Field Operations & CUstomer Support (FOCUS)

TSA PRE-SOLICITATION NOTIFICATION

The Transportation Security Administration (TSA), a component of the Department of Homeland Security (DHS), is responsible for protecting our Nation's transportation systems to ensure freedom of movement for people and commerce. These statutory responsibilities encompass providing the most effective transportation security in the most efficient way possible as a high-performing counterterrorism organization. To enhance mission performance and achieve its shared goals, TSA is committed to promoting a culture founded on integrity, innovation, and team spirit.

In support of TSA's mission, the Information Technology (IT) office provides world-class information technology services. Field Operations & CUstomer Support (FOCUS) will establish a new Task Order to provide the TSA enterprise-wide Single Point of Contact Information Technology help desk and headquarters/field Information Technology Specialist support.

1. Purpose

TSA is announcing the intention to make available to interested GSA Multiple Award Schedule (GSA MAS) vendors a Virtual Reading Room (VRR), which will contain documents pertinent to the upcoming solicitation for FOCUS. The VRR will likely contain Sensitive Security Information (SSI). Therefore, access to the VRR will be restricted to vendors and individuals that have been approved by TSA. The purpose of this notice is to announce the VRR and rules regarding access to the VRR.

2. Requirements Background and Overview

TSA's IT infrastructure and engineering are currently supported by the IMPACT II task order. The IMPACT II task order provides the skill sets necessary to operate and maintain the TSA IT Enterprise to include supporting engineering and development. TSA determines all development and engineering included in the enterprise to support its end-users. The TSA IT Enterprise supports approximately 85,000 employees and contractors at various locations, including TSA Headquarters (HQ) currently located in Springfield, VA; approximately 440 airports and Federal Security Director (FSD) offices; international support sites; and numerous other mission critical centers and locations. Approximately 85 percent of TSA users consist of a combination of Transportation Security Officers (TSOs) and Federal Law Enforcement Officers (LEOs), while other TSA staff includes TSA HQ employees and field security operations management and administrative support personnel.

3. TSA Provision Vendor Access to Sensitive Security Information, (SSI), Necessary for Proposal Preparation

Background. SSI may be available to vendors in preparing responses to this acquisition. Potential Offerors must obtain specific authorization in order to obtain SSI[1]. SSI will not be available or otherwise provided or disclosed to any person not specifically authorized to receive it. SSI provided under this acquisition may only be used to satisfy acquisition requirements.

Senior Corporate Official. Each Prime vendor must separately designate in writing to the Contracting Officer (CO) a single, corporate official who will serve as the single point of contact for sensitive information. This individual must certify that all appropriate protections will be followed; only authorized individuals will have access to the sensitive information; and that those individuals adequately understand their responsibilities to protect the information. This official must also certify to the Contracting Officer every (60) days that all appropriate protections have been followed; only authorized individuals have access to the sensitive information; and that those individuals with access adequately understand their responsibilities to protect the information. A copy of this certification shall also be e-mailed to FOCUS-VRR@tsa.dhs.gov and tsacp.eitdiv.FOCUS@tsa.dhs.gov. These official e-mails will also ensure that the Contracting Officer is notified of staffing changes or circumstances in which individuals no longer need access to the information.

The vendors will ensure appropriate technical and operational measures taken to ensure unauthorized or unlawful processing, distribution, and protection of TSA SSI data to include the review and audit process of personnel approved to access the VRR.

Offeror Responsibility. The Contracting Officer will review the Excluded Parties List (EPL), Dun and Bradstreet (D&B) Unique Entity ID, and the Central Contractor Registry (SAM.gov) to ensure that the corporate entity would not otherwise be precluded from receiving a task order award if the vendor submits a proposal. While this review does not replace the responsibility determination required by FAR Part 9, it may prohibit Offerors from receiving SSI information during the solicitation phase of the acquisition.

Criteria for Release. As part of this acquisition, SSI may only be accessed by individuals which have successfully passed a Security Threat Assessment. This assessment may include a verification of site facility clearance in the National Industrial Security Program (NISP), contractor suitability determination or other federal background investigation, individual security clearance(s), and if required, a Criminal History Records Check (CHRC) and/or a check against terrorism databases. TSA reserves the right to terminate access without notice at any time. In the event that a proposed individual does not successfully complete the Security Threat Assessment or an individual that passed the Security Threat Assessment is no longer employed by the vendor, the vendor may propose a replacement. The proposed replacement must be vetted in the same manner described below. The review and acceptance of the corporate entity Data Protection Plan will also be required.

Information Requirements. Consistent with the criteria release described above, vendors' Senior Corporate Officials must provide the appropriate information to the TSA as identified below. Note that this requirement applies likewise to any prospective subcontractor, joint venture partner, or team company whose access to the specified SSI and consequent input into the planned proposal is necessary to prepare and complete the proposal. All information must be e-mailed to FOCUS-VRR@tsa.dhs.gov with a carbon copy to and tsacp.eitdiv.FOCUS@tsa.dhs.gov.

1. Senior Corporate Officials shall provide the Contracting Officer via e-mail with the Commercial and Government Entity (CAGE) code of the Offeror's facility that will manage the proposal, company Unique Entity ID number, and address;
2. Senior Corporate Officials will provide the Contracting Officer via e-mail the corporate entity Data Protection Plan for safeguarding SSI. (this document should be password protected, and the password provided to the Contracting Officer in a separate e-mail); and

Senior Corporate Officials shall provide the following information for all employees who require access to SSI in a single password protected Microsoft Excel spreadsheet e-mailed to FOCUS-VRR@tsa.dhs.gov with a carbon copy to and tsacp.eitdiv.FOCUS@tsa.dhs.gov.

3. The password for the password protected spreadsheet shall be sent in a separate e-mail, at the same time.

• Employee Full Name:
• Employee's Individual Company E-mail Address:
• Employee's Individual Company Phone Number:
• Employee Sex: (i.e., Male or Female)
• Employee Birth Date:
• Employee Citizenship:
• Social Security Number (SSN):
• Indication of whether any nominated employees have:
  • Previously received a TSA suitability determination;
  • Undergone a federal background investigation; or
  • Possess an individual security clearance.

*All interested GSA MAS vendors are hereby directed to submit to TSA a list of no more than three (3) individuals, (from Prime, subcontractor, and/or team members) who must successfully complete a Security Threat Assessment prior to being granted access to the VRR. To ensure that your request is reviewed by the Government, please submit your list by Thursday, 18 December, 2025 at 08:00 AM EST. Vendors may submit requests after the designated submission deadline of Thursday, December 18, 2025, at 8:00 AM EST; however, approval and access to VRR may be delayed for submissions received after this date.

Once all individuals successfully clear the TSA Security Threat Assessment, an e-mail will be sent to Senior Corporate Officials from FOCUS-VRR@tsa.dhs.gov with information and instructions on access to the VRR.

Privacy Act Statement. TSA will use the information provided to conduct a security threat assessment on individuals who seek access to SSI. The information will be shared within DHS with personnel who need the information to perform their official duties. Additionally, DHS may share the information with law enforcement, intelligence, or other government agencies as necessary to identify and respond to potential or actual threats to transportation security in accordance with the routine uses identified in the applicable Privacy Act System of Records Notice (SORN), DHS/TSA 002, Transportation Security Threat Assessment System (T-STAS). This SORN was last published in the Federal Register on August 11, 2014, and can be found at 79 FR 46862; Authority: 49 USC

114. Furnishing this information is voluntary. However, failure to furnish the requested information may delay or prevent the completion of your security threat assessment, without which you may not be granted access to the SSI.

Notification of Assessment. If it is determined that covered individuals are not eligible to receive access to particular SSI based on the threat assessment, TSA will provide the individuals and company point of contact a written determination that provides notification that the individual does not qualify to receive SSI. Appeal of the determination will not be permitted due to the time sensitive nature of the acquisition process; however, the potential Offeror may nominate another individual to receive SSI access. In the event that an individual is determined to be a security threat and the individual believes that the results of the screening are inaccurate, he or she will be informed by TSA on how to pursue redress from TSA; however, due to the demanding acquisition schedule, TSA will not delay an acquisition to resolve redress issues.

Non-Disclosure Agreements. Each vendor employee requesting access to SSI as specified herein will be required to execute a Non-Disclosure Agreement (DHS Form 11000-6) (attached). The executed forms shall be provided with and as part of the submission of information reflected in the Information Requirements section above. The vendor should understand that employees granted access to SSI and signing a non-disclosure agreement are bound by the terms of that agreement indefinitely, notwithstanding their employment status or any other background checks or clearances granted by any Government agency.

Return of SSI. Any SSI provided to the Offeror must be returned to the Government and verified by the Government prior to the beginning of proposal evaluations. Any Offeror not returning SSI provided directly to them will be subject to penalties as prescribed by law and otherwise rendered ineligible for further consideration in the evaluation.

4. Access to the TSA Virtual Reading Room

Each employee vendor determined eligible to receive access to SSI shall be e-mailed individually for the release of their TSA VRR login credentials and details regarding how to access the TSA VRR. Please note that sharing of TSA VRR login credentials to others not specifically granted access to SSI is strictly prohibited.

5. Schedule

TSA intends to release a Draft RFP Instructions in late December 2025. Vendor comments, in response to the Draft Documents, will be accepted by the Government. We appreciate your company's interest in doing business with TSA and look forward to your continued support.