Technology for Applications, Logistics, Operations, and Networks (TALON)

The Transportation Security Administration (TSA) is announcing a pre-solicitation notification for its upcoming Technology for Applications Logistics, Operations, and Networks (TALON) IT engineering services Blanket Purchase Agreement (BPA). To facilitate proposal preparation, TSA will provide access to a Virtual Reading Room (VRR) containing Sensitive Security Information (SSI). Access to the VRR is restricted to GSA Multiple Award Schedule vendors and individuals approved by TSA. Vendors must designate a Senior Corporate Official to manage SSI, ensure protections, and certify compliance every 60 days. Access requires a successful Security Threat Assessment, which may include background checks and security clearances. Vendors must provide specific company and employee information, including a Data Protection Plan, by December 16, 2025, to gain VRR access. A Non-Disclosure Agreement is mandatory for all individuals accessing SSI, which must be returned to the government before proposal evaluations.

The “DRAFT EVALUATION CRITERIA FOR TALON” outlines a two-phase evaluation process for prospective contractors. Phase 1, heavily weighted, focuses on “Experience / Capability” and involves three detailed questions assessing the contractor's ability to manage complex engineering projects within a 24x7x365 operational environment like TSA, supporting over 55,000 users and approximately 40 concurrent projects. Key areas include handling O&M contractor inexperience, resolving post-transition failures, and managing multiple projects simultaneously. Phase 2, “Technical Oral Presentation,” requires contractors to respond to four technical questions and two on-the-spot questions. These questions delve into managing critical incidents, structuring integrated master schedules for diverse IT projects, ensuring proper staffing and mitigating workforce disruptions, and transitioning pricing models from T&M/LH to Firm Fixed Price. The overall purpose is to assess a contractor's technical approach, project management skills, and operational readiness to meet the demanding requirements of the TSA environment.

The Transportation Security Administration (TSA) is issuing a Request for Quotation (RFQ) for a single-award Blanket Purchase Agreement (BPA) for Technology for Applications, Logistics, Operations, and Network (TALON) services, providing information technology engineering. The BPA, estimated at $125.6 million, will have a one-year base period and four one-year option periods, with firm-fixed-price orders preferred. It utilizes the General Services Administration (GSA) Multiple Award Schedule (MAS) Information Technology Professional Services (54151S). The BPA outlines specific requirements for contractor personnel, including mandatory training, airport location requirements, contingency/continuity of operations support, security clearances (including for foreign nationals), and handling Sensitive Security Information (SSI). It details administrative functions, invoicing procedures through the U.S. Coast Guard Finance Center, and performance assessment reporting (CPARS).

The Transportation Security Administration (TSA) released a draft Statement of Objectives (SOO) for its Technology for Applications, Logistics, Operations, and Networks (TALON) Blanket Purchase Agreement (BPA). This document outlines the need for robust engineering and technical services to support TSA’s IT strategic mission goals, including architecture, project management, design, integration, testing, training, implementation, and transition support. The scope covers various IT and operational technology (OT) domains, such as system design, security engineering, modernization, system upgrades, communication systems, and AI/Machine Learning integration. The BPA emphasizes the development of an Integrated Master Schedule, adherence to Section 508 accessibility requirements, and the provision of a Quality Control Plan. The period of performance for this BPA is 5 years.

The TALON document outlines comprehensive cybersecurity, data privacy, and IT infrastructure requirements for contractors working with the TSA. It emphasizes compliance with federal directives like DHS 4300A, NIST SP 800-53, and FedRAMP standards for cloud services. Key requirements include stringent security clearances, non-disclosure agreements, continuous monitoring, risk management framework adherence, and annual cybersecurity training for all personnel. Contractors must safeguard Controlled Unclassified Information (CUI), protect source code, and ensure data integrity through robust contingency planning and secure data storage. The document also details policies for configuration management, incident response, and the use of Personal Identity Verification (PIV) credentials for system access, ensuring a secure and compliant operational environment.

The provided document outlines the “BPA LCAT Pricing Rate Worksheet” for five years, detailing various government labor categories (LCATs) for offsite rates. These categories primarily encompass IT and management roles, ranging from junior to senior levels and Subject Matter Experts (SMEs) in areas such as computer and information systems management, systems analysis, engineering, cybersecurity, project management, and cloud architecture. Each annual worksheet includes columns for the Government LCAT Name, Contractor Labor Category Name from FSS Contract, FSS Fully Burdened Labor Rate (Offsite), Discount off FSS Rate (%), and the Quoted Fully Burdened Hourly Labor Rate for the BPA (Offsite). The consistent structure across all five years indicates a standardized approach to pricing and categorizing labor for this Blanket Purchase Agreement.

The Transportation Security Administration (TSA) is announcing a pre-solicitation for its Technology for Applications Logistics, Operations, and Networks (TALON) IT engineering services Blanket Purchase Agreement (BPA). This notice primarily concerns the establishment of a Virtual Reading Room (VRR) containing Sensitive Security Information (SSI) pertinent to the upcoming TALON solicitation. Access to the VRR will be highly restricted to approved GSA Multiple Award Schedule vendors and individuals who successfully pass a Security Threat Assessment. Vendors must designate a Senior Corporate Official as a single point of contact for sensitive information, responsible for ensuring protections and certifying compliance every 60 days. To gain VRR access, vendors and any subcontractors must provide specific corporate and employee information, including personal details for a security threat assessment, and execute Non-Disclosure Agreements. The TSA reserves the right to terminate access without notice and will not delay the acquisition process for appeal or redress issues. All SSI must be returned to the government before proposal evaluations.

The provided government file, likely an excerpt from a Request for Quotation (RFQ) or a similar procurement document, outlines a structured section for questions and comments from potential contractors. It details a numbering scheme for questions (60-64), corresponding page numbers, the relevant Draft RFQ Section, and a category for each question (Contract or Technical). This format is designed to facilitate clear communication and organization during the bidding process, ensuring that all inquiries from vendors are systematically addressed and categorized. The document's purpose is to standardize the submission of questions, which is critical for federal RFPs, federal grants, and state/local RFPs to ensure transparency and fairness.

The Department of Homeland Security's Non-Disclosure Agreement outlines the terms and conditions for accessing Protected Critical Infrastructure Information (PCII), Sensitive Security Information (SSI), and Other Sensitive but Unclassified (SBU) data. Signers must comply with specific regulations and procedures for each category, including the Critical Infrastructure Information Act of 2002 for PCII and 49 CFR Part 1520 for SSI. The agreement mandates safeguarding information, prohibiting unauthorized disclosure, and reporting security violations. It also details responsibilities for returning materials and restrictions on altering markings. Violations can lead to access cancellation, administrative, disciplinary, civil, or criminal action, and assignment of royalties to the government or the PCII-owning entity for unauthorized disclosures. The agreement emphasizes the government's right to enforce its terms, inspect for compliance, and maintain all conditions indefinitely unless released in writing.

The Transportation Security Administration (TSA) has released a draft Statement of Objectives (SOO) for the Technology for Applications, Logistics, Operations, and Networks (TALON) Blanket Purchase Agreement (BPA). This document outlines the strategic objectives for acquiring robust engineering and technical services to support TSA's IT strategic mission goals. The TALON BPA will provide services across various IT and operational technology (OT) domains, including system design, security engineering, modernization, system upgrades, implementation support, communication systems integration, research, and AI/Machine Learning. The scope emphasizes engineering, integration, testing, implementation, and transition services, excluding ongoing operations and maintenance. All services and deliverables must comply with Section 508 accessibility requirements. The BPA has a performance period of five years, with specific deliverables and service level agreements to be defined at the individual Task Order level.

The Transportation Security Administration (TSA) is announcing a pre-solicitation for its Technology for Applications Logistics, Operations, and Networks (TALON) Blanket Purchase Agreement (BPA). This BPA will acquire IT engineering services to support TSA's mission and strategic goals. A Virtual Reading Room (VRR) containing Sensitive Security Information (SSI) will be made available to interested GSA Multiple Award Schedule vendors. Access to the VRR is restricted and requires TSA approval. Vendors must designate a Senior Corporate Official to manage sensitive information, ensure protections, and certify compliance every 60 days. All individuals requiring access to SSI must pass a Security Threat Assessment, which may include background checks and security clearances. Vendors must submit a list of no more than three individuals by December 16, 2025, at 08:00 AM EST, along with a Data Protection Plan. All employees granted access must sign a Non-Disclosure Agreement and return all SSI before proposal evaluations.