GSA’s Information Technology Schedule will have 4 new categories, known as Special Item Numbers (SINs), beginning on October 1st, specifically for Highly Adaptive Cybersecurity Services:
132-45A Penetration Testing
132-45B Incident Response
132-45C Cyber Hunt
132-45D Risk and Vulnerability Assessment
Current Schedule 70 vendors that offer these types of services will be required to migrate those services to the new SINs.
In addition to providing a narrative description of services, companies will also be evaluated via an oral exam, where they will explain their way through a variety of scenarios set by a GSA panel. These oral evaluations are required for all vendors who want to offer cyber-security services, even if they already hold a Schedule 70 contract.
Fact Sheets, SIN Descriptions and Oral Evaluation Criteria are available from GSA.