Credentialing Management Services Request for Information

I. Introduction

The Transportation Security Administration (TSA), an operational component of the Department of Homeland Security (DHS), protects the nation's transportation systems with the mission of ensuring freedom of movement for people and commerce. TSA's Enrollment Services and Vetting Programs (ESVP) requires Credential Management Support (CMS) that will focus on technical expertise for credentials issued using the TSA's Security Threat Assessment (STA). The technical support will focus on, but is not limited to, the efficiency and effectiveness of the Transportation Worker Identification Credential (TWIC ) program and specifically address supporting the credential production, issuance, and reliability testing of a derived (digital or physical) credential. The support contract will further focus on smart card technology, physical and logical access control systems, including fixed and mobile biometric/credential readers, credential security features, smart card data models and specifications, credential diagnostics and evaluation, certificate authorities and encryption, enrollment services, identity verification, and authentication technology standards. Furthermore, it will explore capabilities, identifying anomalies, and vulnerabilities to the program.

The TSA seeks to gain knowledge of market capabilities, identify qualified vendors, and better develop an acquisition strategy and is seeking input from industry regarding an upcoming requirement for credentialing and management support. The TSA anticipates that the period of performance for this requirement will be for a total of five (5) years consisting of one (1) base year and four (4) option years. The anticipated award date is FY26 Q4.

II. Technical Requirements

This scope of work requires the contractor to provide technical expertise with respect to credential management strategy, operations, and testing initiatives. Areas of expertise may include, but are not limited to: biometric identification and authentication, smart card technology, physical and logical access control systems, including fixed and mobile biometric/credential readers, credential security features, smart card data models and specifications, credential diagnostics and evaluation, derived (digital or physical) credentialing, certificate authorities and encryption, enrollment services, identity verification, and authentication technology standards.

III. Request For Information (RFI)

The anticipated North American Industry Classification System Code (NAICS) for this requirement is 541690 Other Scientific and Technical Consulting Services. This RFI Synopsis is requesting responses from businesses that can provide the required services under the NAICS Code 541690.

IV. Attachments

Attachment 1 Draft CMS Performance Work Statement (PWS)

Attachment 2 Request for Capability Questions

V. Response Instructions

All interested and qualified parties are encouraged to respond to this notice in accordance with the instructions addressed herein.

The information requested in support of this RFI must be prepared in electronic format in either Microsoft Word (compatible with 2016) or PDF format. Responses shall be prepared using Times New Roman, 12- point font, 1-inch margins, and 8.5 by 11 paper. Fonts and sizes for graphics, charts, displays and tables submitted in either Times New Roman or Arial will be accepted with a minimum font size of 10pt.

Responses must have a cover letter that includes the following Company information:
1) Company name
2) Company address
3) Unique Entity ID (UEI) Number
4) Point of contact (POC) name and Title
5) POC telephone number
6) POC email address
7) Company Business Size and Socio-Economic Status Information
8) Contract vehicles that would be available to the Government for the procurement of the service, such as GSA 8(a) STARS, GSA IT 70, or any other Government Strategic Sourcing Vehicles or Government-wide Acquisition Contracts, including Contract #(s), your company currently holds.

The vendor or respondent should include any Government-wide Acquisition Contract (GWAC) details (regardless of Best-in-Class (BIC) status) it has including the contract number, small business category, title, and period of performance. For instance, if the vendor has a GSA Multiple Awards Schedule this information should be in the RFI response as well. The GWAC should be applicable to the scope of work stated in the attached PWS.

Responses shall not exceed 10 pages in length including all images, data displays, charts, graphs, and tables (excluding cover page). The submission of standard marketing material is acceptable but will be considered in the page length.

VI. Disclaimer

This RFI is issued solely for market research, planning, and informational purposes in order to assist industry in planning and TSA in assessing interest in the TSA CMS requirement. Any subsequent Request for Proposal (RFP) will take precedence and define the requirement. The RFI notice will be used to determine the capability of potential sources and the availability of commercial sources pursuant to FAR Part 10. The Government will review vendor responses/questions for market research purposes only.

This RFI does not commit the U.S. Government to any course of action in the future. The Government will protect the information shared in the RFI response from disclosure to other parties. Each respondent, by submitting a response to the RFI agrees that any costs incurred in responding to the request or in support of activities associated with this RFI shall be the sole responsibility of the respondent/vendor. The Government shall incur no obligations or liabilities whatsoever, to anyone, for costs or expenses incurred by the respondent/vendor in responding to this RFI.