Overview
The NCI ISSO is part of the review process for acquisitions to evaluate if federal cybersecurity (FISMA) language needs to be included in the statement of work (SOW). In doing this review, the NCI ISSO makes determinations if:
- The acquisition involves one or more information technology (IT) systems
- If there is an IT system(s) involved, will it be a Federal system
- If there is a federal system involved, it will be subject to FISMA requirements
- If not, then no FISMA requirements apply, and the review is complete
ISSO Pre-solicitation Checklist
Pre-solicitation Review
- Before request for proposal (RFP)
ISSO Pre-solicitation Checklist
Pre-Award Review
ISSO Pre-award Checklist