Information System Security Officer (ISSO) Requirement

The opportunity described in the first document is for a Security Assessment and Authorization (A&A) Guidance contract. The purchase agency is the Office of the Chief Information Officer (OCIO) within the Library of Congress (LOC). They are purchasing this guidance to ensure the appropriate security and privacy controls are selected, implemented, assessed, and monitored on an ongoing basis for the information systems supporting the Library's mission and business functions. The timeframe of the acquisition is not specified in the document. The place of performance/delivery is within the Library of Congress.

The second document is for an Information Technology Security Directive contract. The purchase agency is the Office of the Chief Information Officer (OCIO) within the Library of Congress (LOC). They are purchasing this directive to establish general information technology security policies and requirements for the organization. The effective date of this directive is July 8, 2020. The place of performance/delivery is within the Library of Congress.

The third document is for an Information Security Continuous Monitoring Guidance contract. The purchase agency is the Office of the Chief Information Officer (OCIO) within the Library of Congress (LOC). They are purchasing this guidance to establish a continuous monitoring program that monitors the security health of their IT systems on a near real-time basis. The effective date of this guidance is February 10, 2020. The place of performance/delivery is within the Library of Congress.