NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY USA Tender

This Is A Sources Sought Notice Strictly For Market Research Purposes. This Is Not A Formal Request For Proposal (rfp) And Does Not Commit The National Institute Of Standards And Technology (nist) To Award A Contract Now Or In The Future. the Purpose Of This Notice Is For Planning Purposes Only And To Obtain Information Regarding The Availability And Capability Of Qualified Small Business Sources (e.g., 8(a), Service-disabled Veteran-owned Small Business, Hubzone Small Business, Small Disadvantaged Business, And Women-owned Or Economically-disadvantaged Women-owned Small Businesses) Under Naics 513210 With A Size Standard Of $47.0m, That Have The Capability, Experience, And Expert Knowledge In The Area Of Providing A Software-as-a-service (saas) Browser-based Conference Registration System (prod. Svc. Code Da10) To Support Nist-hosted Conferences, Meetings, And Other Events. nist Is Seeking A Commercial-off-the-shelf (cots) Or Custom Developed Registration System Solution That Efficiently Manages Event Registration, Payments, Attendee Tracking, And Integration With Nist Systems While Meeting Federal Security Requirements. your Response To The Information Requested Will Assist The Government In Determining The Appropriate Acquisition Method. nist Does Not Intend To Award A Contract On The Basis Of This Notice, Or Otherwise Pay For Information Requested. No Entitlement Or Payment Of Direct Or Indirect Costs Or Charges By Nist Will Arise As A Result Of Submission Of Responses To This Notice And Nist’s Use Of Such Information. there Will Be No Question And Answer Period Associated With This Sources Sought Notice. the Cots Or Custom Conference Registration System Shall Include And/or Allow For: • Registration And Payment Processing: Online Registration System, Secure Payment Processing, Refunds, Discount Codes. The Ability To Configure Multiple Types Of Registration Fees, Including Early Bird, Standard, Student, Speaker, And Group Rates. To Include Multiple Registration Paths Based On Attendee Profiles, Including Speakers, General, Exhibitors, And Government. • Attendee Management: Customizable Registration Forms, Real-time Reporting, Badge Generation, Attendee Tracking, And Onsite Check-in Support. • Integration And Scalability: Ability To Integrate With Existing Nist It Infrastructure (e.g., Microsoft, Salesforce, Pay.gov, And Other Systems And Apps). Open Api For Third-party Integrations. • Communication An Engagement: Automated Confirmations, Reminder Emails, Post-event Surveys. • Administration And Role-based Access: Multi-tier Roles With Distinct Permission Levels, Including Super Admin, Event Manager, Support Staff, Read-only. Ability To Assign Different Administrative Privileges To Manage Event Setup, Approvals, Reporting, And Attendee Communications. Audit Logs For Tracking Administrative Communications. • Scalability And Event Management: Support Of Unlimited Events, Registrations, And Licenses Without Additional Cost Per Event. Capability To Handle Concurrent Events. to Accommodate The Processing Of Personally Identifiable Information (pii), The Contractor And The Conference Registration System Shall Comply With Federal It Security And Privacy Requirements, That Include: it Security i. The Contractor Must Have An Assessment And Authorization (a&a) Performed At The Moderate Level As It Relates To The Requirements Set Forth In The Federal Information Security Modernization Act (fisma), Resulting In A Federal Agency Authority To Operate (ato) [proof Of Evidence Must Be Shown Through An Ato Signed By The Issuing Federal Agency], And Must Be Able To Produce A Complete Assessment Package That Nist Can Review – The Contractor Must Confirm That The Issuing Federal Agency Has Given Permission To Allow Nist To Review The Assessment Package; or ii. The Contractor Must Have Obtained Fedramp Certification At The Moderate Level [proof Of Evidence Must Be Shown Through A Fedramp Ato Letter]; the Ato Letter(s) Must Clearly Show That The Contractor Has Been Authorized At The Moderate Level For A System That Provides Conference Registration Services. If The Contractor Is Using Subcontractors, Each Party That Will Store, Process, Transmit, Or Have Any Type Of Access To Pii Or Other Sensitive Information Shall Have The Stated Authorization At The Moderate Level. privacy the Contractor Must Have Obtained A Privacy Authorization From A Federal Agency Chief Privacy Officer Or Senior Agency Official For Privacy (saop) [proof Of Evidence Must Be Shown Through A Saop-approved Privacy Impact Assessment {pia} That Has Been Published On The Federal Agency’s Website] two-factor Authentication the Conference Registration System (or Application) Must Accept A Personal Identity Verification (piv) Card For User Authentication In Accordance With The Homeland Security Presidential Directive 12 (hspd-12): Policy For A Common Identification Standard For Federal Employees And Contractors. The Application Must Also Be Able To Implement Okta As The Multi-factor Authentication Solution For User Authentication. section 508 the Conference Registration System Shall Comply With Section 508 Of The Rehabilitation Act. pay.gov the Application Must Be Able To Integrate With Pay.gov To Accommodate Collections Of Ach And Plastic Card Payments Of Registration Fees. the Application Must Be Able To Process Pay.gov Refunds For Plastic Card Payments. the Application Must Provide Card Validation Requirements Iaw Pay.gov Guides And Technical References (https://qa.pay.gov/agencydocs/html/guides.html). the Conference Registration System Must Support A Testing And Production Environment That Includes: collection Services (to Include Refunds) Through Trusted Collection Services (tcs): The Tcs Certificate Must Be Controlled And Inventoried To Ensure That Access To The Certificate Is Restricted To Those Persons With A Need For Access, And Must Be Secured In A Fips 140-2 Compliant Certificate Container agency-specific Collections Data • Customizable Collections Fields • Capture Accounting Data To Be Passed For Interfacing Into The Nist Accounting System • Field Configuration in Addition To Pay.gov, Nist Will Also Accept Checks, Wires, And Inter-government Payments From Registrants. The Conference Registration System Must Allow For Administrators To Confirm Receipt Of Payment In The System From Sources Other Than Pay.gov. in Order For An Organization To Clearly Convey Their Capability To Fulfill The Above-identified Need, The Following Information Must Be Submitted: 1. Capabilities Statement Discussing Core Competencies. 2. Narrative Providing Evidence Of The Ability To Offer A Robust Saas Subscription-based Conference Registration System Containing The Content And Compliant With All System Specifications And It Requirements Described In This Notice. 3. A Url Granting Access To The Portal Of The On-line Saas Subscription-based Product 4. A Description Of The Organization’s Previous Experience Providing A Browser-based Conference Registration Platform Solution Capable Of Providing The Requirements Described In This Notice. 5. Indication Of Whether The Saas Subscription-based Conference Registration System Described In This Notice Is Currently Offered Via The Organization’s Gsa Multiple Award Schedule (mas) Contract, Governmentwide Acquisition Contract (gwac), Or Other Existing Governmentwide Contract Vehicle; And, If So The Contract Number(s) For This/those Vehicles. 6. Any Published Pricing. 7. Any Other Relevant Information That Is Not Listed Above Which The Government Should Consider In Finalizing Its Market Research. 8. Current Socioeconomic Status Of The Organization Including Applicable North American Industrial Classification System (naics) Code. 9. Indication Of Whether The Organization Has An Active Registration, Including On-line Representations And Certifications, At The System For Award Management (www.sam.gov) Website – To Be Considered For Award Under Any Official Solicitation, The Entity Must Be Registered And Active In Sam At The Time Of Solicitation Response. Contractors Must Have A Valid, Current Registration To Be Considered For Award Under Any Official Solicitation. 10. Fedramp Ato Letter 11. If Any Element(s) Of This Sources Sought Notice Is/are Considered A Deterrent To Competition, The Respondent Shall Include That Information With Its Response, Discussing How Their Solution Differs From The Stated Requirements Described In This Notice. no Telephone Requests Will Be Honored. All Information Provided Will Become Property Of Nist And Will Not Be Returned. this Sources Sought Notice Is For Informational And Planning Purposes And Is Not To Be Construed As A Commitment By The Government. This Is Not A Solicitation For Proposals And No Contract Will Be Awarded From This Announcement. no Reimbursement Will Be Made For Any Costs Associated With Providing Information In Response To This Announcement And Any Follow-up Information Requests. Respondents Will Not Be Notified Of The Results Of Their Capability Statement Assessment But May Be Contacted For Additional Information. the Government Reserves The Right To Use Information Provided By Respondents For Any Purpose Deemed Necessary And Legally Appropriate. Any Organization Responding To This Sources Sought Notice Should Ensure That Its Response Is Complete And Sufficiently Detailed To Allow The Government To Determine The Organization’s Qualifications To Perform The Work. Respondents Are Advised That The Government Is Under No Obligation To Acknowledge Receipt Of The Information Received Or Provide Feedback To Respondents With Respect To Any Information Submitted. any Proprietary, Classified, Or Sensitive Information Should Be Presented As An Addendum To The Non-restricted/non-proprietary Information. all Information Requested Above Must Be Submitted By E-mail To Randy.schroyer@nist.gov. Responses Must Be Submitted Not Later Than The Response Date For This Sources Sought Notice. Responses Shall Be Limited To 15 Pages, Including Attachments.