THIS IS A REQUEST FOR INFORMATION (RFI) ONLY. There is no solicitation available at this time. This RFI is issued for the purpose of conducting market research in accordance with the Federal Acquisition Regulation (FAR) Part 10. This RFI is being conducted in order to identify potential small business concerns and other than small business concerns capable of answering the discussion elements below while providing capability examples of their business solutions. The Federal Government will not pay for any materials provided in response to this notice. If a solicitation is later released, it will be synopsized accordingly. It is the potential business concern’s responsibility to monitor this site for the release of any synopsis or solicitation.

The Transportation Security Administration (TSA) is requesting information concerning those sources capable of providing and maintaining a Public Transportation Information Sharing and Analysis Center (PT ISAC) or its technical equivalent, while developing Mass Transit and Passenger Rail security-related recommended practices, guidelines, and white papers. Providing and maintaining a PT ISAC entails an operational incident reporting, threat-monitoring, and information sharing mechanism. Daily, situational engagement of the full spectrum of public and private sector transportation is required. This includes areas of over-the-road bus, light rail, commuter rail, subway, waterborne services, and inter‑city and high-speed passenger rail. Likewise, the development of security-related recommended practices, guidelines, and white papers for the Mass Transit and Passenger Rail industry is an integral component of TSA's Mass Transit and Passenger Rail mission.

TSA anticipates that any acquisition which may come about as a result of this RFI would likely adhere to those procedures outlined in FAR Part 12 – Acquisition of Commercial Items. Prospective contractors must be registered in the System of Awards Management (SAM) database in order to be eligible for consideration.

If, after careful review of the attached Statement of Work and the questions below, you believe your firm is capable of addressing/fulfilling the stated Requirements, please indicate your interest by sending a capability statement via e-mail (only) no later than COB, 06 December 2021, to

Your capability statement must address the items listed in sections I, II, III, and IV, below.

I. Contractor Information / Identification
a. Company name and commercial and government entity (CAGE) code
b. If applicable, GSA FSS Contract Number
c. Address
d. Phone Number
e. Fax Number
f. E-mail address
g. Point of Contact information
h. If applicable, a website address that provides additional information about the business
i. Identify your company type: e.g., a large or small, small disadvantaged, 8a, veteran-owned small business, service‑disabled veteran‑owned small business, woman-owned small business, Native American and/or HUBZone business that is supported by a current registration status of active in the System for Award Management (SAM).
j. Your company's DUNS number.

II. Your capability statement should demonstrate a firm understanding of the discussion elements, while addressing the following:
a. Provide a brief history of your business, to include organization structure, experience in providing the services outlined in the attached statement of work.
b. Address possible innovative approaches you would recommend.
c. Describe subcontractors typically used in fulfillment of contracts.
d. Describe how your current commercial/federal contracts (if applicable) are structured.
e. Describe previous, successful efforts of a similar size, scope and complexity.

III. Requirements – Specific Questions – Information Sharing and Analysis Center (ISAC)

  1. Has your company ever worked on or within an Information Sharing and Analysis Center?
  2. Is your company prepared to demonstrate a depth of experience, expertise, and capability to produce and disseminate analytical products such as security recommendations, summaries, and analytical assessments as described in the draft statement of work?
  3. Does your company currently produce or offer, or is it positioned to produce or offer any or all of the following? If so, please describe what your company has or can offer:
    1. Transit and Rail Intelligence Awareness reports
    2. Daily Open Source Cyber reports (Cyber Daily)
    3. Monthly Cyber Threat Trends analysis
    4. Special analysis of major incidents or events
  4. Does your company possess a secure means of sharing security information – anonymously or otherwise? Please describe both your previous experience as well as your current capability.
  5. Has your company ever partnered or shared information with the Surface Transportation ISAC?
  6. Does your company currently share intelligence with the U.S. Intelligence Community? If so, please describe your experience in this context.
  7. Does your company possess the capability and the experienced personnel to "push" information to a wide swath of subscribers, or members?
  8. Is your company familiar with the Homeland Security Information Network (HSIN)? Has your company ever accessed or utilized HSIN? For what purpose?
  9. What is your company's experience with managing and working in environments like the Homeland Security Information Network (or similar entities)?
  10. Describe your company's current relationships with the Mass Transit and Passenger Rail and Over-the-Road Bus communities and how it would handle distribution lists of members, partners, and support contacts.
  11. Describe your company's ability to obtain intelligence and information from sources and organizations with which you have professional rapport. Please demonstrate your company's current, working relationship with any of the following:
    1. private sector resources (Rail Information Security Committee, Railway Alert Network, 3,500 + members)
    2. The Department of Homeland Security, including the Transportation Security Administration
    3. The Department of Transportation
    4. The Federal Bureau of Investigation
    5. regional, State, and local Fusion Centers and law enforcement agencies
    6. The Cybersecurity and Infrastructure Security Agency

IV. Requirements-Specific Questions – Recommended Practices/Standards

  1. What is your company's depth of expertise in developing recommended practices, guidelines, and/or white papers in areas such as public transportation?
  2. Describe the state of your company's current relationship with representatives of the mass transit and passenger rail community? Are these relationships extensive, national in scope?
  3. How would your company develop recommended practices, guidelines, and/or white papers to address a wide variety of mass transit and passenger rail security initiatives?
  4. Describe parameters related to any necessary transition period required should TSA enter into a business arrangement with your firm to fulfill the requirements of the draft statement of work.
  5. Would a transition period be necessary for your firm to begin to fulfil the requirements?

Please furnish any and all recommendations and or questions related to the draft statement of work.

Remember also to please indicate your interest in this opportunity by sending a capability statement via e-mail (only) no later than COB, 06 December 2021, to