Crisis Management System

Department of Homeland Security (DHS)Federal Emergency Management Agency (FEMA)Office of Response and Recovery (ORR), Operations Integration Section (OIS)Request for Information (RFI) Crisis Management System (CMS)Department of Homeland Security (DHS)Federal Emergency Management Agency (FEMA)Office of Response and Recovery (ORR), Operations Integration Section (OIS)Request for Information (RFI) Crisis Management System (CMS)This RFI is issued for information and planning purposes only and does not constitute a solicitation. All information received in response to this RFI that is marked as proprietary will be handled accordingly. In accordance with FAR 15.201(e), responses to this notice are not offers and cannot be accepted by the Government to form a binding contract. Responders are solely responsible for all expenses associated with responding to this RFI.PLEASE NOTE THAT THIS IS NOT A REQUEST FOR PROPOSAL, NO SOLICITATION EXISTS AT THIS TIME.Responses should include your company's

capability statement. The RFI number 70FA3124I00000013 shall be in the subject line of submission. Oral Communications ARE NOT acceptable in response to this notice. However, follow-up discussions / market research may be performed.Description: FEMA is interested in obtaining responses to this Request for Information (RFI) from prospective offerors that will provide an application that supports FEMA requirements. The Government encourages the responders to this RFI and prospective offerors to propose the most innovative and cost-effective methods to achieve the desired objectives and results. If the proposed application meets some, but not all, of FEMA requirements, prospective offerors should propose a path to meeting all of FEMA requirements including the proposed process, application implementation schedule and rough cost to achieve the requirements. It is also important that the application be flexible, adaptable, and capable of being updated or modified to implement additional functional capabilities to meet the Agency’s needs.Agency Background:FEMA is part of the U.S. Department of Homeland Security and is the nation’s preeminent emergency management agency. FEMA’s primary mission is to reduce the loss of life and property and protect the Nation from all hazards, including natural disasters, acts of terrorism, and other man-made disasters, by leading and supporting the Nation in a risk-based, comprehensive emergency management system of preparedness, protection, response, recovery, and mitigation.FEMA operates under several statutory authorities including the Robert T. Stafford Disaster Relief and Emergency Assistance Act, PL 100-707, the Homeland Security Act of 2002, PL 107–296, and the Homeland Security Appropriations Act of 2007, PL 109-295.FEMA prepares the nation for all hazards and manages Federal response and recovery efforts following any national incident. FEMA works in partnership with other organizations that are part of the nation's emergency management system. These partners include state and local emergency management agencies, 27 federal agencies and the American Red Cross. FEMA established the National Response Framework to provide the guiding principles for enabling all response partners to prepare for and provide a unified national response to disasters and emergencies – from the smallest incident to the largest catastrophe.General RequirementsFEMA requires vendor-supported cloud-based commercial-off-the-shelf (COTS) System as a Service (SaaS) product that is compatible with the existing crisis management system. FEMA requires this system to be hosted in a FedRamp High certified cloud-based environment at the time of award.The system shall have mass alerting and workflow notification capabilities via multiple modalities including email, SMS, voice, and mobile application. Alerting must be capable of being fully automated based on conditions and workflows within the system.The system shall provide for a library or collection of readily available off-the-shelf process workflows and features that can be used immediately, and/or further configured to support government requirements.The system must support and facilitate the interoperability among other incident event crisis management systems.Platform RequirementsFEMA will be responsible for providing networking and network security support required to facilitate integrations, Data Migration, and end-user access to Contractor SaaS Software components from the FEMA Network.The system must provide bi-directional data sharing capabilities with other intra- and inter-agency offices. The system must provide secure chat, file sharing, and workflow connectivity across agency domains in a FedRAMP High-hosted platform, as authorized to facilitate the flow of information.The system must be available in secure single-tenant structure, not multi-tenant, to provide for increased security, dependability, and custom configuration potential.Security: A single agency and a dedicated federal server set contained on secure hardware being used by a credential group of government employees and contractors eliminates the risk of outside breach.Dependability: With an entire environment dedicated to one agency, resources are abundant and available anytime.Custom Configuration: Control over the entire environment allows for configuration customization and added functionality.The platform shall utilize open Application Programming Interfaces (API) to provide the maximum flexibility and adaptability to integrate with most third-party applications/systems.The system administrators must have the ability to configure custom workflows via low-/no-code tools provided by the vendor.System administrators must have the ability to configure custom dashboards tied to workflows using via low-/no-code tools provided by the vendor.The system must be able to create administrator-level configurable data input forms that feed into existing workflows and processes within the system. Data input forms must have offline capabilities due to the remote, hard to connect disaster locations.The system must comply with Federal Law, Executive Orders, and other policy.The system must be capable of automated scaling for peak users’ access, security patches, hardware upgrades, and seamless modernization.The offeror shall ensure Multi-factor Authentication (MFA), with FEMA users accessing via Personal Identification Verification (PIV) and username and password for all other users through Okta.FEMA may request no-cost technical demonstrations of the system. Please indicate whether you can provide a capability demonstration of the proposed solution for an enterprise-wide system.Requested Information: Interested parties are encouraged to respond to this notice if they have the capability to meet the system functionalities identified in this document. Questions related to this RFI are due by Noon, March 25, 2024 , and should be forwarded via email to Gene Garrett at gene.garrett@fema.dhs.gov and Jimmy Nguyen at jimmy.nguyen@associates.fema.dhs.gov. The due date and time for responses is April 3, 2024, and shall be submitted via email to JGene Garrett at gene.garrett@fema.dhs.gov and Jimmy Nguyen at jimmy.nguyen@associates.fema.dhs.gov.Responses should be limited as outlined in the attached technical document. Each response section shall be clearly titled and shall begin at the top of each page (e.g., Corporate Profile, Previous Performance, Critical Business Requirements). The response shall be no more than twenty (20) pages. All pages of each response section shall be appropriately numbered and identified by the complete company name, date, and reference number listed on the Notice in the header and/or footer. Page size shall be no greater than 8 1/2" x 11." The top, bottom, left and right margins shall be a minimum of one inch each. Font size shall be no smaller than 12-point. Arial or New Times Roman fonts are required. Characters shall be set at no less than normal spacing and 100% scale. Tables and illustrations may use a reduced font size not less than 8-point and may be landscape. Line spacing shall be set at no less than single space. Each paragraph shall be separated by at least one blank line. Page numbers, company logos, and headers and footers may be within the page margins ONLY and are not bound by the 12-point font requirement. Footnotes to text shall not be used. Pages in violation of these instructions, either by exceeding the margin, font, or spacing restrictions or by exceeding the total page limit, will not be reviewed. Pages more than the maximum will be removed from the end of the response without being reviewed. The page count will be determined by counting the pages in the order they come up in the print layout view. Pages not reviewed due to violation of the margin, font or spacing restrictions will not count against the page limitations.Your response may be releasable to the public under the Freedom of Information Act (FOIA), 5 U.S.C. 552, and the DHS FOIA regulation, 6 C.F.R. Chapter 1 and Part 5. If you wish FEMA to consider any portion of your response as "confidential commercial information", you should clearly mark the portion as "confidential commercial information". The procedures for identifying "confidential commercial information" are set forth in the DHS FOIA regulation cited above and are available on the DHS website, http://www.dhs.gov/xfoia/editorial_0579.shtm. FEMA, at its discretion, may request respondents to this RFI to elaborate on information in their written response. All information contained in this RFI is preliminary and is subject to revision and is not binding on the Government.The collection of this data does not obligate the U.S. Government to the incorporation of the solicited comments in any future procurement action nor does it obligate the Government to the procurement of any services or products related to this RFI. Responses to this RFI will not be returned nor will respondents be privy to debriefings to their respective submittals. Information provided will be used solely by FEMA as market research and will not be released outside of the FEMA Operations Integration Section.Requested Information Respondents are requested to provide information about solutions they offer or may propose. Please provide the information you deem relevant to respond to the specific inquiries of the RFI. Please refer to the following Items for specific questions/criteria that FEMA is looking for Industry to provide answers to in their responses: Corporate Information and Solution Context: FEMA requests information about the provider, their experience providing solutions similar to the requirements of this RFI related to UI/UX developments, highly secured and hardened cloud hosting with FedRAMP High authorization, extensive collaboration and networking capabilities, emergency management and response, mass alerting, customized workflows, interoperability, predictive analysis which offer sophisticated insights into outcomes based on historical data and statistical modeling for risk and opportunity assessments, integrated access to other federal and defense agencies for data sharing, collaboration, and common operating pictures (COP) across FEMA and all of its stakeholders. Critical Business Requirements: FEMA requests information about the offered solution’s ability to perform against a non-exhaustive list of high-level agency wide technical solution requirements. To support budget and planning purposes you may also include rough cost estimates based upon the objectives outlined in the RFI.Advise if your product is available via existing contract vehicles or special procurement authorities such as GSA Federal Supply Schedules (FAR 8.4), FAR 19.8 8(a) procedures, Small Business Innovation Research (SBIR) program, etc.