GSA awards risk analysis services contracts

The General Services Administration has awarded blanket purchase agreements to two companies to provide risk analysis services for government agencies.

The contracts are part of an effort to help agencies respond more quickly to data breaches, according to a memo to agency executives signed by Karen Evans, the Office of Management and Budget’s administrator for e-government and information technology, and Paul Denett, administrator of the Office of Federal Procurement Policy.

The BPAs focus on “the government’s need for independent risk analysis documenting the level of risk for potential misuse of sensitive information associated with a particular data breach,” Evans and Denett wrote.

GSA, on behalf of OMB, awarded five-year contracts to Identity Theft Guard Solutions and SRA International.

The companies will offer several risk analysis services, including metadata analysis, pattern analysis, data breach analysis and response, privacy impact analysis, statistical analysis, and reports on the probability that compromised data has been used to cause harm.

Agencies must review the BPAs before moving forward with another contract, the memo states. If an agency decides to use something other than the BPAs, it must notify GSA and Evans’ office to explain how another contract offers better value and describe the pricing, terms and conditions. The agency submit the justification 10 days before making an award, unless there is an urgent need to move more quickly.

OMB required agencies to use risk analysis tools and report their findings to congressional oversight committees in a May 22, 2007, memo about safeguarding against and responding to data breaches.

Featured

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

  • IT Modernization
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    VA plans 'strategic review' of $16B software program

    New Veterans Affairs chief Denis McDonough announced a "strategic review" of the agency's Electronic Health Record Modernization program of up to 12 weeks.

Stay Connected