Safeguarding Information
Safeguarding information refers to protecting electronic information from unwanted access, sometimes known as a breach. The Federal Information Security Management Act (FISMA) requires each federal agency to develop, document, and implement an agencywide program to provide information security and information systems that support the operations and assets of the agency.
An effective information security program for a federal agency should include:
- Policies and procedures that cost-effectively reduce information security risks;
- Backup plans for providing adequate information security for networks, facilities, information systems, or groups of information systems;
- Security awareness training;
- Periodic testing and evaluation of the effectiveness of information security policies, procedures, practices, and security controls;
- Periodic assessments of risk, including the magnitude of harm that could result from the unauthorized access, use, disclosure, disruption, modification, or destruction of information and information systems.
- A process for planning, implementing, evaluating, and documenting remedial actions to address any deficiencies in the information security policies, procedures, and practices; and
- Procedures for detecting, reporting, and responding to security incidents.
Your Agency Has Unique Needs; GSA Offers Many Solutions
Federal agencies have unique missions, run different systems, and operate purchasing plans with diverse levels of contracting expertise. In response, GSA offers a variety of purchasing programs to fit each agency’s requirements. Or purchasers can call upon GSA’s office of specialists who will customize a program for their agency. For assistance, please contact our security-solution contracting experts at securitysolutions@gsa.gov.
Find the Right Vendors and Best Prices - Multiple Award Schedules
GSA’s Multiple Award Schedules (MAS) program offers more than 12 million high-quality products and services at volume-discount prices from thousands of vendors. Agency purchasers can use MAS to efficiently craft a comprehensive security solution.
Vendors Working Together - Contractor Team Arrangements
Consider a Contractor Team Arrangement (CTA) when no single vendor can meet all your security needs. Contractors join a CTA to combine their supplies and/or services to provide a total security solution.
Convenient, No Hassle Reordering - Blanket Purchase Agreements
Blanket Purchase Agreements (BPAs) allow agencies to use a single refillable contract instead of making time-consuming and repetitive individual purchases. Consider a BPA to reduce contracting and open market costs, cut paperwork, and save time.
A Custom-Made Solution - Assisted Acquisition Services
GSA’s Assisted Acquisition Services group offers fee-based scalable support with its technical, financial, and project management resources. The Assisted Acquisition team will create the information technology and services program that works for your agency.
A list of the Schedule contracts relevant to safeguarding information is identified below.
GSA MAS 36 OFFICE, IMAGING AND DOCUMENT SOLUTION
| 47 147 |
Security Applications for Business Machines |
| 51 507 |
Destruction Services |
GSA MAS 520 FINANCIAL AND BUSINESS SOLUTIONS (FABS)
| 520 16 |
Business Information Services |
| 520 17 |
Risk Assessment and Mitigation Services |
| 520 18 |
Independent Risk Analysis |
| 520 19 |
Data Breach Analysis |
| 520 20 |
Comprehensive Protection Solutions |
GSA MAS 70 GENERAL PURPOSE COMMERCIAL INFORMATION TECHNOLOGY EQUIPMENT, SOFTWARE, AND SERVICES
| 132 8 |
Purchase Of Equipment |
| 132 32 |
Term Software License |
| 132 33 |
Perpetual Software License |
| 132 34 |
Maintenance of Software |
| 132 50 |
Classroom Training |
| 132 51 |
Information Technology Services |
| 132 53 |
Wireless Services |
| 132 60A |
Electronic Credentials, Not Identity Proofed (Assurance Level 1 OMB M-04-04) Managed Service Offering |
| 132 60B |
Electronic Credentials, Identity Proofed (Assurance Level 2 OMB M-04-04) Managed Service Offering |
| 132 60C |
Digital Certificates, including ACES (Assurance Level 3 and 4 / OMB M-04-04) |
| 132 60D |
E-authentication Hardware Token |
| 132 60E |
Remote Identity and Access Managed Service Offering |
| 132 60F |
Identity and Access Management Professional Services |
| 132 62 |
Homeland Security Presidential Directive 12 (HSPD-12) Product and Service Components |
GSA MAS 71 FURNITURE
GSA MAS 81 I B SHIPPING, PACKAGING, AND PACKING SUPPLIES
| 617 13 |
Unique Identification (UID)/Radio Frequency Identification (RFID) |
GSA MAS 84 TOTAL SOLUTIONS FOR LAW ENFORCEMENT, SECURITY, FACILITIES MANAGEMENT, FIRE, RESCUE, CLOTHING, MARINE CRAFT, AND EMERGENCY/DISASTER RESPONSE
| 246 35 1 |
Access Control Systems, Door entry control by card access, magnetic proximity |
| 246 35 2 |
Access Control Systems, Door entry control by touch access, dial, digital, keyboard, keypad |
| 246 35 4 |
Access Control Systems, Emergency exit door access/alarm systems for security and/or fire safety |
GSA MAS 874 MISSION ORIENTED BUSINESS INTEGRATED SERVICES (MOBIS)
| 874 1 |
MOBIS Consulting Services |
| 874 2 |
MOBIS Facilitation Services |
| 874 3 |
MOBIS Survey Services |
Last Reviewed 11/20/2009