Contract Number: 693JK419A600003
Period of Contract: October 31, 2018, through October 30, 2023
In 2018, K2Share was awarded a prime contract on the multiple-award Blanket Purchase Agreement (BPA) for Cyber Security Information & Program Services (CSIPS) for the US Department of Transportation (DOT). Issued out of the DOT Office of the Chief Information Officer (OCIO), K2Share provides Information Assurance Policy, Planning and Security Training Support.
TASK AREA 4: Information Security Policy, and Training Support
Information Security Policy, and Training Support provides the department with subject matter experts to aid in the development and maintenance of policies, standards, directives and requirements to address all requirements and cost-effectively reduce information security risks to an acceptable level throughout the lifecycle of each information system and program support for adhering to the Federal Cyber Security Workforces Assessment Act of 2015.
The Contractor shall perform the following services:
- The Contractor shall provide subject matter expertise in the development of cybersecurity policy, and support in assessing new Federal initiatives, evolving threats and best practices, and audit and compliance information to identify and provide recommendations on changes to existing policies and guidance, or implementation of new policies and guidance.
- The Contractor shall provide support in the assembly of requirements, drafting of cybersecurity guidance and policy, coordination of draft document reviews, facilitation of the adjudication of comments, and preparation of near-FINAL documents for review and signatures.
- The Contractor shall provide support in the development, coordination, and operation of a basic security awareness training program including, but not limited to: development of training requirements; development of draft training content and materials; coordination of publication of training content to the DOT training management system(s); supporting problem resolution for personnel taking the training; aggregating and reporting upon training performance; and recording of training performance within the authoritative training management system(s).
- The Contractor shall provide support in the development, coordination, and operation of a specialized, role-based cybersecurity training program professionals, including, but not limited to: development of draft training content and materials; coordination of publication of training content; developing and supporting the presentation of specialized training courses throughout the year.
- The Contractor shall provide aggregating and reporting upon training performance; and recording of training performance within the authoritative training management system(s); Maintain Security Awareness Training records in CSAM and the training scorecard to ensure that employees (both Government and Contractor) receive security awareness training and role-based information security technical training as required and maintain records of training.
- The Contractor shall provide support in the development, coordination, and implementation of National Cybersecurity Awareness Month presentations and activities to include but not limited to: participation on program calls for the national Stop! Think! Connect! Campaign; development of presentation materials; development and coordination of event plans, schedules, speakers and facilities to ensure a timely and smooth implementation of the event(s); coordination with other cybersecurity stakeholders as appropriate for the development and presentation of awareness sessions and content.
For more information about the program, visit the DOT OCIO Cybersecurity, Privacy and Information Assurance Technology Operations and Infrastructure web site.