The Cybersecurity Supply Chain Risk Management (C-SCRM) Questionnaire is a government document for vendors, likely part of an RFP or grant application. It requires organizations to provide contact information and detailed responses regarding their cybersecurity and supply chain risk management practices. Key sections include identifying and mapping supply chain threats, implementing written SCRM requirements in contracts, and verifying supplier compliance. Additionally, it addresses physical and personnel security, asking about background checks, insider threat training, and procedures to prevent tampering of Information and Communications Technology (ICT) equipment. The questionnaire references NIST SP 800-53, indicating a focus on federal cybersecurity standards. Vendors must complete the gray shaded lines in the template, and the government may request documentation to validate responses. This document ensures vendors meet critical security and risk management criteria when engaging with government entities.

The document outlines a Cybersecurity Supply Chain Risk Management (C-SCRM) Questionnaire tailored for vendors responding to government requests for proposals (RFPs). It requires vendors to provide key contact information and details regarding their risk management strategies concerning supply chain threats. The questionnaire emphasizes the importance of identifying supply chain risks, mapping suppliers, and enforcing written SCRM requirements within contracts. Sections address physical and personnel security protocols, including literacy training on recognizing insider threats and conducting background checks for employees. Vendors must also confirm their procedures to prevent tampering with Information and Communications Technology (ICT) equipment in their inventory. This structured approach ensures that vendors comply with established federal guidelines, enhancing the security and integrity of government supply chains. The document serves as a comprehensive checklist to validate vendor responses, supporting the government's commitment to robust cybersecurity measures across various contracts and grants while mitigating potential risks associated with supply chain vulnerabilities.

The U.S. Embassy in Lisbon, Portugal, has issued new guidelines for contractors following a Presidential Executive Order that revokes previous EOs promoting diversity, equity, and inclusion (DEI), affirmative action, and equal opportunity programs, including EO 11246. This Executive Order eliminates mandates for non-discrimination and affirmative action requirements for government contractors and subcontractors. All Department of State contractors must now certify that they do not operate any DEI programs that violate applicable federal anti-discrimination laws. This certification is material to government payment decisions and is subject to the False Claims Act. Contractors must read the certification, check the appropriate boxes, and complete a representation form, which must be signed by an authorized representative, and then return it to the Contracting Officer.

The document outlines new compliance requirements for contractors bidding on government contracts, particularly following the President's Executive Order aimed at revoking various previous orders related to Diversity, Equity, and Inclusion (DEI). Notably, this reversal includes the rescindment of EO 11246, previously mandating equal employment opportunities and affirmative action for government contractors. As part of the new contracting procedures, all Department of State contractors must certify adherence to federal anti-discrimination laws and confirm they do not promote DEI initiatives that violate these laws. The certification process is emphasized as critical for government payment decisions and is subject to the False Claims Act. Contractors must complete specific steps and provide necessary declarations to ensure compliance. This documentation aims to streamline the contractor selection process while reinforcing legal frameworks around non-discrimination in employment practices.

The U.S. Embassy Lisbon is soliciting proposals for mobile telephone and virtual private network services, identified under RFQ Number 19P05025Q0012. The contract is for a one-year base period with two one-year options to renew, with a minimum value of €3,000.00 and a maximum of €205,000.00. Services include fixed and mobile telephone services, a Virtual Private Network for 30 official lines, international calls, roaming, SMS, voicemail, data services, and 24-hour customer service. The contractor must also provide temporary additional services like daily cell phone rentals with SIM cards for special events and 4G/5G wireless broadband internet access. The document details pricing structures for standard and temporary services, emphasizing Value Added Tax (VAT) at 23%. Key personnel must include a bilingual Project Manager, and the contractor is responsible for obtaining all necessary permits. The solicitation also includes requirements for technological refreshment, delivery orders, equipment return policies, customer service centers, and a Quality Assurance and Surveillance Plan. Attachments include compliance forms for E.O. 14730 regarding anti-discrimination and a Cybersecurity Supply Chain Risk Management (C-SCRM) questionnaire, requiring vendors to detail their risk management plans and security policies.

The document outlines a Request for Quotation (RFQ) for mobile telephone and virtual private network (VPN) services for the U.S. Embassy in Lisbon, Portugal. It specifies that the contractor will provide standard mobile phone services alongside temporary rental services for special events, ensuring all costs include labor, materials, and insurance. The contract is set for a year with two optional extensions and includes comprehensive pricing structures based on usage. The contractor must ensure high-quality communication with clear network performance, offer extensive customer service support, handle invoicing efficiently, and adapt to emerging technologies. Specific equipment and billing requirements are detailed to ensure compliance with government standards, including certifications regarding anti-discrimination laws. The schedule encompasses service provisions, mandatory clauses, solicitation provisions, evaluations, and necessary certifications. This RFQ highlights the government's emphasis on compliance, quality assurance, and an effective supply chain risk management framework, critical for governmental contracting in the telecommunications sector. Overall, the RFQ emphasizes operational flexibility, cost-effectiveness, and rigorous standards necessary for maintaining government communication needs in Portugal.

The American Embassy Lisbon issued Amendment A0001 to RFQ 19P05025Q0012, extending the offer submission deadline to December 10, 2025. This amendment provides additional information regarding changes in initial requirements for virtual private network and mobile telephone services. The solicitation, for the Embassy in Lisbon, Portugal, requires a contractor to provide fixed and mobile telephone services, including a Virtual Private Network for 30 official lines. Services include interface equipment, VPN management, national and international calls, roaming, SMS, voicemail, cellphone rental, 24-hour customer service, detailed electronic billing, and data services (iPhone/iPad/Smartphones, 4G/5G). The contract spans a base year and two option years, with specific pricing structures for various services and a 23% VAT. The contractor must ensure high-quality, uninterrupted network connectivity and provide a Project Manager fluent in English and Portuguese.