Closed
Save

Apply CMMC Requirements for SCB MAC Contract

Department of Defense (DoD) > U.S. Navy > NAVSEASol: N00024-25-RFPREQ-PMS-300-0009
$5K – $100K per task order

This opportunity is closed

The response deadline has passed. Review the details for future reference or to track similar opportunities.

Quick Brief

The Department of Defense (DoD) is informing contractors about the potential application of Cybersecurity Maturity Model Certification (CMMC) requirements for future contract actions under the SCB MAC IDIQ. Contractors must have a current CMMC status recorded in the Supplier Performance Risk System (SPRS) as a condition of award.

Generated 57d ago

Scope & Requirements

Future contract actions under the SCB MAC IDIQ will include CMMC requirements to ensure the security of contractor information systems processing, storing, or transmitting Federal Contract Information (FCI) or Controlled Unclassified Information (CUI).

Attachments

No files on SAM.gov

This listing does not include downloadable attachments. The solicitation details may be in the description below.

Verify on SAM.gov

Contract Details

Contract Vehiclei
IDIQ
Estimated Value
$5K – $100K per task order
IDIQ ceiling: $350K
Similar contracts award $5K$100K (median $25K, 2,112 awards)
NAICS Codes

Qualifications & Eligibility

Certifications
  • Cybersecurity Maturity Model Certification (CMMC)
Required Registrations
  • Supplier Performance Risk System (SPRS)
  • SAM.gov

Agency & Contact

Contracting Organization

Agency
DEPT OF DEFENSE
Sub-Agency
DEPT OF THE NAVY
Office
NAVSEA

Point of Contact

John A. Smith
Contracting Officer
[email protected]
(202) 555-0100

Key Dates

Published3mo ago
Mar 17, 2026
Last Updated3mo ago
Mar 17, 2026
Response Due2mo ago
Apr 16, 2026

Description

this notice to Industry to inform current and prospective contractors for the SCB MAC IDIQ that future contract actions issued shall include the Cybersecurity Maturity Model Certification (CMMC)

requirements in accordance with Department of War (DoW) implementation of the CMMC program. This notice is informational only and does not constitute a solicitation, request for proposals. As DoW continues implementation of the CMMC program,

Contracting Officers shall include applicable CMMC

requirements in solicitations and contracts when contractor information systems are expected to process, store, or transmit Federal Contract Information (FCI) or Controlled Unclassified Information (CUI). The applicable CMMC level, will be identified in the solicitation, or delivery order. Offerors shall be required to have a current CMMC status recorded in the Supplier Performance Risk System (SPRS), including applicable assessment results and affirmations, as a condition of award for the contract, task order, or delivery order where CMMC

requirements apply. The solicitation and any subsequent task/delivery orders shall include applicable Federal Acquisition Regulation (FAR) and Defense Federal Acquisition Regulation Supplement (DFARS) cybersecurity provisions and clauses, including but not limited to: FAR 52.204-21, Basic Safeguarding of Covered Contractor Information Systems DFARS 252.204-7008, Compliance with Safeguarding Covered Defense Information Controls DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting DFARS 252.204-7019, Notice of NIST SP 800-171 DoD Assessment

Requirements DFARS 252.204-7020, NIST SP 800-171 DoD Assessment

Get matched to contracts like this daily

Free AI-powered contract matching for your business.