systems, ERM, Fraud Risk Management (FRM), and Supply Chain Risk Management (SCRM) - Use of ServiceNow IRM system for risk management activities - Key personnel required: Program Manager and RMIC Technical Lead with specific qualifications - Unique/Notable Requirements: - Strict TS/SCI security clearance for all personnel - On-site work in the National Capital Region - Compliance with DoDI 5010.40, OMB Circular A-123, GAO Green Book, GAO FRM Framework, and SCRM requirements - Experience with ServiceNow IRM platform is emphasized - Multi-year BPA structure: 12-month base period plus four 12-month option periods

Description

Request for Information (RFI) – Risk Management and Internal Control (RMIC) Support Services

THIS IS A SOURCES SOUGHT NOTICE, REQUEST FOR INFORMATION (RFI). This is not a Request for Proposal (RFP) or Request for Quote (RFQ). This request for capability information does not constitute an RFP or RFQ and does not commit the Government to contract for any supply or service, whatsoever. Further, the Virginia Contracting Activity (VaCA) is not at this time seeking proposals or quotes and will not accept unsolicited proposals or quotations. Submission of any information in response to this market survey is purely voluntary.

However, responses received will assist the Government if solicitation is issued in the future. The government assumes no financial responsibility for any costs incurred associated with this request for capability information. Not responding to this sources sought does not preclude participation in any future RFP or RFQ, if any is issued. Potential offerors are responsible for monitoring government websites such as GSA or SAM for any potential opportunities. Responses do not guarantee award nor exclude/include your company in any potential acquisition process. No feedback or evaluations will be provided to companies regarding their submissions.

This RFI is being used as a Market Research tool for informational purposes and for preliminary planning purposes to identify potential sources that possess the required experience and expertise to provide the required support. Small and large businesses are encouraged to respond.

1.  INTRODUCTION:

The Virginia Contracting Activity (VaCA) invites interested contractors to respond to this Request for Information (RFI) for RMIC Support Services in support of the Defense Intelligence Agency (DIA). VaCA seeks information from qualified industry sources capable of providing enterprise-wide Enterprise Risk Management (ERM) and Risk Management Internal Controls (RMIC) support in highly classified environments.

This RFI is part of VaCA’s market research efforts to better understand industry capabilities, innovative approaches, and best practices for Federal ERM and RMIC activities in accordance with DoDI 5010.40, OMB Circular A-123, GAO Green Book, GAO Fraud Risk Management (FRM) Framework, and Supply Chain Risk Management (SCRM). Information received may be used to shape acquisition strategy, refine technical requirements, evaluate small business opportunities, and support development of a future solicitation.

2. PURPOSE:

VaCA is conducting market research to inform of a potential upcoming acquisition for RMIC Support Services. VaCA expects to award a multi-year Blanket Purchase Agreement (BPA) to one or more sources for this initiative. Attachment 1 is the draft Performance Work Statement (PWS) for the BPA. The PWS may be updated on information gathered from this RFI based on industry review and comment.

3.  BACKGROUND:

In accordance with DoDI 5010.40, DIA is required to maintain an integrated Enterprise Risk Management (ERM) and Risk Management and Internal Control (RMIC) program. DIA requires support to plan, execute, and document ERM and RMIC activities across all applicable domains, including:

Internal Control Over Reporting for Financial Reporting (ICOR-FR) Internal Control Over Reporting for Financial Systems (ICOR-FS) Internal Control Over Reporting for Management Operations (ICOR-O) Non-financial information technology systems ERM FRM, including payment integrity requirements SCRM

Please view the attached document for a fill description of the RFI and Draft PWS. 

View original listing