For any of you out there pursuing the new COMSATCOM SIN's (132-54 &132-55) under Schedule 70, you may have noticed a pretty lengthy requirement called the 'Information Assurance Compliance Checklist'. Its 49 pages to be exact. At first glance, the form can seem pretty daunting and difficult to fill out. I've recently spent quite a bit of time on the phone with GSA in an attempt to figure out EXACTLY what they're looking for and it's pretty clear that they're still working through the requirements of the form, trying to determine precisely how they want to see the information requested.
Pros: The newness of the form allows a little bit of wiggle room when determining how to fill it out and you currently have an opportunity to communicate feedback and improvements to GSA;
Cons: It's long, confusing, and the lack of clear direction can be frustrating for anyone, which is evident with that fact there are only 2 awarded contractors with these SINs. A source at GSA tells me that roughly 70% of modification requests have been rejected thus far.
In order to help other potential contractors working through the IACC, I'd like to share the basic information I've received directly from those parties responsible for reviewing the form at GSA. Some tips:
I think the biggest challenge you'll come across in filling out this form is finding the right people to fill in the information, since it's unlikely that one person will be able to accurately complete the entire form. My recommendation is that you select a small team (3-4 people) and set aside some time for everyone in the group to meet and fill in the form. Try making it a formal meeting and send out the information ahead of time so that people can get started in their spare time. Setting up a formal group and scheduling deadlines will make the process less painful and will prevent the task from holding up the entire offer submittal process. At least, until GSA issues a new Refresh to the IT Solicitation and changes the requirements again! Best of Luck!