NIH | National Cancer Institute | NCI Wiki  

Error rendering macro 'rw-search'

null

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Contents of this Page


Overview

The NCI ISSO is part of the review process for acquisitions to evaluate if federal cybersecurity (FISMA) language needs to be included in the statement of work (SOW).  In doing this review, the NCI ISSO makes determinations if:

  • The acquisition involves one or more information technology (IT) systems
  • If there is an IT system(s) involved, will it be a Federal system
    • If there is a federal system involved, it will be subject to FISMA requirements
      • What kind of data will the system create, process, store, transmit, or receive? 

      • If there is a federal system, determine categorization (impact level), either Low or Moderate – there are currently no High impact systems at NCI

      • Where will the system be hosted?

    • If not, then no FISMA requirements apply, and the review is complete

ISSO Pre-solicitation Checklist

Pre-solicitation Review

  • Before request for proposal (RFP)


ISSO Pre-solicitation Checklist

Pre-Award Review


ISSO Pre-award Checklist




  • No labels