On October 23rd, 2014, we updated our
By continuing to use LinkedIn’s SlideShare service, you agree to the revised terms, so please take a few minutes to review them.
University of Maryland University College
Graduate School of Management and Technology
Proposal in response to:
ITEC 630/Dr. Drew
Department of Everything Else
Creative Computing, Inc.
L.5.1.1 (TAB A) MANAGEMENT APPROACH (PWS)
Creative Computing is pleased to present this proposal to the United States Department of
Everything Else’s (DoEE) in response to Request for Proposal (RFP) to procure systems and
associated support services for an information technology enterprise wide Interactive Resource
Information System (IRIS). Group CC assumes the Period of Performance (PoP) for this effort
is five total years with a base period from December 5, 2013 thru February 28, 2014 to include
four option years beginning March 1, 2014 ending May 1, 2018. This proposal will be valid for
OVERVIEW OF TECHNICAL PROPOSAL
Creative Computing Incorporated (CCI) excels in delivering the best and most up-to-date
information systems available. CCI is proposing to implement a new automated Human resource
system in the United States Department of Everything Else (DoEE). This new automated
information system will allow for Human Resources(HR) services and information to be access
by managers and employees. CCI will employ different tactics and approaches in the creation
and deployment of the Interactive Resource Information System or IRIS for short. IRIS’
information and resources will be tested and measured to meet any and all of USGA standards
CCI will deliver IRIS to all HR offices spread out through all of DoEE. CCI’s IRIS system will
incorporate all the requirements as stated by DoEE’s requirements document. IRIS will allow the
access of HR information in a digital medium. CCI will provide training for HR department
employees in this new way of information keeping and sharing. IRIS will be accessible by DoEE
from anywhere they can access a web-browser. CCI will provide access to online training for the
use and access of IRIS to all DoEE employees.
Existing HR data will be uploaded to IRIS’ databank by scanning and/or manually entering it.
Data will be gather, scam and stored following the proper government guidelines. The data will
be store in (Armando put the technical specs of the data servers in here).
IRIS will be a web-based application which will grant access to HR personnel, and all of DoEE
employees. The application will be specifically tailored to meet DoEE’ requirements. IRIS will
be a combination of (Armando enter what you used to create the application). The will be used to
keep track of all employee’s HR information. IRIS will also work as a time keeping application
for DoEE employees.
CCI will also provide a help desk option to help DoEE HR personnel transition to IRIS. The help
desk will consist of (not sure who did the help desk but just write a summary here). This option
will make the switch from paper to digital data.
After the deployment of IRIS CCI will continue to support the system. The support plan for IRIS
will be as (whoever was in charge of the support after deployment just a small technical
CCI ultimate goal is to provide DoEE with a system that will deliver an innovative and advanced
way to provide their employees HR services. IRIS 1.0 will be the first deliverable version, with a
few more iteration to follow. Every following iteration will be built from a strong foundation and
features to make every new release better than its predecessor.
OVERVIEW OF MANAGEMENT APPROACH
Once the new comprehensive Human Resource Management Solution entitled IRIS increment
1.0 is delivered; DoEE will need an affective future enhancement and extension strategy.
Creative Computing and our team of senior information technology professional can provide
DoEE with a wealth of knowledge and experience to identify cost effective and efficient
enhancement to complement IRIS increment 1.0. Creative Computing proposes using our
existence staffing along with one of our information technology partners to examine new and
innovative ways to enhance current capabilities. Additionally, our experts will strategically
assess possible replacement options for DoEE when IRIS matures to its end-of-life cycle.
Our management approach will include cross utilizing our lead project manager and a dedicated
consultant provided by our partners who utilize in-house resources already working the IRIS
implementation project such as software engineers, consultants other professionals to ensure cost
remain low for our customer.
The ISEA Future Enhancement and Extension Activities will require staffing to research and
develop innovative enhancement software design and sustain the IRIS system. We estimate
configuration managements is an ongoing process and will take approximately 4-months from
requirement gather phase to implementation and sustainment phase.
Creative Computing Incorporated management plan is as follow:
Progress Reports- CCI will host weekly as well monthly progress reports meetings.
Weekly progress report meetings will be geared towards our development team,
stakeholders are welcome to join. Monthly progress report meetings will held to update
DoEE stakeholders, as well as for the discussion of any concerns with the project
Development Strategy- The active Project Manager will be in charge of IRIS
development. The PM will use a Gantt chart to keep and make sure IRIS is on track.
Tasks will be divide and schedule according to the best possible scenario. The PM will
make sure to allocate resources in accordance to what is best for IRIS.
Risk Management- CCI understands and knows there’s risk in every project. Our goal is
to make sure we are prepare and ready for any unplanned event. We will do everything at
our disposal to stay on course. Our performance reports will help us determine any
deviation from the progress path of IRIS. If there’s a problem that could affect the scope
of the project, team members will be required to fill out a change of scope form and
present it to the PM. The PM will then proceed to present it to the DoEE stakeholders.
PM will present different solution options that will solve the problem while having the
least impact on IRIS’ scope. Scope change will have a waterfall effect on the schedule
and cost. If change of scope is unavoidable the cost and schedule changes will be
reflected on the new development plan for IRIS.
Budget- The total cost for IRIS reflects all the initial planned materials and resources that
CCI will required to deliver IRIS 1.0. The total cost will account for any required
travelling expenses if there need to be.
Performance Report- In our weekly meetings CCI will review and discuss IRIS’
progress. The meetings will focus on reviewing the stage and the task of the project. CCI
will make sure all of IRIS’ requirements are being met and none are being forgotten. The
performance reports will be used to keep our employees accountable of the work they are
performing. If they are not part of the solution, they will not be part of the problem CCI
will swiftly find replacements. CCI will make sure that our employees will perform and
meet government standards.
Project Constraints- CCI will try and identify any constraints before the development of
IRIS begins. We will also identify any constraints as IRIS goes through its developmental
process. Two identify constraints so far are IRIS will use DOD servers and guidelines for
hosting. Another is DoEE employees’ lack of technology experience.
Creative Computing Inc. has had the pleasure of providing staff to the Federal Government for
over 35 years. Providing strategic workforce solutions is the core of our mission. We are
committed to providing staff that are courteous and highly skilled. Creative Computing Inc.’s
team is capable of recruiting, training and providing the necessary means for retention as well as
sub-contracting to provide the proper staff to each project.
The following is a detailed breakdown of the roles required to execute the project. It includes:
the project role, the project responsibility of the role, skills required, number of staff required to
fulfill the role, the estimated duration the staff needed on the project.
DB & Web
DoD IA Expert
Web Page Design
PHP & HTML,
Web Project Manager
Usability Lead / QA
Web Designer /
Test System & Use
Secure System &
Developer Lead Engineer
C.1 Key Personnel
Tom Baker has managed small and large team on many different projects for Creative
Computing in the last 10 years. Tom Baker skills on varies languages (HTML, Perl, PHP)
and other web-based systems tools making him a valuable team leader for DoEE HRMS.
Albert H. Kaufman has been with Creative Computing for 15 years as a Usability/QA Tester
for various projects on web-based system. Albert H. Kaufman still in Firefox, Database, and
other tools used to test security and usability of system.
Lisa Phillips expertise on MySQL database server makes her a valuable benefit on the IRIS
system. Lisa Phillips has managed large database that grows and change on customers’
Joseph G. Nottoli has been with Creative Computing for 8 years as a Web Designer and
Developer. Joseph has created and maintained multiple website for other Creative Computing
customers. Josepph expertise in other Human Resource Management System makes him a
valuable employee for DoEE project.
Jeremiah Stevens’s expertise in managing security expertise system makes him a value
member of the team. His expertise in DoD C&A system requirements and expertise in HBSS
and DISA create a strong foundation for creating and maintaining a secure system for DoEE
Human Resource Department.
C.2 Maintaining Technical Proficiency
Creative Computing will maintained training requirements for their staff member to be in
compliance with DoEE and DoD regulations. All members of the project team will meet at least
all DoDD8570 requirements for their position. Creative Computing will maintain a training
department for all technical certification.
C.3 Maintain Staff
Creative Computing maintain a 95% retention rate of all employees in the last 10 years. Creative
Computing employee maintain high standards for their employees package including 401k,
medical, dental, Paid Time Off (PTO), and more.
1. FULL-TIME EQUIVALENCY (FTE)
The table below identifies estimated efforts of Full-Time Equivalent (FTE) days in months of FY
13-14 for each role assigned to prototype ROC and IRIS 1.0 implementation task.
Number of Staff
Human Resource and
10.5 10.5 10.5 10.5 10.5 10.5 63
13.5 13.5 13.5 13.5 13.5 13.5 81
15.0 15.0 15.0 15.0 15.0 15.0 90
15.0 15.0 15.0 15.0 15.0 15.0 90
12.0 12.0 12.0 12.0 12.0 12.0 60
PROJECT MANAGEMENT PLAN
The Schedule, Cost and Staffing should reflect that status and conditions of the ROC. The ROC
would be first fielded in the Increment 1.0 ready for Operational Test and Evaluation phase, 8
months into being awarded the contract. As requested, Creative Computing, Inc will provide
project management services based on the requesting system suggestion.
The ROC system features shall consist of:
• Attendance and Paid Time Off use
• Pay raises and history
• Pay grades and Positions held
• Staffing and Position Classification capabilities
• Unfair Labor Practice claims filed and tracked
• U.S. Merit System Protection Board case tracking
• Employee Performance Development Plans
• Training received and proposed
• Disciplinary action received and proposed
• Grievances filed and tracked
• Personal employee information
• Management and key employee succession plans
• Applicant tracking, interviewing, and selection
• Application Admin capability for HR Staff (to include user account provisioning)
The Project Management plan will reflect the interrelationship between the prime contractors and
project activities. The plan will provide specific techniques, task, and procedures. These will be
monitored by management. The project is divided into multiple phases because each phase will
require an approved approach, once the approach has been approved for the project plan. The
project plan shall prepare also provide a Work Breakdown Schedule and schedule of all work,
deliverables and work products. The project plan will be updated and will be presented biweekly.
The Government schedule will be as follows:
• Early Operational Capabilities or ROC 3 months after awarded contract:
• Identify the requirements of each DoEE site
• Design a logical representation of the information system
• Develop human computer interaction
• Preliminary Design Review 3 months after awarded contract:
• Data Migration
• Testing process and maintenance will be completed by programmers or analysts during
• Increment 1.0 ready for Operational Test and Evaluation (OT&E) 8 months after awarded
• ROC Fielding
• Users in providing immediate feedback on the design output
• Ensure problems are immediately identified and fixed
Maintenance of the systems
Increment 1.0 ready for deployment 9 months after awarded contract:
Transition from the manual system which includes scanning and converting paper files
for entry into the database
Training of users on how to handle the system
Train new DOEE System Administrator
Completion of Increment 1.0 deployment 15 months after awarded contract:
Launch IRIS 1.0
Start the roll out phase of IRIS
Hand over new system to DOEE
The major milestones above have specific bulleted task associated. The bulleted tasks are how
we plan to approach each milestone. Creative Computing Inc. will consist of key personnel and
staff members. Some of the main positions will be a Project Manager, Project Consultant, Project
Engineers, Software Engineers, Testers, Software Writers, and Database Administrators. For
more details, reference below for Creative Computing Inc.’s staffing. Creative Computing, Inc.
Labor Categories and Price List
Web Project Manager
$43.27 – $63.31
Usability Lead / Quality Assurance Tester
$19.23 – $28.85
Information Assurance Manager
$36.06 - $57.69
$24.04 – $38.46
Web Designer / Developer Lead Engineer
$28.85 – $38.46
$36.06 - $46.67
can go through test and trials of our staffing plan to trigger different but accurate project staffing
condition as well as cost monitoring. We will analyze the system productivity and prepare
statistical reports which will be analyzed through heavy workflow and slow work period. By
these means, Creative Computing, Inc can evaluate cost, schedule, performance, risk
management, and schedule management.
PROJECT STAFFING PLAN
Labor category definitions and minimum training, experience, certifications, security
clearances and degrees for each Labor Categories
Web project Manager (Duration of the Contract)
The web project manager coordinates and communicates the day-to-day tactical implementation
of the web site project, acting within the constraints of the project charters and goals, project
budget, development schedule, and quality objectives laid out in the planning stages. The project
manager is the team member ultimately responsible for keeping the overall team activities
focused on the site strategic objectives and agreed deliverables, and he or she continually
monitors the scope of the project activities to ensure that the team stays “on time and on budget.”
The project manager acts as the primary contact between the web team and the sponsor and
manages the overall communication among creative, technical, and production elements of the
web site team. In larger web projects the project manager is not normally part of the hands-on
production team, but in smaller in-house projects the sponsor, design lead, or technical lead may
also act as the project manager for the site team. Project managers create and maintain the
project planning and strategy documents, budget spreadsheets, project schedules and Gantt
charts, meeting notes, billing records, and other project documentation that details the team’s
-At least 10 years experience with project managing web site creation and advertising
Experience in managing engineering scrums/sprints including large-scale projects
required. Prefer experience with large Internet, web-based projects.
Experience in project management process; knowledge of project management software
tools, templates and management techniques.
Strong verbal and written communication skills.
Proficient in MS Word, Excel, PowerPoint, Access, SharePoint
Able to obtain and maintain a Secret Clearance
Usability Lead/Quality Assurance Tester
The usability lead’s role is to shape the overall user experience. The usability lead works closely
with the information architect—in fact, the same individual often fills both information architect
and usability roles. As the primary user advocate on the development team, the usability lead has
responsibility for user testing, user research and persona development, and universal usability
standards for the site project. In the initial stages of design, the usability lead is responsible for
running interviews, field studies, and usability tests and for producing personas and scenarios to
Information Assurance Manager
The IA Manager is responsible for the security of all DoEE Human Resource System and
ensuring all system is set-up to meet all of DoEE requirements and meet government standards.
Ensure the required Certification and Accreditation (C&A) documentation is prepared, reviewed,
and maintained. Ensure Information and is system Risk Management is provided throughout the
life cycle of the systems and networks. Review and assess IS security C&A supporting
documentation including; DIP, SIP, system architecture diagrams, document. Maintain DISA
Standard on all hardware and software
BS in Computer Science or equivalent
10 + years experience in IA for government agency
Minimum/General Experience: This position requires a minimum of four years experience, of
which at least three years must be specialized experience in network systems. General experience
includes operations experience with multi-server local area networks.
Functional Responsibility: Performs daily activities including configuration and operation of
business systems that may be mainframe, mini, or client/server based. Optimizes system
operation and resource utilization, and performs system capacity analysis. Provides assistance to
users in accessing and using business systems.
Minimum Education: A Bachelor's degree in Computer Science, Information Systems,
Engineering, or other related discipline. With a Master's Degree, three years general experience
of which at least two years must be specialized. With eight years of general experience of which
six years is specialized, a degree is not required.
Web Designer/Developer Lead Engineer
Responsible for designing, creating, and building HRMS.
Create standards-compliant, cross-browser compatible HTML & CSS
Create Web graphics and user interface, icons, style sheets, templates, and layout for use
in product development and customer
BS in Computer Science or equivalent
+4 years professional design experience, preferably in government work or HR
Experience with HTML, XML, PHP, CSS, Java Script
Strong Attention to detail
Able to obtain and maintain a Secret Clearance
Responsible for the installation, configuration, upgrade, administration, monitoring and
maintenance of the Human Resource Management System Database. Their role includes but is
not limited to development and design of database strategies, system monitoring and improving
database performance and capacity and planning for future expansion.
Education required Bachelor Degree or higher in Computer Science or related field.
Knowledge of MySQL 5.x, Microsoft SQL, & Oracle.
Must be able to understand database theory and design for web application.
Must have 5 years of experience.
KEY PERSONNEL QUALIFICATION MATRIX
QUALITY CONTROL PLAN
SECTION 508 COMPLIANCE
a) Creative Computing represents by signing this offer that the supplies and services offered in
response to this solicitation, except for those identified in paragraph (b), comply fully with the
Electronic and Information Technology Accessibility Standards at 36 CFR 1194. Each supply or
service that will not be totally compliant at time of delivery or is only partially compliant is listed
in paragraph (b).
b) All noncompliant and partially compliant supplies or services are listed below. In addition, for
each supply or service that is not in full compliance, or is partially compliant, a detailed
discussion of which standards are satisfied and which standards are not satisfied by the offered
supply or service is included. Also, any qualifications or conditions that might affect compliance
with Section 508 of the proposed supplies or services are described. The list will be kept current
during the period of performance.
L.5.1.2 (TAB B) TECHNICAL APPROACH DOCUMENTATION
TECHNICAL APPROACH AND ARCHITECTURE
HP ProLiant DL380P Gen
8 Rack Server System
Enterprise Hard Drive
CISCO ASA5510-SECBUN-K9 ASA 5510 SSM
Security Appliance 50000
Simultaneous Sessions Up
to 300 Mbps Firewall
throughput Up to 170
Mbps 3DES/AES VPN
Server Rack Cabinet
Workgroup Up to 35 ppm
1200 x 1200 dpi Color
Print Quality Color Laser
Kodak Scan Station 500
8738056 24 bit CCD 600
dpi Sheet Fed Network
Used for DB Server and
4 Server HD for each
Server (RAID 5)
Government Approved HP
Headquarter and Remote
Site *1 spares*
Windows 2008 R2 Server
Windows 7 Enterprise
Microsoft Office 2010
Adobe Reader X
No charge for Adobe
Help Desk Service
The help desk service will be supported by Caitta Inc. to support of all of Department of Everything Else
Human Resource project. Caitta Inc. wills all customers help desk support with the following three tiers
a) Tier 1 Support: Tier 1 will provide basic software application and hardware support call center.
b) Tier 2 Support: Tier 2 will provide subject matter expertise on specific software and hardware issues
and problems that Tier 1 employee is unable to support.
c) Tier 3 Support: Tier 3 support more complex hardware and network operating system. The employee
will be a certified system engineer or expert in the specific problem. Depending on the type of issue the
system engineer may call or visit the site.
Creative Computing, Inc., through subcontracting with Caitta Inc. shall perform the following tasks:
a)Review, develop appropriate response, and respond to electronic mail or telephone support requests.
Coordinate corrective actions, user queries, and system related trouble/issue responses, including
service issues, incidents, training issues, and requests for fault/trouble isolation, correction and
b) Maintain publicly accessible website for helpdesk operations, troubleshooting tips, news and
announcements, application use reports, survey results, and frequently answered questions.
c)Provide IRIS user support for configuration and administration of software, network administration and
specialized technologies as identified by the government.
d) Receive and resolve user calls with a single point of contact (Level 1) which is defined as resolution of
issues on the first call. User assistance requests which cannot be resolved on the first call shall be
escalated to a Subject Matter Expert (Level 2 Support).
e)User assistance requests which cannot be resolved through the first response shall be escalated to a
Subject Matter Expert (Level 2 Support). Issues or incidents which cannot be resolved at by Subject
Matter Expert (Level 2 Support) shall be escalated to the Vendor (Level 3 Support).
f) Maintain or initiate normal office staffing as requested by the government after established work hours. If
the request is initiated during regular support hours, no lead-time may be provided. If the request is
initiated during after-hours support, extended hour support is required within two hours of said request.
When call volume has increased significantly, the Helpdesk Project Manager may notify the designated
government representative and request they be allowed to maintain or move to normal office staffing.
The Government shall approve this change on a case-by-case basis.
g) Perform helpdesk center capacity monitoring and planning which is defined as monitoring and
maintaining appropriate staffing levels for anticipated and planned call volumes.
1.1 Help Desk Support
Caitta Inc. is responsible for 24/7 customer service for Tier 1 and Tier 2. For more complete and onsite
visit response may take additional time for troubleshoot and part replacement.
24 / 7
2 – 5 min
24 / 7
15 – 30 min.
12 / 5
1 – 5 days
Table 1 (Response Time)
1.2 Support Overview
The following table demonstrates the minimum support provided to Department of Everything Else
Human Resource Project. The help desk function will have correction and feedback database of all
trouble tickets. The company will be responsible for system reporting and isolating the problem within
Hours of Coverage
Days of Coverage
Tier 1 Response
Tier 2 Response
Tier 3 Response
Operating System Support
Software Application Support
Sun – Sat
Call Service / Site Visit
Router / Switches Support
Correction and Feedback logs
Training Issues Report
Any additional call will be increase the
ex: password reset, connection issues
ex: Access DB, PHP, MySQL
ex: hardware replacement, Server crash
Windows 7 & 8, Server 2008 & 2008R2
PHP, MySQL, Microsoft Office Products
Juniper / Cisco *includes VPN*
Maintain and report all feedback monthly
Provide feedback of training issues
Table 2 (Help Desk Coverage)
COOP Executive Summary
COOP planning is simply a "good business practice" part of the fundamental mission of the DoDEE
agency. The agency must have a practical and comprehensive COOP plan which facilitates the DoEE’s
critical emergency response mission. With the new implementation of IRIS the DoEE must ensure it has a
responsible and reliable continuity of operations to ensure agency emergency response actions for public,
government and private institutions are not compromised. COOP planning must be a total individual
personnel, interagency and private sector coordination effort.
A complete IRIS implementation must include a comprehensive COOP plan to meet the emergency
response and changing security threat environments, to include localized acts of nature, accidents,
technological emergencies and military or terrorist attack-related incidents. Robust COOP capabilities
enable an agency to continue their essential functions across a broad spectrum of emergency responses.
Creative Computing believes the following COOP plan will ensure the DoEE has a comprehensive plan
ready to implement to ensure continuity of operations for the new IRIS system. This COOP plan will
ensures DoEE can activate an alternate IRIS site with within12 hours and is capable of sustaining IRIS
operations for a minimum of 30 days.
The implementation of the Interactive Resource Information System (IRIS) version 1.0 is designed to
provide DoEE with a sustainable information technology system to execute the disaster recovery mission.
This COOP plan shall provide the necessary plans, processes, analysis, documentation, updates, tests,
reports and management resource support and maintain at least minimum readiness levels of system
availability in accordance with the Federal Information Processing Standards Publication (FIPS) 199.
Additionally, this COOP plan ensures the DoEE the IRIS system architecture meets at a minimum the
Information Assurance (IA) architecture service requirement for the Mission Assurance Category (MAC)
II, Sensitive, Medium Robustness, system configuration, network configuration and partner support
requirement identified in accordance with National Institute of Standards Special Publication 800-53 and
DoD Directive 8500.01E. This COOP plan ensures the DoEE is complainant with the Secretary of
Commerce mandates of the Standards for Security Categorization of Federal Information and Information
The scope and contents of this document will be updated as needed as COOP requirement and standards
are upgraded, and as a result of user experience and comment.
This Continuity of Operations Plan establishes policy and guidance to ensure the execution of the mission
essential functions of the DoEE in the event that an natural or man-made emergency in the National
Capital Region Capitol threatens or incapacitates operations, and the relocation of selected personnel and
functions of the DoEE is required. Specifically, this plan is designed to:
a)Ensure the DoEE is prepared to respond to emergencies, recover from them, and mitigate against their
b) Ensure the DoEE is prepared to provide critical services in an environment that is threatened,
diminished, or incapacitated.
c)Ensure the DoEE information technology systems maintain appropriate levels availability and
documentation required for MAC II systems.
Applicability and Scope
a)This document is applicable to the DoEE National Capital Region operations, personnel and facilities.
b) Support from other state agencies and local governments as described herein will be coordinated with
the responsible office as applicable.
c)A separate Continuity of Operations Plan (COOP) will be developed for the DoEE field units outside of
the National Capital Region.
d) A Continuity of Government (COG), and Concept of Operations (CONOP) Plan will need to be
developed for the DoEE units outside of the National Capital Region.
The objective of this COOP is to ensure that a viable capability exists to continue the DoEE’s essential
emergency response functions across a wide range of potential emergencies, specifically when the
primary facility is either threatened or inaccessible. The objectives of this plan include:
a)Ensure the continuous performance of the DoEE’s Interactive Resource Information System (IRIS)
version 1.0 essential functions/operations during an emergency;
b) Protect essential information technology systems facilities, equipment, records, and other assets;
c)Reduce or mitigate disruptions to IRIS operations;
d) Reduce loss of life, minimize damage and losses;
e)Identify and designate principals and support staff to be relocated;
f) Facilitate decision-making for execution of the Plan and the subsequent conduct of operations; and
g) Achieve a timely and orderly Interactive Resource Information System (IRIS) version 1.0 recovery
from the emergency and resumption of full service to all customers.
Maintain enterprise-wide automated human resource information
services to its manager and key decision makers.
Respond to natural and man-made disasters home and abroad
Provide direct federal assistances to state, local governments during
Provide support to DoD for all infrastructure rebuilding,
reconstruction and rehabilitation efforts.
Concept of Operations
a. Emergencies, or potential emergencies, may affect the ability of the DoEE to perform its mission
essential functions from any or all DoEE facilities in the National Capital Region NCR. The
following are scenarios that could mandate the activation of the DoEE COOP.
Any primary DoEE or information technology system facility in the NCR is closed to
normal business activities as a result of an event or credible threats of an event that would
preclude access or use of the DoEE facility and the surrounding area to include information
Any facility in the NCR is closed to normal business activities as a result of a widespread
utility failure, natural disaster, significant hazardous material incident, civil disturbance, or
terrorist or military attacks. Under this scenario there could be uncertainty regarding
whether additional events such as secondary explosions, or cascading utility failures could
occur. If multiple DoEE facilities are located in impacted areas in the NCR, activation of
COOP contingencies to address such scenarios may be necessary.
b. In an event so severe that normal operations are interrupted, or if such an incident appears imminent
and it would be prudent to evacuate any primary DoEE facility in the NCR as a precaution, the
Secretary of DoEE or another authorized designated representative, may activate the DoEE COOP
execution. The relevant alternate facility (Alternate facilities will be identified by the DoEE and will
be listed in an appendix) will be activated, if necessary and at the discretion of the Secretary of DoEE
or another authorized designated representative.
IRIS Emergency Management Team (IEMT) for the DoEE Human Resource Management
Directorate will gather at the alternate facility secure location. The IEMT will ensure the mission
essential functions of the closed primary facility are maintained and capable of being performed using
the relevant alternate facility until the assumption of full operations is re-established at the primary
d. The DoEE IEMT may be supplemented by selected staff from appropriate DoEE directorates,
geographically separated field offices or other Federal agencies. Mount Weather Emergency
Operation Center in Mount Weather, VA will serve as an initial relocation team for COOP activation
or potential activation. The IEMT will either relocate temporarily to the relevant alternate facility, if
necessary, or operate remotely from a (Predetermined Secure Location) serving as an assembly site.
The IEMT will be responsible to continue mission essential functions of the DoEE Human Resource
Management Directorate within 12 hours and for a period up to 30 days pending regaining access to
the DoEE primary facility or the occupation of the relevant alternate.
e. All DoEE Human Resource, Information Technology and designated Contractor personnel necessary
to perform the mission essential functions of the DoEE Human Resources Directorate will need to be
contacted and advised to report to either the relevant alternate facility, predetermined secure location,
or other location as determined by the CEMT. Clear instructions as to the actions necessary to be
performed by activated personnel should be predetermined by the lead CEMT official given the
policy guidance provided by the DoEE Emergency Management Group (DEMG).
Incidents could occur with or without warning and during duty or non-duty hours. Whatever the
incident or threat, the DoEE COOP will be executed in response to a full-range of disasters and
emergencies, to include natural disasters, terrorist threats and incidents, and technological disruptions
g. It is expected that, in most cases, the DoEE will receive a warning of at least a 4-hours prior to an
incident. Under these circumstances, the process of activation would normally enable the partial,
limited, or full activation of the DoEE COOP with a complete and orderly alert, notification of all
personnel, and activation of the DoEE CEMT.
h. Without warning, the process becomes less routine, and potentially more serious and difficult. The
ability to execute the DoEE COOP following an incident that occurs with little or no warning will
depend on the severity of the incident's impact on the physical facilities, and whether the DoEE
personnel are present in the effected NCR facility or in the surrounding area.
Positive personnel accountability throughout all phases of emergencies, including COOP activation,
is of utmost concern, especially if the emergency occurs without warning, during normal duty hours.
DoEE facility Safety and Evacuation Plans, Administrative and Emergency Procedures, and
Section/Office COOP Implementation Plans should provide for such accountability.
Phase I: Activation and Relocation
The purpose of a time-phased implementation is to maximize the preservation of life and property in the
event of any natural or man-made disaster or threat thereof. The extent to which this will be possible will
depend on the emergency, the amount of warning received, whether personnel are on duty or off-duty at
home or elsewhere, and possibly, the extent of damage to primary court facilities and their occupants. The
Disaster Magnitude Classification definitions may be used to determine the execution level of the DoEE
COOP. These levels of disaster are defined as:
• Minor Disaster. Any disaster that is likely to be within the response capabilities of local government
and results in only minimal need for state or federal assistance.
• Major Disaster. Any disaster that will likely exceed local capabilities and require a broad range of state
and federal assistance. The Federal Emergency Management Agency (FEMA) will be notified and
potential federal assistance will be predominantly recovery-oriented.
• Catastrophic Disaster. Any disaster that will require massive state and federal assistance, including
immediate military involvement. Federal assistance will involve response as well as recovery needs.
In general, the following procedures are to be followed in the execution of the DoEE COOP. The extent
to which this will be possible will depend on the emergency, the amount of warning received, whether
personnel are on duty or off-duty, and the extent of damage to the effected court facilities and its
occupants. This Plan is designed to provide a flexible response to multiple events occurring within a
broad spectrum of prevailing conditions. The degree to which this Plan is implemented depends on the
type and magnitude of the events or threats thereof.
Alert and Notification Procedures
a. The DoEE notification process as related to COOP activation should, if necessary, allow for a
smooth transition the essential Agency head and staff to an alternate facility to continue the
execution of mission essential functions across a wide range of potential emergencies. Notification
may be in the form of:
(1) A COOP alert to all DoEE Senior Leadership and Staff and all non-essential DoEE
employees that relocation is imminent.
(2) An announcement of a DoEE COOP activation that directs the COOP Emergency
Management Team to report to an assembly site or a designated alternate relocation point
(ARP), and provides instructions regarding movement, reporting, and transportation details
to an assembly site or a designated ARP.
(3) Instructions to the Emergency Operational Team to report for departure and relocation to a
designated ARP, when selected and prepared, and instructions to non-essential employees.
b. Upon receipt of a COOP alert from the DoEE Secretary or Designated Person or Persons, or a
designated successor, the DoEE COOP coordinator notifies all Assistant Administrator Offices
who, in turn, notify staff using their internal telephone pyramid notification cascades. Notification
may be via personal contact, telephone, cell phone, pager, radio and TV broadcasts, or a
c. The DoEE Coop Coordinator or Designated Person or Persons) notifies the appropriate Federal
Emergency Operations Center, and the White House Emergency Coordinating Officer that an
emergency relocation of the DoEE is anticipated or is in progress.
a. Authorized DoEE successors to the Secretary are specified in a DoEE Executive Letter to be published.
Lines of succession shall be maintained by all DoEE organizational elements, reporting to the DoEE
Secretary to ensure continuity of mission essential functions. Successions should be provided to a
minimum depth of three at any point where policy and directional functions are carried out.
b. Each DoEE organizational element shall pre-delegate authorities for making policy determinations and
decisions. All such pre-delegations will specify what the authority covers, what limits may be placed
upon exercising it, who (by title) will have the authority, and under what circumstances (This appendix
should be developed and included).
c. The DoEE Secretary or Other Designated Person or Persons) acting on behalf of the DoEE may order
activation of the DoEE COOP Plan.
d. The CEMT, if pre-deployed, may be requested by the DoEE Secretary or Other Designated Person or
Persons to disseminate DoEE COOP guidance and direction during the activation and relocation phases.
Pending the activation of the COOP, the CEMT will monitor the situation and assist in the notification
process as necessary.
e. When executed, the appropriate Federal Emergency Operations Center (s) should be notified and
requested to provide any previously agreed upon assistance to DoEE.
Alert, Notification, and Implementation Process
a.Alert Procedures. If the situation allows for warning, assistance administrators, other senior leadership
and essential staff may be alerted prior to the activation of the COOP. In all situations allowing for an
alert the procedures must include notification to the FEMA Regional Emergency Operation Center and
the White House Emergency Operations Center.
(1) Information and guidance for assistance administrators, other senior leadership and essential staff a
will normally be passed telephonically using an emergency notification telephone tree/cascade.
The necessary information and means of communicating with agency personnel may be developed
and outlined in a separate appendix. Depending on the situation, current information may also be
DoEE hot line if approved and developed.
NCR Office Personnel Management web site if developed.
Announcements to local radio and TV stations if approved and
Other means if approved and developed.
(2) Agency personnel should listen for specific instructions. All personnel should remain at their office
or home until specific guidance is received.
(3) The DoEE Secretary or Other Designated Person or Persons will direct the activation of the DoEE
Notification Procedures. Upon notification to activate the DoEE COOP:
(1) The Secretary or Other Designated Person or Persons will notify the DoEE COOP Coordinator of
the current situation and that the COOP is being activated.
(2) The DoEE COOP Coordinator will notify all organizational Assistant Administrator Offices and the
External Public Information Officer (PIO) and the primary staff using the telephone tree or other
available means of communication.
(a) The primary staff then initiates their respective directorate COOP notification cascade and contacts
each person in their chain relaying the information and guidance provided by the COOP Coordinator.
(b) The primary staff will make a second attempt to contact those individuals who were not initially
available. If this attempt is unsuccessful, the primary staff will leave a message or send a page.
(c) Once initial contact is made (message left/page sent), primary staff will report status of personnel
contacted and those not contacted.
(d) The COOP Coordinator will in turn report status to the DoEE Secretary or Other Designated Person or
Persons) via telephone or other means of available communication.
(e) For personnel not initially contacted, once the message or page is received, they should immediately
contact the primary staff who contacted them.
(f) Notification may be via personal contact, telephone, cell phone, pager, radio and TV broadcasts, or a
(g) When a call or other notification is received by anyone in a calling cascade, the information given by
the primary staff should be carefully recorded to ensure that it is passed accurately to the next person in
(h) The primary staff will notify the COOP Coordinator upon completion of their notification process.
(i) The primary staff will report all unsuccessful contact attempts to the COOP Coordinator after
relocation has been affected every 30 minutes until 100 percent.
Phase II: Alternate Facility Operations
Mission Critical Systems
Establishment of Communications
a. The Designated Person or Persons will ensure all necessary and preplanned communications
systems are established, adequate, and functioning properly; and
b. The Designated Person or Persons will service and correct any faulty or inadequate
(DECC) ST Louis
DoEE Data Center
DISA DECC at Ogden
Mount Weather EOC
Blue Mount, VA
ii. Vital Files, Records, and Databases
Vital File, Record, or
IRIS Human Resource
DoEE Financial Data
Form of Record
Yes, Access to
DISA DECC at
St Louis &
Hand Carried to
Yes, Hard copy
Hand Carried to
Backed up at
Vital File, Record, or
Form of Record
Network Shared Drives
Backed up at
Phase III: Reconstitution
Within 24 hours of an emergency relocation, the Under Secretary for Facilities and Logistics or
Designated Person or Persons, will initiate operations to salvage, restore, and recover the effected DoEE
facilities after the approval of the local, Federal first responders, law enforcement and emergency services
involved. Reconstitution procedures will commence when the Secretary of DoEE Designated Person or
Persons ascertain that the emergency situation has ended and is unlikely to recur. Once this determination
has been made, one or a combination of the following options may be implemented, depending on the
Continue to perform mission essential functions at the ARP for up to 30 days.
b. Begin an orderly return to the effected court facility and reconstitute full operations.
c. Begin to establish a reconstituted DoEE facility in some other facility in the NCR or
Upon a decision by the (Designated Person or Persons) that the court facility can be reoccupied or
that a different facility will be established as a new DoEE facility:
a. The Under Secretary of Facilities and Logistics or Designated Person or Persons, will
oversee the orderly transition of all court functions, personnel, equipment, and records
from the ARP to a new or restored court facility.
b. Prior to relocating back to the primary court facility or another building, the Under
Secretary of Facilities and Logistic or Designated Person or Persons will ensure
appropriate security, safety, and health assessments for suitability.
b. When necessary equipment and documents are in place at the new or restored DoEE
facility, the staff remaining at ARP will transfer mission essential functions and resume
After-Action Review and Remedial Action Plan
a. An After-Action Review information collection process will be initiated prior to
the cessation of operations at the ARP. The information to be collected will, at a
minimum, include information from any employee working during the DoEE COOP
activation and a review of the strengths and weaknesses at the conclusion of the
b. The information should be incorporated into a COOP Remedial Action Plan.
Recommendations for changes to the DoEECOOP and any accompanying documents
will be developed and incorporated into the COOP Annual Review Process.
b. COOP Planning Responsibilities
Approves COOP Plan
Appoints COOP Coordinator
Oversees COOP Planning & Execution
Oversees NCR Alternate Location
Planning & Operations
Executes COOP Plan
On Site IRIS Operations
Secretary of DoEE
Under Secretary for Facilities & Logistics
DoEE COOP Alternate Location Chief of Operations &
Chief COOP Emergency Management Team
The DoEE alternate COOP relocation facility is at located at the Mount Weather Emergency Operation
Center. Mount Weather is about 48 airline miles west of Washington, DC; about 54 miles by road. The
facility's address is 19844 Blue Ridge Mountain Rd. (VA Rt. 601). The road runs northeast-southwest
along the mountain, roughly on the line between western Loudoun County and eastern Clarke County. Rt.
601 terminates at two major highways: Rt. 7 to the north and Rt. 50/17 to the south. The FEMA facility is
approximately halfway along the road.
Note: Mount Weather is a secure installation and does not admit unauthorized visitors. There are few
places where one can park along Rt. 601, and walking along the road is unsafe due to the lack of a
shoulder in most places.
From its inception as "High Point" in the 1950s, Mount Weather has been the emergency-operations
headquarters for the federal civilian agencies and officials of the Executive Branch. That mission,
originally part of the federal Continuity of Government program, continues to this day. Its details are
highly classified. Mount Weather is operated by the Federal Emergency Management Agency (FEMA),
successor to the Office of Emergency Preparedness.
Information released by FEMA focuses on Mount Weather's role in disaster preparedness and mitigation.
That mission includes telephone registration of disaster victims seeking assistance, and on-site training of
state and local emergency-management officials. Students in these courses are housed on the west side of
the property in buildings which appear from the outside like military barracks, but which contain
individual rooms furnished like those in a modest motel. An unusual feature is a notice posted in each
room, explaining the site's extensive security regulations
The DoEE COOP alternate site at Mount Weather is a hot site with constant live connection and access to
the critical systems previously identified in this COOP plan. The objective of Mount Weather is to ensure
the DoEE has access to secure interoperable communications immediately upon activation of the COOP.
d. Test, Training, and Exercises
The DoEE Under Secretary of Facilities and Logistics is ultimately responsible to the Secretary of DoEE
for a comprehensive and practical COOP. The Under Secretary of Facilities and Logistics shall ensure
the DoEE is properly equipped and trained to execute the DoEE approved COOP plan. The DoEE COOP
Coordinator will execute quarterly training exercises to test the personnel no notice notification and recall
capabilities of the COOP. The entire DoEE COOP plan shall be executed annually to include testing of
the relocation components of the COOP plan. The Under Secretary of Facilities and Logistics is
responsible to the Secretary of DoEE for the following actions:
(1) Individual and team training of agency COOP contingency staffs and emergency personnel to
ensure currency of knowledge and integration of skills necessary to implement COOP plans and
carry out essential functions. Team training should be conducted at least annually for COOP
contingency staffs on their respective COOP responsibilities;
(2) Internal agency testing and exercising of COOP plans and procedures to ensure the ability to
perform essential functions and operate from designated alternate facility(ies). This testing and
exercising should occur at least annually;
(3) Testing of alert and notification procedures and systems for any type of emergency at least
(4) Refresher orientation for COOP contingency staffs arriving at an alternate operating facility.
The orientation should cover the support and services available at the facility, including
communications and information systems for exchanging information if the normal operating
facility is still functioning; and administrative matters, including supervision, security, and
personnel policies; and,
(5) Joint agency exercising of COOP plans, where applicable and feasible.
COOP PLAN MAINTENANCE
The DoEE COOP plan shall be reviewed and recertified annually by the Under Secretary of Facilities and
Logistics. The COOP Coordinator is responsible to the Under Secretary for coordinating with all affected
agency components. Additionally, the COOP Coordinator is responsible for coordinating with the
alternate relocation facility to schedule site visits and training for exercises and real world events.
Once the new comprehensive Human Resource Management Solution entitled IRIS increment 1.0 is
delivered; DoEE will need a life-cycle sustainment plan and execution strategy. Life-cycle sustainment
planning and execution seamlessly span a system’s life cycle, from Materiel Solution Analysis to
disposal. The life-cycle plan should translate the provider’s capability and performance requirements
into a tailored product support strategy to achieve specified and evolving life-cycle product support
availability, reliability, maintainability, integrated diagnostics and testing and affordability parameters.
(Sub-Contractor) proposes an In-Service Engineer Agent (ISEA) technical approach which is flexible,
performance-oriented and reflects an evolutionary approach to accommodate modification, upgrades and
technical refreshes. The ISEA engineer roles will be in compliance with the requirements identified in
the DoEE Statement of Objectives. We propose to provide 100 percent sustainment support for the IRIS
increment 1.0 solution. Our cradle to grave approach support includes the design, implementation and
transition planning services for all IRIS revision and replacements, augmentation and technical refreshes.
Technical Approach - We propose using a management agile approach for the sustainment portion of the
system life-cycle versus the traditional System Development Life Cycle (SDLC) approach used during
initial IRIS system development. The agile approach is a popular software development approach based
on values, principles and core practices. The (insert Sub Contractor Name) will execute the four key
values of communication, simplicity, feedback and courage during sustainment software upgrades,
technical refreshers and augmentations.
In using the management agile approach, we will identify system requirement updates through multiple
exploration avenues to include the change management process, help desk service escalation tier process
and security upgrade requirements.
The second phase of the agile approach referred to as planning the our system analyst and project
managers will employ numerous tools to understand the customer upgrade and technical refresh
requirements and determine a time frame to deliver solutions.
Once we have gathered all software requirements to include Human Computer Interaction (HCI)
requirements and analyzed software needs use the data to design and test a software prototype for
In the third phase of the agile management process iterations to the first release, we will work closely
with the users to apply software feedback toward the final upgrade or technical refresh solutions.
In the fourth phase of the agile process we will release an upgrade software solution for implementation
for the IRIS system. Out technical engineers, trainers and project consultants will be on hand to provide
user acceptance training and document any issues or problems discovered during implementation.
The final phase of the agile management approach we will provide management and technical oversight
to ensure the system is kept running smoothly for operation. Technical engineers are available through
the help desk escalation tier process to ensure software issues are researched and resolved as soon as
technically possible through patches or upgrades.
We will develop a life cycle sustainment plan to identify sustainment and maintenance concepts. The
life cycle sustainment plan will identify program performance metrics to ensure metrics to measure
system availability, reliability and mean down time are evaluated management Overview of the program
The ISEA sustainment and technical refresh activities will require various staffing to develop, design and
sustain the IRIS system. We estimate upgrades and technical refreshes pending design complexity will
take approximately 4-months from requirement gather phase to implementation and sustainment phase.
Full-Time Equivalent (FTE). The table below identifies estimated efforts of Full-Time Equivalent (FTE)
days in months for future upgrades and technical refreshes.
Number of Staff
Figure 1 Full –Time Equivalency
TECHNICAL BASELINE MANAGEMENT
Once the new comprehensive Human Resource Management Solution entitled IRIS increment 1.0 is
delivered; DoEE will need an affective configuration management plan and execution strategy. Logical
network documentation refers to the direction data actually flows on the network within the physical
topology. In today’s network environments data flow, logical diagrams include such network elements
as network domain architecture, server roles and protocols. Configuration baseline management planning
and execution is an integral part of system documentation because it provides a basis to monitor the
overall performance of the system. Specifically, baseline is a measure of system performance that
indicates how well the system is operating. The purpose of a baseline is to provide a basis for
comparison. For example, a comparison of performance can be made between system performance to
compare the system baseline information at a time when the system is having a problem against
information recorded when the system was operating correctly. Ideally baseline comparisons help to
determine if the system has a problem, such as degrading performance, and how significant that problem
is and how it impacts users.
The correct baseline management strategy should translate to improving system performance support and
life-cycle product support to include availability, reliability, maintainability, integrated diagnostics and
testing and affordability parameters.
Creative Computing Inc proposes using our partner, Software Technology Support Center Inc as an InService Engineer Agent (ISEA) to provide a full service configuration management baseline management
technical approach. The full service configuration management service will include the establishment of
a set of living documents and databases to establish the initial baseline of the IRIS increment 1.0 system.
In addition, our proposal includes establishing control changes to baselines as the system definitions
mature. Our baseline management approach ensures baseline management is achieved by placing the
“baseline” under configuration control. This process is universally known as Configuration Management
and differs from document control in that it further specifies which of the many controlled or authorized
documents are currently applicable. Our approach ensures configuration management maintains the
“traceability” attribute of the system requirements called configuration control. Configuration control
ensures known changes are tracked and funded prior to implementation.
Our technical baseline approach will include the functional allocations that define the Work Breakdown
Structure that drives cost and schedule planning. Our project consultants will coordinate with our
partner’s system engineer functions to control the scope and schedule baselines and ensure they are
separate and distinct from the technical baseline. We will use experienced configuration management and
software developers professional to select the best software to complement the Human Resource
Management Solution entitled IRIS increment 1.0.
Our management approach includes stringent document control controls and dissemination documents.
Managed baseline documents must be retained in some sort of document control system, either local or
external. This function might be given to any part of a project team, including the SE function, and may
control many more documents than just those baselined.
The ISEA Baseline Management will require various staffing to develop, design and sustain the IRIS
system. We estimate configuration managements is an ongoing process and will exist for the length of
Full-Time Equivalent (FTE). The table below identifies estimated efforts of Full-Time Equivalent (FTE)
days in years for configuration management.
Staff Required Year
Figure 1 Full –Time Equivalency
AccuRev® provides enterprise software
configuration management (SCM) and
architecturally enabled process model
optimization for highly distributed
application development. AccuRev's awardwinning SCM architecture has been designed
specifically to simplify complex parallel
development projects, ensuring optimal team
collaboration, outsourcing models, software
asset reuse, and time to market that far
exceeds the capabilities of legacy SCM tools.
AccuRev forms the core of a true best-ofbreed application lifecycle management
(ALM) solution, with unique capabilities
which enhance and extend complementary
development tools. This provides you with
maximum control by offering the flexibility
to choose the best lifecycle tool for your
unique requirements, versus being locked in
to a tool offered by a single-vendor suite. The
result is an ideal mix of productivity with
traceability and auditing for distributed and
parallel projects and teams of all sizes.
Part Number: H30-04073
Royal ID: H30-04073
Dell XPS 10
Dell PowerEdge Servers; Get an energyefficient, dense 1U server for your
applications with the PowerEdge™ R420,
featuring next-generation processing and
Windows RT means the Dell XPS 10 is
instantly on and always up to date with
connected standby, so your mail and apps
stay in sync and are ready when you are. The
Dell XPS 10 also comes with Office Home &
Student 2013 RT built in, so you get all the
productive power of Word, Excel,
PowerPoint, and OneNote included, and a
whole world of new apps available from the
Windows Store. The Dell XPS 10 works
exclusively with apps from the Windows
Store (but not other desktop apps).
Creative Computing presents the following Other Direct Costs (ODC) in order to enhance our
capabilities to develop, implement and sustain IRIS increment 1.0
1. 2. Total ODC Travel for Year (1) through Year (5) is $225,000
2. Total ODC cost for miscellaneous equipment and materials is $775,000.
3. Creative Computing propose total ODC cost for the duration of this contract is
4. ODC breakout cost listed below:
$100,000 $100,000 $100,000 $100,000 $500,000
$138,000 $138,000 $138,000 $138,000 $775,000
Provide costs to
equipment in direct
support of IRIS
cost in support of
Creative Computing intends to meet all the program requirements, specifications and instructions
identified in the DOEE Statement of Objectives. Creative Computing will identify any technical
constraints or shortfalls discovered during system development through feedback with the
government Subject Mater Experts (SME) and the Contracting Officer Representative (COR).
Additionally, Creative Computing will promptly notify the COR of any constraints discovered during
system implementation. Finally, Creative Computing will notify the COR of any constraints
discovered sustainment and operations activities.
Creative Computing does not have or anticipate any programmatic constraints based on the DoEE
GOVERNMENT FURNISHED EQUIPMENT (GFE)
Based on the Statement of Objectives identified in solicitation DOEE-2013-R-0001 the Government
will provide GFE. Creative Computing will identify in our proposal all equipment costs whether
other direct costs or direct costs, required in support of IRIS implementation.
GOVERNMENT FURNISHED INFORMATION (GFI)
Creative Computing Project Manager will work with the Government COR for access to DoEE
reference documents to support this contract effort. Creative Computing understands the
Government does not warrant the validity or accuracy of any material unless otherwise noted.
Creative Computing reserves the right to notify the Government of any issues or concerns negatively
affecting the development or implementation due to incomplete or invalid GFI received from the
OTHER PERTINENT INFORMATION OR SPECIAL CONSIDERATIONS
a. Identification of Potential Conflicts of Interest (COI): Creative Computing and its
subcontractors will meet COI reporting requirements in accordance with FAR Subpart 9.5.
b. Identification of Non-Disclosure Requirements: Creative Computing will require all of its
staff and/or subcontractor to execute and submit an Employee/Contractor Non-Disclosure
Agreement form prior to starting work on this contract effort. We acknowledge
receipt of the SF33 in Section I of RFP.
c. Government Badge: Creative Computing will work closely with the Government COR to
obtain Security forms for completion by all staff member and/or subcontractors to obtain
required Secret Clearances. Creative Computing will ensure all forms are properly
completed and submitted prior to the start of the contract. We acknowledge and understand
the requirements of obtaining a clearance for access to the Government facility.
d. Contract Type: Creative Computing acknowledges and understands our contract will be
awarded a hybrid of firm fixed price (FFP), cost-plus incentive fee (CPIF) and cost
reimbursement (CR). We accept the terms of the award as an indefinite delivery, Indefinite
Quantity (IDIQ) per the (FAR), section 16.501 and the distribution of incentive fee pursuant
to the incentive fee plan in effect at award.
e. Enterprise Software Initiative/COTS Software:
Creative Computing will verify the
organic availability of COTS software at the Enterprise Software Agreements web site
(www.esi.mil) prior to any new procurement activities. Creative Computing will coordinate
with the Government PMO to determine if needed software is available for use in support of
IRIS. Creative Computing acknowledges it will manage all warranties for repair items
delivered in support of the IRIS implementation effort. Creative Computing will act as the
intermediary on warranty issues between the Government and the warranty provider on any
third party delivered products or services. Finally, upon contract completion shall transfer
any remaining warrantee rights for delivered third party products or services to the
INFORMATION ASSURANCE APPROACH
Creative Computing, Inc. will be responsible for all the Information Assurance requirements
during the design, acquisition, installation, operation stage. All system will be in compliance
with all federal, state, and DoD policies, guidelines, and standards as addressed.
Creative Computing, Inc. will be responsible for all the Information Assurance requirements
during the design, acquisition, installation, operation stage. All system will be in compliance
with all federal, state, and DoD policies, guidelines, and standards as addressed in table L-1.
1.1 System Security Plan Approach
The DoEE Human Resource Management System (HRMS) will provide web access to the
customers to preform daily task such as time sheet and performance evaluation. The HRMS will
follow the Information Assurance Support Environment (IASE) – Defense Information Systems
Agency. The following are the minimum required Security Technical Implementation Guide
(STIG) that will be followed:
1. Application Security
c. Internet Explorer
e. Microsoft Office 2010
f. Java Run Environment (JRE)
g. .NET Framework
2. Operating System
a. Windows 7
b. Windows 2008 R2
a. Router / Switches
c. IPSec VPN
d. Firewall & IPS/IDS
1.2 IRIS Security Environment
The sensitivity of PII information on the database the servers will be maintained in a secure lock
location at the Department of Everything Else Head Quarters. The minimum three layer of
security environment Operating System (Services Layer & Files Layer)
1.2.1 Services & File Layer
The security of the Services in the Operating System will be secure from unauthorized personnel.
The following are the minimum procedures for the IRIS system
1. All hardware and Operating System will have password enabled and meet DISA requirements
2. The MySQL Server and Apache Server must be located in two different server for security
The sensitivity of the information input to the database will be secured in the DoEE HQ facility.
1. All data extracted for achieve will be process by DoEE Employee.
2. All contractors and subcontractors will not be authorized access to DoEE PII information
without DoEE writing prior approval.
1.3 IRIS Certification and Accreditation
To maintain IRIS Certification and Accreditation, Creative Computing, Inc. will maintain all
system up-to-date and secure at all time by following Department of Defense (DoD) Information
Assurance Certification d Accreditation Process (DIACAP) DoD 8510.01 instruction. The
following are the update system of IRIS.
Windows 7 Professional
Updates Every Tuesday *daily zero day update*
Windows 2008 R2
Updates Every Tuesday *daily zero day update*
Latest MySQL update
Latest PHP 5.5 update
Latest Apache 2.4 update
All system update and modification will be in a conducted in a controlled environment before
deployment to Department of Everything Else. All system will be documented and approved by
the Information Assurance Officer, Project Manager, and DoEE HR manager.
1.4 IRIS Management Plan
All Creative Computing, Inc. employees and subcontractors will meet all Department of
Everything Else training and Department of Defense training as per DoD Manual 8570.01-M
1.4.1 Security Clearance Requirements
All relevant Creative Computing, Inc. employees and subcontractors will at a minimum a Secret
security clearance. If Department of Everything Else requires specific clearance higher than
Secret will be provided. Creative Computing, Inc. and subcontractors is responsible for all
clearance requests and updates.
1.4.2 Security Login Processing
All relevant Creative Computing, Inc. employees must utilize users names and password with
proper authorization. After first login, employees must immediately modify their temporary
login passwords, and remain their passwords secrecy until their relevant login rights void by
relevant proper authority.
1.4.3 Secrecy Agreement
All relevant Creative Computing, Inc. employees must sign secrecy agreement before they
formally perform their jobs. Relevant secrecy agreement remain validity until it is naturally
expire, modified by proper authority, or within three years after employment termination.
All relevant Creative Computing, Inc. employees must return relevant HRIS materials, account
login user names and passwords to relevant HRIS administration manager before their positions
transferring and termination.
Creative Computing, Inc. will develop, implement, and sustain training capabilities for IRIS
throughout the duration of the contract. The training for DoEE HRM and HRIS employees will
begin approximately 30 days prior to IRIS’s completed implementation. Creative Computing,
Inc personnel will provide onsite one-on-one training at DoEE Headquarters. There will also be a
one day group class session with duration of 8 hours to familiarize users with IRIS. The class
sessions will provide hands on activities with IRIS for DoEE employees. Each employee will be
provided with one three-ring loose leaf binder manual at the beginning of the class. In addition,
Creative Computing, Inc. will provide an electronic manual that DoEE can place on its Intranet.
In the event of any updates to IRIS before the end of contract such as new features, webinars will
be conducted through the end of contract. DoEE personnel will be granted access to Creative
Computing Inc.’s webinars, online support, discussion forums, and manuals after the end of
END OF CONTRACT TRANSITION
For this transition, Creative Computing, Inc will maintain its existing staff on-site throughout the
transition period. No additional staffing requirements are anticipated to complete the transition to
DoEE HRM and DoEE HRIS personnel. The transition is expected to take 60 days to complete.
Immediately prior to the transition, Creative Computing Inc. will stand up its transition team in
order to facilitate the activities necessary for successful transition. DoEE should have its staff on
site at the beginning of the 60 day transition period and will establish a similar team to work with
Creative Computing, Inc. to coordinate the contract’s complete transition.
Creative Computing, Inc. will work closely with DoEE HRM and DoEE HRIS personnel,
throughout the duration of the contract, to ensure accurate transfer of information. Creative
Computing, Inc. will make the following recommendations:
Organize formal and informal discussions with DoEE HRM and DoEE HRIS personnel
regarding the steps forward of IRIS.
Provide direct and remote access for DoEE personnel to procedural documents and
processes prepared and used by the Creative Computing, Inc.
Facilitate the transfer of full custody and/or ownership of assets and contract materials to
Transition Team Organization
The following chart illustrates the transition team members from Creative Computing Inc. and
DoEE; as well as the roles and responsibilities of each team member.
Work with DoEE PMs to coordinate and schedule
all transition activities; provide weekly reporting on
transition progress; ensure all applicable property
and tools are included as part of transition
Ensure all IT activities are completed during
transition; document all IT processes, tasks, and
activities for transition to DoEE
Work with CC Inc. PMs; ensure all transition
deliverables are received and understood; identify
any gaps in transition activities
Responsible for overseeing all contract actions and
deliverables; responsible for ensuring accountability
on all funding and budget items pertaining to the
Ensure continuity of all IT activities throughout
transition; ensure receipt of adequate IT
documentation of all processes, tasks, and activities
Ensure all training documentation received
addresses all planned training items; ensure
standardization of all transitioned documentation
Work with CC Inc. PMs; ensure all transition
deliverables are received and understood; identify
Ensure all training documentation is complete; ensure
completion of user and technical manuals; ensure all
documentation is in accordance with DoEE standards;
ensure proprietary materials are not part of transition
any gaps in transition activities
All Creative Computing Inc personnel will remain on-site to perform their transition activities
until such time that the transition is completed and approved by all parties. DoEE will ensure its
required personnel are on site 60 days prior to transition completion. This will allow adequate
time to perform all transition activities.
Work Executing During Transition
Throughout the transition of this contract, work will continue to be performed by Creative
Computing, Inc. in accordance with the approved project schedule and work breakdown structure
(WBS) in place. The transition management team will ensure that DoEE personnel work
alongside their Creative Computing, Inc. counterparts; however, DoEE will maintain all
responsibility for tasks and deliverables. At the end of the 60 day transition period, and upon
transition approval, DoEE will assume full responsibility for all tasks and deliverables.
The following chart illustrates the subcontracts in place which are in support of DoEE’s IRIS
activitiy. These subcontracts apply to third party tasks to ensure all required cabling and facilities
functionality is in place to support the PayBase project.
CableQues Perform cabling work within datacenter to support
PayBase database functionality
Build out existing data center facility to house
additional servers to ensure PayBase database
Government Furnished Equipment (GFE)
As part of this transition, all GFE provided to Creative Computing Inc. under the IRIS contract
will be turned in to the government upon completion and approval of the transition phase. GFE
includes laptops, computers, all PEDs, flash and external hard drives, and employee ID badges.
All electronic devices will be re-imaged by government IT personnel and re-issued to
appropriate DoEE personnel.
Per the IRIS contract, all intellectual property which is a direct result of work on the contract
deliverables will be transitioned to DoEE in order to ensure the successful completion of the
project. The contract pricing takes intellectual property into consideration and as such, any
resulting intellectual property will be owned by DoEE.
User Accounts and Passwords
As part of the contract transition, various user account accesses and authorizations must be
created and disabled. Currently Creative Computing, Inc. personnel listed in the chart below
possess the user accounts and access necessary for contract deliverables. The listed DoEE
personnel will be granted access on the first day of the contract transition phase. Once transition
is complete and approved, all Creative Computing Inc. personnel’s user accounts will be
Creative Computing Inc.
SAP Master User
IT Transition Lead and
IT Transition Lead and
IT Transition Lead
IT Transition Lead
Transition PM and IT
Transition PM and IT
For this transition, knowledge transfer will occur over the entirety of the 60 day transition period.
The knowledge transfer will take place via various methods. The incumbent PM will coordinate
two formal classroom tranining sessions to be conducted by incumbent IT Transition Lead.
These sessions will focus on the specific IT concerns related to the database activities. The
incumbent PM will coordinate two formal classroom sessions to be conducted by the incumbent
Configuration Manager. Theses sessions will cover documentation requirements and
organizational processes and assets. These sessions will be completed no later than 15 days prior
to the end of the 60 day transition period. Additionally, all DoEE HRM and HRIS personnel will
work alongside their Creative Computing, Inc. counterparts throughout the 60 day period in
order to gain familiarity with the database, tools, processes, and organizational assets. The PMs
from Creative Computing Inc. and DoEE will meet no later than 10 days prior to transition
completion in order to determine if any further training or knowledge transfer is required.
Handover and Acceptance
DoEE will make the determination of when transition is completed and will provide formal
acceptance indicating such. To do this, DoEE’s transition PM will utlilize the established
transition checklist in order to determine that all activities associated with the transition have
been completed. The DoEE’s transition PM will also meet with the transition PMs from Creative
Computing, Inc. to ensure that all concerns and issues have been met and addressed
appropriately. Once the DoEE’s transition PM has formally accepted the transition, the checklist
and supporting documentation will be signed and accepted by the DoEE’s project sponsor and
human resources director. The last step is the formal acceptance and signature of the DoEE’s
contracting officer representative. It is only after all of these approvals and signatures are in
place that the transition will be considered complete.
PROJECT AND DEVELOPMENT SCHEDULE
L.5.1.3 (TAB C) HOSTING (OPTIONAL)
Creative Computing Inc. will utilize the Defense Information Systems Agency’s solution for hosting.
PROPOSED HOSTING SOLUTIONS
HOSTING CONFIGURATION APPROVAL
ESTIMATED HOSTING COST
L.5.1.4 (TAB D) SMALL BUSINESS SUBCONTRACTING
Small Business Participation Plan
Creative Computing’s inception and development is the direct result of the Federal government’s
investment in requiring the use of small businesses. Our company recognizes the tremendous
opportunity the Federal government extends to small businesses and we are glad to present this
small business plan as a key component of our proposal submission.
Small Business Plan Requirements
Creative Computing, in accordance with solicitation DOEE-2013-R-0001 will outsources no less
than 22% of the contract value from the overall contract award value. Creative Computing will
only award outsourced/subcontracted projects to small businesses currently registered with the
Defense Central Contractor Registration (CCR). Creative Computing will review no less than
two proposals from qualified vendors for each project or task to be outsourced with the goal of
awarding no less than 4 to 5 percent of the overall contract value to the following small business
Small Disadvantaged Businesses
Veteran-Owned Small Businesses
Service Disabled Veteran-Owned Small Businesses
HUBZOne Small Businesses
Proposed Small Business Plan
The following small businesses have all proven through other partnership opportunities with
Creative Computing that they bring critical technical and professional capabilities to ensure
success of the IRIS implementation project:
Categories: Minority Owned Business, Native American Owned
STSC SCIENTIFIC & TECHNOLIOGICAL SOLUTIONS COMPANY, INC
Categories: Minority Owned Business, Service Disabled Veteran Owned Business, AsianPacific American Owned, Veteran Owned Business.
TELESOLV CONSULTING LLC
Categories: Minority Owned Business Veteran Owned Business, Black American Owned,
SBA Certified Hub Zone Firm, Self-Certified Small Disadvantaged Business
M & M TECHNICAL SERVICES
Categories: Woman Owned Business, Woman Owned Small Business, Black American
Owned, SBA Certified Hub Zone Firm, Self-Certified Small Disadvantaged Business ,
Economically Disadvantaged Women Small Owned Business.
Total Percentage/Dollars planned for Large Business
Total Percentage/Dollars planned for Small Business
L.5.3 (TAB A) FINAL SOLICITATION, OFFER AND AWARD
Creative Computing Inc. (CCI) is pleased to present this Final Solicitation, Offer and Award
proposal to develop and implement a Human Resource Management solution entitled IRIS
increment 1.0. This proposal is being submitted in response to DoEE Solicitation 2013-R-0001.
Creative Computing based all cost proposal estimates based on the Period of Performance (PoP)
outlined in the DoEE solicitation for this effort Base Period 5 December 2013 thru 28 February
2014 and Option (1) 1 March 2014 thru 30 April 2015.
This proposal will be valid for 30 days from the date of this proposal. A summary of proposed
cost are listed below. A detail breakdown of costs to include staffing and bill of material are
provided in Attachment A of this proposal.
Total Price Summary (Attachment A)
Attachment A presents all the rolled-up costs for this proposal. This excel spreadsheet shows the
staffing, bill of material, and travel cost to develop and implement the Human Resource
Management solution entitled IRIS increment 1.0.
Type of Cost
Indirect Cost (G & A)
Proposal Preparation Cost
Creative Computing uses a flat G & A rate of 20% as part of a three-tier method for the
calculation and application of indirect costs. The flat rate is a result of a three tire indirect rate
cost which include Company site fringe rate, company site overhead rate and other G & A
expenses. The indirect calculation rates will be submitted to DCMA if awarded offer for this
proposal is accepted.
In accordance with requests made by the NGA IT/IS Program Team NJVC classifies this
proposal to be of “Medium” size and proposal costs are estimated at $10,000.
APPENDIX A: RESUMES
ALBERT H. KAUFMAN
Seeking a full-time position in Portland, Oregon (or virtual position) in software testing and/or
social networking/marketing. 15 years of QA experience, especially strong on web-based
TECHNICAL SKILLS INCLUDE
Windows, MAC and Linux operating systems
Software: MS Office Suite, MS VSS, WordPress, Firefox
Databases: Have used and been admin for various bug-tracking databases – currently
Testing Tools: HP Test Director, Gomez, Stormcloud
E-marketing, viral-marketing, website optimization, writing and research
For an example of a social networking plan I’m implementing, please visit
Altres – Portland, Oregon, Quality Assurance Lead Tester 5/11-Present
Testing HR and other systems for a Hawaiin-based company. Working closely with a small
group of developers on system upgrades and new features. Performing a variety of types of
Tools: MS Office Suite, mostly Excel; all current browsers; Environment: Waterfall
development setting with multiple development projects coming down the pipeline at any one
ISITE Design – Portland, Oregon, Quality Assurance 9/10-3/11 Used the latest development
tools such as Sitecore, Ektron, Drupal & WordPress CMS’s, Jira bug-tracking software, and the
Microsoft Office Suite to plan, test and track large-scale web projects including screen
validation, functionality, user-experience and cross-browser testing.
Albertideation – Portland, Oregon, Owner 10/08-present. Support clients to further their
business goals through social networking sites such as Facebook, Twitter, Linked-in, Biznik, etc.
Help clients with website optimization, design and promotion. Please see:
http://albertideation.com/clients/ for current client list.
Skills for Success – Portland, Oregon, Marketing Director 11/07-11/08. Promoted staff
presenters locally and regionally using social-networking (Web 2.0) and marketing techniques.
Bonneville Power Administration – Portland, Oregon, QA Engineer 4/06-10/07. Software
requirements review and analysis. Tested web-based billing system as part of a multi-million
dollar development effort. Tested two bill-archiving systems. Led team effort through software
upgrades and a server and data migration including work with SQL Server. Directed and
managed product end-users and coordinated with development and project management. Wrote
test plans, test scripts and delivered documentation. Utilized HP Testing Tool Suites such as: HP
Quality Center (QC).
EFI – Vancouver, WA, QA Engineer 4/05-10/05. Tested high-end Xerox printer/copier/scanner
and Splash server in a team environment. Focused on printer driver, install, and configuration.
Used Siebel’s defect tracking software and performed regression in a cross-platform
Vanteon/HP – Vancouver, WA, Software Team Lead 11/04-4/05. Tested HP printers on Mac
platform. Installed and tested firmware, and performed localization and configuration testing.
Tracked and regressed defects.
Oswego Group – Beaverton, OR, Software Tester 5/04-10/04. Tested Nike’s Custom Catalog
Creation Software using black-box testing.
King County, Housing and Community Development. Seattle, WA, Contract Administrator
4/01-5/02. Administered the Federal county-wide housing programs. Reviewed and
administered multi-million dollar housing contracts including site visits.
Consultant, Seattle, WA, 5/00-3/01. Supported multiple software-related projects as well as
neighborhood planning implementation, website creation and maintenance.
Acadio Corporation, Seattle, WA, Software Test Lead 9/99-2/00. Tested e-commerce site
acadio.com. Hired and managed test team, participated in management meetings, estimated
project testing requirements and equipment needs. Administered defect tracking tool. Utilized
tools that were the precursors to Quick Test Pro, WinRunner, and Load Runner.
Emercis Inc., Seattle, WA, Test Engineer 2/99-8/99. Tested Catalog Server application, which
enabled creation of mid-sized company stores on the web. Sites based on SQL Server 7.0, IIS,
Java, VB, NT and MS Site Server. Testing involved load-testing, functionality, UI, various
software update scenarios and base file changes.
Microsoft Consulting Services/Applied Technology Division, Bellevue, WA, Lead Tester
7/98-12/98. Tested Boeing/Microsoft database application involving HPCs and PCs running
W95, NT and CE 2.1, SQL Server 6.5, IIS 4.0, and Access as well as other technologies. Trained
Boeing employees on application.
bSquare, Bellevue, WA, Quality Assurance Engineer 1/98-4/98. Tested localized fax software
for HPCs on Windows CE 1.0 and 2.0. Developed functionality and localization test scripts for
two products: bFAX Express and bFAX Pro.
Sprynet/Compuserve, Bellevue, WA, Quality Assurance Engineer 5/97 to 10/97. Created test
plan and thoroughly tested Sprynet account creation products on Windows and Mac platforms.
Also tested Javachat tech support application, MS Exchange Server Administration tool, IE4 and
a dual Sprynet/CompuServe account creation vehicle.
Device Guys, Inc., Bellevue, WA, Quality Assurance Engineer 3/97 to 5/97. Tested Sharp MFP
(multi-functional peripheral). Trained team in setup of hardware and software for testing
purposes. Focused on printer driver, installation, scanning, copying and networking issues.
Microsoft, Redmond, WA, Quality Assurance Engineer 10/96-3/97. Tested localization and
functionality in German and Japanese on IEAK 3.2 (Internet Explorer Administration Kit).
Localization team member for MS Commerce Server as well as Active Payment and Address
Control for Netscape and Internet Explorer. Used manual and automated tests to check product
Keane, Inc., Seattle, WA, Windows 95 Technical Support Specialist 9/95-6/96. Provided
technical support on all aspects of Windows 95. Supported NOW Software products Contact and
Ruschke & Partners, Munich, Germany, Executive Secretary/Trainer 1991-1994. Managed
office, maintained database, translated and wrote correspondence for two German patent
attorneys. Created Mac network and trained office on development and use of system.
Master of Arts, Political Science, Rutgers University, 1992
Bachelor of Arts, Political Science, minor: Economics, New York University, 1984
Lisa Phillips Resume
Technical Operations Leader, Senior MySQL DBA
Extensive experience in implementation and management of internet services to ensure
highest levels of system availability and performance globally
Demonstrated ability to adapt to changing technologies and methodologies
Excellent interpersonal skills, confident and poised in interactions with individuals at all
Dedicated individual with reputation for consistently going beyond what is required
02/2010 – Present
Twitter, Inc – San Francisco, CA and Seattle, WA
Senior MySQL DBA
Manage thousands of MySQL database servers in rapidly growing environment
Regular resume review and phone screening for senior candidates
Develop and train new members of DBA team to ensure team’s best practices
Implement MySQL HA solutions, including utilization of hardware load balancing and
Create first backup system with off-site backups, documentation and monitoring
Work with peers and executive team to develop company core values in use by Twitter
04/2009 – 02/2010
Big Fish Games – Seattle, WA
Director of IT
Technical operations team responsible for availability of Big Fish Games sites, providing
over one million game downloads a day
Corporate IT team and infrastructure in support of 400 employees and offices across 3
Develop and support budget for multiple data centers, CDN, network infrastructure, and
corporate software licenses
Successfully plan and finish Fisher Plaza data center migration, executed under duress of
fire and flooding
01/2005 – 04/2009
Six Apart Ltd – San Francisco, CA
Director of Operations Engineering/Director of Hosted Services/MySQL DBA
Manage and lead Senior Operations team responsible for performance and availability of
major blogging and social network sites totaling 14 million users
Collaborate with the Financial Planning, Product Marketing, Engineering and Business
Development teams to ensure the development and delivery of superior products, service
Develop and track Service Level Agreements both from 3rd party vendors and hosting
Deliver weekly operations updates to the rest of the organization, including executive and
Work with enterprise clients like Talking Points Memo on hosted blog solutions for high
Successfully plan and execute migration of a 120-server data center from Seattle to San
Francisco with minimal downtime
Consult with Tokyo-based corporate partner NIFTY Corporation on MySQL software
and architecture upgrades
02/2003 – 01/2005
Danga/Livejournal.com – Seattle, WA
Senior Systems Administrator
Primarily responsible for Linux systems maintenance, upgrades, security, hardware
installation and configuration in a clustered MySQL, Apache and Apache-SSL
Manage vendors in network bandwidth, hardware, software and support
Maintain, configure and update F5 load balancing equipment to meet constant growth
Responsible for all physical equipment in co-location facility including racking, cabling,
labeling, documentation and monitoring
Speakeasy, Inc – Seattle, WA
Lead Systems Administrator
Deliver weekly up time and outage reports
Design and implement new web and mail hosting architecture
Troubleshoot and upgrade systems and software for web hosted services
Escalation point for NOC team
Commercial Webhosting Lead
Customer Service, Sales, Administration, and Support of commercial web hosting
Training, documentation, and policy recommendations to the company
Escalation point for technical domain hosting concerns
09/1997 – 02/1999
Starnet - Tucson, AZ
Technical Account Manager
Consistently meet and exceed sales goals via phone, email
Investigate and facilitate customer web solutions
Contribute toward marketing strategies for Internet products
MySQL, Apache, Ganglia, Mod_Perl, Memcached, Mogilefs, Perlbal, CFEngine, Puppet,
Heartbeat, Sendmail, Postgresql, SVN, CVS, Majordomo, Nagios, Cricket, Apache-SSL, F5
Bigip, NetAPP, ISCSI, TCP/IP, FTP, NFS, SMTP, POP, IMAP, SSH
Active Security Clearance
Expires: August 2017
Jeremiah Stevens always seeks to provide a broad spectrum of senior-level technical, managerial and
security expertise to organizations in order to establish synergetic enterprise visions, homegrown
innovations and customer loyalty.
Jeremiah is a certified career security professional with a proven record for stepping up to new
challenges and getting the job done. With over 10 years of hands-on technical and security experience,
he has always ensured projects of high complexity and visibility achieve their objectives and forecasts.
His calling is to ensure all milestones are accomplished under budget throughout a project’s System
Development Life Cycle (SDLC) while still meeting and exceeding the stakeholder’s expectations.
Furthermore, his record of accomplishment has improved security operations at various Commands
within the Department of Defense (DoD), the Maryland State Department and other Federal-based
Extensive background in developing, implementing and managing strategic, technical and operational
security plans that are aligned with business goals and objectives, diverse security architectures (e.g.,
people, processes, technology), systematic and structured risk management strategies, as well as
properly aligning security programs that meet not only the demands of an entire organization, but are
perfectly postured to withstand even the most rigorous of rule, regulation or guideline inspections (i.e.,
ISO, Command Post Inspection (CPI), Enhanced Compliance Validation (ECV), Inspector General, etc.).
Information Assurance (IA) DoD expertise, with emphasis on Federal Information Security Management
Act (FISMA) processes to include, but not limited to: DoD Information Technology Security Certification
and Accreditation Process (DITSCAP – 8500 series) DoD Information Assurance Certification and
Accreditation Process (DIACAP – 8510.01) and National Institute for Standards and Technology (NIST)
800-series special publications.
Proven ability to remain flexible, but task oriented in order to overcome scope creep challenges
commonly associated with project development.
Successfully lead and obtained Certification and Accreditation (C&A) system and application Authorities
to Operate (ATO), through both DITSCAP and DIACAP, on legacy, Research Development Test and
Evaluation (RDT&E) and Navy/Marine Corps Intranet (NMCI) networks.
Hands-on security experience with the following FISMA C&A processes: System Security Authorization
Agreement (SSAA) development, Concept of Operations (CONOPS) development, System Rules of
Behavior development, Security Test and Evaluation (ST&E) from both a documentation (i.e., Security
Requirements Traceability Matrix (SRTM) and overall risk assessment plan construction) and a technical
(vulnerability scanning and analysis) standpoint, Incident Response planning, SDLC planning, DIACAP
transition planning, Contingency, Disaster Recovery, and Continuity of Operations (CP/DRP/COOP)
planning, Project of Action and Milestones (POA&M) development and execution as well as conducting
Privacy Impact Assessments.
Familiar with the following security-centric products: McAfee and Norton Anti-virus/Ad-aware, Retina,
Nessus, Snort, Host-Based Security System (HBSS), Defense Information Systems Agency (DISA) Field
Security Operations (FSO) Gold Disk and Security Readiness Scripts (SRRs).
Experienced in implementing, monitoring and troubleshooting the following operating systems and
Microsoft XP Workstation, Microsoft NT Workstation / Server, Windows 95/98, Windows 2000
Server, UNIX (Hewlett-Packard, Red Hat and SuSE Linux), CISCO firewalls, switches, and routers.
Comfortable giving impromptu and planned oral presentations to small, medium and large sized
EDUCATION / CERTIFICATIONS
Bachelor of Information Technology in Computer Forensics August 2010
American InterContinental University Hoffman Estates, IL
GPA: 4.0 with Summa Cum Laude honors
Associate of Science Computer Science May 2000
Vincennes University Jasper Jasper, IN
Certified Symantec Endpoint Protection 12.1 Administrator October 2012
Prometric Test Center
UNIX SRR Certified July 2012
Web Platform SRR Certified May 2012
Application Security and Development SRR Certified April 2012
Symantec Sales Expert+ (Symantec Endpoint Protection) April 2012
Certified Information Systems Manager (CISM) February 2012
Certification Code: 1218780
Certified in Risk and Information Systems Control (CRISC) July 2011
Certification Code: 1111258
Capturing Federal Business June 2011
L-3 Communications – Shipley Associates Reston, VA
CNSS: 4012 – National Standards for Senior System Administrators & April 2011
CNSS: 4015 – National Standards for System Certifiers Norfolk, VA
IA2 – SPA
Department of Navy Validator March 2011
Navy Certification Authority
Marine Corps Enterprise Network (MCEN) Validator July 2010
Designated Accrediting Authority, Headquarters Marine Corps, Command, Control
Communications and Computers (C4)
Linux+ CompTIA Certified October 2010
Certification Code: LHYCXWLDLG11134T Greenbelt, MD
Prometric Test Center
Certified FISMA Compliance Practitioner (CFCP) February 2010
Certification Code: 112998 Columbia, MD
Certified Information Systems Security Professional (CISSP) Training December 2007
Anne Arundel Community College Arnold, MD
Security+ CompTIA Certified September 2007
Certification Code: QNYJKVXBDCFE1YF4 Greenbelt, MD
Prometric Test Center
Security+ Accreditation Course: Network Security Fundamentals May 2007
Anne Arundel Community College Arnold, MD
Help Desk Training Course: “Pleasing Your Hard-To-Please Customers” June 2002
Naval Surface Warfare Center Crane, IN
NMCI Customer Service Representative Training (Field Technician) June 2002
Naval Surface Warfare Center Crane, IN
Interconnecting Cisco Network Devices July 2001
New Horizons Louisville, KY
Impromptu 6.0 Report Building and Administration May 2001
COGNOS Training Facility Mason, OH
A+ CompTIA Certified February 2001
Certification Code: 4Q96H9ZDJPRQ196E Evansville, IN
Automated Office Solutions
HP-UX Systems and Networking Administration June 1999
Hewlett Packard Training Facility Atlanta, GA
Fundamentals of UNIX May 1998
Hewlett Packard Washington, DC
Senior Information Assurance Engineer November 28, 2012 - Present
DISA/Superlative Technologies (SuprTEK) Ft. Meade, Maryland
Apply enterprise level IA best practices and regulations to a wide variety of Defense Information
Systems Agency (DISA) projects. Examples: McAfee Host Based Security System (HBSS), Tenable
Assurance Compliance Assessment Solution (ACAS), DoD enterprise wide Microsoft Windows Server
Update Services (WSUS), and eEye Retina/Retina Enterprise Manager (REM).
Provide over a decade of hands-on senior-level subject matter auditing expertise on Operating System,
Application, Network, Database, Security Technical Implementation Guide (STIG) requirements.
Manually apply STIG settings to each product or underlying OS and test these settings to ensure the
project functions as expected in a DISA-approved environment.
Maintain several Vulnerability Management Systems (VMS) assets for DIACAP purposes.
Function as the “go-to” person for guidance on the Application Security and Development STIG.
Cross trained several members of the team on the Security Content Automation Protocol (SCAP)
Compliance Checker (SCC) tool.
Administer Oracle/Sun Solaris and Red Hat Linux systems within the virtual and physical lab
Competed and won the right to become a part of the Symantec End Point Certification program within
Received by-name accolades from our DISA government customer on an enterprise level application
that flawlessly passed a critical DISA Field Security Officer (FSO) inspection.
Technical Program Manager/Information Assurance Officer May 06, 2006 – November 25, 2012
L-3 Communications and Engility Corporation Maryland
Participated in the opportunity assessment and marketing positioning (capture), win strategy
development, programming concept refinement, bid development (to include blue, pink, red and gold
team reviews), postsubmittal and post-award proposal processes for multi-million dollar contracts.
Maintained and managed the National Institute for Literacy/Literacy Information and Communication
System project from both a Project Manager (PM) and Information Assurance Officer (IAO) perspective.
Prepared annual operating plans and forecasts as well as provided invoice reconciliation and approvals
for a Firm Fixed Price (FFP) contract.
Successfully obtained six three-year ATOs for the Department of Navy (DON).
Participated on an Information Assurance team that not only achieved stellar remarks from the Navy
CIO, but also “set the bar” for all other Navy Command Cyber Readiness Inspections (CCRI) from both a
technical and documentation standpoint.
Function as a liaison for the program managers, system administrators, user representatives and
developers to complete an entire C&A package in a timely, professional and organized manner. This
includes, but is not limited to: Gathering and organizing technical information about an organization’s
mission goals and needs, existing security products, and on-going programs in the security arena.
Defining and analyzing security requirements. Designing, developing, engineering and implementing
security solutions to achieve business objectives. Performing risk analyses to include, identifying and
periodically evaluating information security controls and countermeasures to mitigate risk to acceptable
levels as well as reporting significant changes in information risk to appropriate levels of management for
acceptance on both a periodic and event-driven basis.
Responsible for evaluating ST&E plans, traceability matrices, and residual risk assessments that were
constructed based on the instructions presented in FISMA, DoDI 8500.2 (DITSCAP), DoDI 8510.01
(DIACAP) and NIST 800-series publications. These duties include, but are not limited to assisting clients
with system security hardening and baseline development, analysis, and auditing as well as analyzing
detailed system design documents, network topologies, operational procedures, and other security centric
documentation in order to obtain and maintain an ATO in their industry.
Develop Standard Operating Procedures (SOP) and related documentation for clients. Examples:
Business Impact Assessments (BIA), Computer Incident Response Team (CIRT), Contingency Planning
and Information Operations Condition (INFOCON) SOPs.
Validate applications through the DON Application and Database Management System (DADMS)
Prepare and deliver oral IA-focused presentations to technical and non-technical groups.
Assist in writing proposals and Requests for Information (RFI) for a wide variety of security-centric
Completed an extensive FISMA security assessment for the State of Maryland.
Appointed by the Marine Corps Designated Approving Authority (DAA) as a Marine Corps Enterprise
Network (MCEN) Validator.
Appointed by the Navy Operational Designated Approving Authority (ODAA) as a Navy Validator.
Received by-name accolades from our government customer (i.e., Navy Information Assurance
Manager) and various government Project Managers (PM) throughout my tenure.
System Security Accreditation Lead Apr 2003 – Nov 2005
Tri Star Engineering and SAIC Crane, IN
Developed SSAAs for all of Naval Surface Warfare Centers’ RDT&E applications and servers. This
included, but was not limited to the construction of Security CONOPS, Certification Test Procedures,
Incident Report Planning and Procedures, Maintenance Planning and Procedures, Risk Assessments,
Data Flows, Security Procedures, Contingency Plans, Configuration Management Plans, Security
Requirements Traceability Matrices and Security Test and Evaluation Plans.
Ensured Command wide understanding of the high-level aspects of the DITSCAP (8510.1-M) through
oral presentations and on-site visits.
Conducted C&A briefings and presentations at beginner, intermediate, and advanced levels of
Mentored a team in order to ensure C&A packages were completed in a prioritized manner.
Performed extensive vulnerability scans and penetration tests against every system to ensure FISMA
and DITSCAP compliancy.
Worked with systems administrators to ensure new hardware that was placed on the RDT&E network
was thoroughly scanned for vulnerabilities.
Implemented new intrusion detection systems and rules in order to mitigate future risks to the RDT&E
Investigated, quarantined and resolved intrusions detected on the RDT&E network.
Asset Management Lead / Tier III Technician Feb 2002 – April 2003
Tri Star Engineering Crane, IN
Analyzed and tracked NMCI assets for billing / inventory purposes.
Documented, researched and tested operating system images that were deployed to over 3000
personal computers. This involved extensive testing of applications on multiple platforms.
Prepared new user accounts, machine associations and e-mail addresses in Active Directory /
Analyzed, solved and thoroughly documented complicated network and application errors between two
separate networks. (NMCI and RDT&E networks)
Provided Tier III Help Desk and Technical Support for a dynamic network with multiple platforms.
Functioned as a liaison between end users, Tier I, Tier II and Tier III support.
Worked in Tivoli (remote desktop) and Remedy (enterprise logistics management) on a daily basis.
Organized and lead weekly team meetings while we transitioned managers.
Point of Sales Technician August 2001
KFORCE.com Indianapolis, IN
Implemented a Point of Sale system (Windows 2000) for Advanced Auto Parts.
Coordinated work instructions effectively with everyone on the project.
Systems Analyst July 2000 – July 2001
JOFCO International Jasper, IN
Contributed to all aspects of decision, budget and project making within the IT department.
Managed a four month, company wide, Internet Protocol renumbering project in order for the company
to successfully connect to the Internet.
Functioned as a liaison to establish several successful relationships with third party vendors in order to
help the company implement major technical projects.
Reviewed multiple computer systems capabilities, workflow and scheduling limitations in order to
Wrote detailed descriptions of user needs, program functions and steps required to develop a computer
program or project.
Maintained security and the overall data integrity within the company’s computer systems.
Setup Cisco routers, switches and firewalls.
Oversaw the implementation of the following products for the entire company: Microsoft NT Workstation
and Server, Track-IT!, Microsoft Office, Norton Antivirus, Mdaemon, Arcserve and Diskshare.
Night shift Computer Operator Nov 1998 – July 2000
Kimball International Jasper, IN
Provided tier one help desk support for a global network. This included, but was not limited to: Assisting
users with their password resets, troubleshooting problems on various applications and operating
systems, escalating calls when necessary to the tier two support members, and documenting every call in
Tivoli for reference purposes.
Executed reports on a nightly basis and distributed them to the various departments.
Monitored, executed and scripted batch jobs on MVS, Windows NT and UNIX based operating
Maintained, installed and tested different applications on Windows 95/98, UNIX, and Windows NT
based operating systems.
Wrote technical instructions and documents using Microsoft Word
CERTIFIED PROJECT MANAGER
120 Virginia Avenue ♦ San Francisco, CA 94110
(650) 799-0456 ♦ tom_baker@ tommywillb.com ♦ resume.tommywillb.com
ROLES & RESPONSIBILITIES
Team & Technical Project Management
Led small and large teams receiving exceptional employee and customer feedback
Certified Project Manager for Web site design, search, content management, and server upgrade projects
Led concurrent projects and project teams and delivered results on time
Web Application Development
10 years of experience building content-rich web sites; usability and information architecture
Technical Design and development of dynamic Web applications; HR job postings and resume collection
Implemented and developed with Interwoven TeamSite and other Content Management Systems
Infrastructure System Support
Supported multi-server clustered Web environments hosted in multiple firewall protected data centers
Responsible for hardware upgrades, scale planning, Apache configuration, and production support
SKILLS & TECHNOLOGIES
Microsoft Project Server/Visio/Office/SharePoint/InfoPath, Documentum eRoom, Serena TeamTrack,
Intuit QuickBase, Remedy, Brio, Six Sigma/PMI-PMBOK/RUP Process Methodologies
Web Application Development
Interwoven TeamSite/LiveSite/OpenDeploy CMS, Apache, IIS, SunOne, SQL Server, Oracle database,
TextPad, BBedit, Dreamweaver, Contribute, Eclipse, Visual Source Safe, CVS, RCS
LDAP(S), XML over HTTP(S), SSL, SSH tunnels, multi-network firewalls, and MIME email
Web Systems and Infrastructure
Apache configuration including VirtualHosts, HTTPS, and redirection
Load balancing, log analysis, system uptime and page response time monitoring, and tool development
THOUGHTMATRIX: December 2007 – Present
Palm Inc. –Project Manager/Technical Lead (www.palm.com & euro.palm.com)
Managing extension of USA TeamSite implementation out to European operations
SAPPHIRE TECHNOLOGIES: June 2006 – November 2007
Charles Schwab & Company – Contract Technical Project Manager (Schweb.schwab.com Intranet)
Project Managed $500k Schweb Infrastructure Upgrade project using STech PMO RUP methodologies
Guided HR & Schwab Bank business-driven projects through CTO, STech, and TIS GLOW processes
Infrastructure Rationalization Solaris to Linux/Windows system simplification and support cost savings
Improved offshore request processes for improved productivity and business requestor satisfaction
Schweb Infrastructure Upgrade RUP Inception and Elaboration project phases
Implemented LiveSite business content contributor self-service tool for HR Deferred Compensation
Extended LiveSite for use on Schwab Bank and the Schweb Stock Equity Unit Fund sites
Upgraded Schweb WebTrends analytics tool to meet CTO technology standards and simplify support
Migrating of Schweb Solaris SunOne and TeamSite applications to Apache and Red Hat Linux
Initiated Schweb FastSearch upgrade; created initial project plan used by new project manager
Updated Schweb infrastructure documentation in MySupport, DCO Portal, and Wipro SMTD's
ROBERT HALF TECHNOLOGY: August 2005 - December 2005
Carat Advertising – Contract Project Manager and Web Developer (Carat.com)
Project Managed and developed content management for winstarcasinos.com & xmodsrc.com
Gumas Advertising – Contract Web Developer (Gumas.com)
Web development for various client web sites and advertising campaigns
INTUIT INC.: 1995-2005
November 2003 - June 2005 – Technical Project Manager (Intuit.com and TeamSite functionality)
Project Managed enterprise system hardware and software upgrades
Concurrently managed multiple project teams of 4-8 direct contributors with budgets up to $500k
Web site redesigns for www.intuit.com and www.turbotax.com
Annual scaling of www.turbotax.com for Tax season traffic
TeamSite/OpenDeploy upgraded from 5.0 to 5.5 & integrated with Siebel
August 2000- June 2005 – Web Development Manager (Intuit.com, Intranet and TeamSite)
Managed large team of 22 people; Including Project Managers, Developers/Engineers, and QA
Controlled a $1.3 Million budget for staff and hardware; Saved $100k with optimized hardware
Led Reorganization to split Project Management, Development, and QA
Led Engineering process improvement efforts and contributed to Six Sigma
Implemented "Rapid Development" and "Custom Development" processes
Intuit.com, turbotax.com and Intranet site redesigns and Fulcrum search
Internet and Intranet Web servers migrated from Netscape to Apache
Implemented TeamSite as enterprise system; Shared by 150+ Intuit Internet/Intranet Web sites
Upgraded TeamSite from 4.5 to 5.0; "Self-Service" content updates
Internet and Intranet Business Continuity Plans (disaster recovery)
October 1995 - August 2000 – Individual Contributor Roles
Web Production Lead: Prioritized and assigned development assignments
Web Production Specialist: Development of HTML, ColdFusion, Perl applications using TeamSite
Contract Web Production Specialist: Developer for Intuit.com, QFN.com, and Turbotax.com sites
Led Y2K Remediation; Web servers migrated to Sun hardware
Implemented Job Search and other Web Applications; InQuery Search
Provided requirements for in-house CMS and selected Interwoven TeamSite as replacement
Initial launch of intuit.com and qfn.com (Quicken portal) Web sites
Educated senior management on privacy implications of "Web beacons"
RED SKY INTERACTIVE – Contract Interactive Developer: April 1995 - October 1995
Multimedia Authoring with Macromedia Director and Shockwave
Web Site Development
TLA PRODUCTIONS – Audio Recording Studio Client Services: 1993-1994
RUSSIAN HILL RECORDING – Audio Recording Studio Assistant: 1992-1993
Certified Project Manager: PMI/PMBOK PMI preparation studies - UC Berkeley Extension
Web and Programming Courses - University of California Extension
Bachelor of Arts Communications - San Francisco State University
Campbell, G. (2011). The Complete Idiot’s Guide to Project Management. New York, NY: Penguin
Cooke, H. (2011). The McGraw-Hill 36-Hour Course Project Management (2 nd ed.). New York, NY:
The McGrawhill Companies, Inc.
DoD Instruction 8500.2 –Information Assurance (IA) Implementation. (2012). DOD Issuances. Retrieved
DoD Instruction 8510.01 –DoD Information Assurance Certification and Accreditation Process
(DIACAP). (2012). DOD Issuances. Retrieved from www.dtic.mil/whs/directives/
Kemp, S. (2004). Project Management Demystified: A SELF TEACHING GUIDE. New York, NY: The
McGraw Hill Companies, Inc.
Lewis, J. (2007). Fundamentals of Project Management. New York, NY: American Management
Minimum Security Requirements for Federal Information and Information Systems. (2006). FIPS PUB
200. Retrieved from http://csrc.nist.gov/publications/fips/fips200/FIPS-200-final-march.pdf
Piscopo, M. (2013). Transition Out Plan. Retrieved from http://www.projectmanagementdocs.com/
Russel, D. (2011). Succeeding in the Project Management Jungle. New York, NY: American