Transformation Support Services 2.0 VA-24-00022828   2

Background
The solicitation is for Transformation Support Services for the VA, specifically related to Vulnerability Management Plan, Remediation of Aged Critical and High Vulnerabilities, Remediation of Known Exploited Vulnerabilities, Information System Vulnerability Management Plan (ISVMP) v2.0, Hardware Asset Alignment to eMASS System Boundaries, Continuous Monitoring for Vulnerabilities, End of Life (EOL) Policy and Transition Plans, Enterprise Patch and Vulnerability Support, Baseline Configuration Process Support, CRISP Field Operations Support, Local CRISP Onsite Support, Tier Level 1 and 2 Onsite Support, Enterprise Security and Analysis Support, Integrity and Availability Support, Zero Trust First Strategy Implementation, and Unauthorized Software Management and Analysis.

Work Details
The tasks include developing and implementing vulnerability management plans, providing enterprise-level patch and vulnerability management support, managing enterprise secure configuration baseline (ESCB), providing CRISP field operations support services, providing local CRISP onsite support, providing tier level 1 and 2 onsite support for technical and security issues at VA facilities. Additionally, the tasks include providing security management and analysis support utilizing existing datasets from various system dashboards to start trending and analyzing patch and vulnerability remediation efforts throughout VA. The tasks also include providing configuration management services for asset management & continuous monitoring, security assessment & authorization (CA), system & information integrity (SI), risk assessment (RA), protecting information & data through encryption mechanisms and access control. The contractor is also required to provide support for unauthorized software remediation tasks including analyzing existing processes in monitoring, installing, and removing unauthorized application software on agency devices.