The National Gallery of Art has released a request for information to identify IT security management firms who could support the 1,000-person organization’s Information Security Continuous Monitoring program.
Following an Office of Management and Budget memo on "Enhancing the Security of Federal Information and Information Systems," the gallery’s information systems security officer has developed a program consistent with OMB policy and National Institute of Standards and Technology guidelines.
To achieve the government's cybersecurity goals, the gallery's program areas include account management, asset management, configuration management, continuity of operations, documentation management, event and incident management, malware management, security training, sensitive information management, and vulnerability and patch management.
Any contractor interested in maintaining the gallery's secure operating environment would need to be able to provide products and services that address these areas and implement a unified IT strategy for the 11 enterprisewide systems and the 50-plus systems used by various departments and divisions.
Firms capable of providing the on-site and remote work needed must submit company information, history, tool set offerings and automation approaches, plus details on equivalent sample projects completed. Proposals are due Oct. 14.
More details on the controls, standards and reports necessary and the full request for information can be viewed on FedBizOps.