The Department of Homeland Security and General Services Administration has named 14 companies to a blank purchase agreement to assist agencies implement risk management framework for cybersecurity.
The companies will compete for task orders. Each BPA has a ceiling of $58 million and can be used by state, local, and tribal governments as well as all defense and civilian agencies.
The BPAs will be used by agencies to implement the risk management framework outlined by the National Institute for Standards and Technology.
Services under the BPAs include security categorization, security control section and implementation, security control assessment, information system authorization, and security control monitoring.