DA01--Supply Chain Management DevSecOps and Integration (SCMDSO) - New TO (VA-26-00021946)

Request for Information (RFI)

This RFI is issued by the Department of Veterans Affairs (VA) for market research and planning purposes related to the Healthcare Environment and Logistics Management (HELM) Supply Chain Management Development Security Operations (SCMDSO) Integration. The VA is seeking to identify qualified vendors capable of meeting its requirements for this integration contract. This RFI does not constitute a Request for Quote or Proposal and does not commit the government to a future contract.

The VA's Office of Information and Technology (OIT) Product Delivery Services (PDS) aims to modernize and standardize supply chain business processes and systems across all VA medical centers. This initiative is driven by identified gaps in current systems, requiring accurate and accessible supply chain data to improve operations. The VA's Digital Modernization Strategy emphasizes secure, cloud-based platforms, Zero Trust cybersecurity, agile development, enterprise interoperability, and improved user experience.

Vendors are requested to provide information on their ability to meet requirements related to:

• Expediting hiring and onboarding of qualified IT professionals.

• Providing complete Software Development Lifecycle (SDLC) activities within an Agile framework, including continuous integration for multiple products.

• Offering end-to-end cybersecurity support, including Risk Management Framework compliance, DevSecOps, cloud security, and incident response.

• Delivering enterprise-wide major IT system technical integrations and deployments.

• Developing and executing an IT Supply Chain Technical Roadmap for incremental legacy system replacement.

• Providing tiered training approaches for IT software.

• Leveraging AI/ML to support IT organization priorities and reduce costs.

• Technically integrating with VA enterprise programs (e.g., EHRM, FMBT, VistA).

• Supporting modern containerized enterprise interoperability platforms with DevSecOps capabilities.

• Consolidating, standardizing, normalizing, and migrating customer data platforms to cloud-hosted repositories.

• Deadline: Responses are due by 12:00 PM Eastern Standard Time on May 8, 2026.

• Submission Method: Electronically via email to the Technology Acquisition Center (TAC) points of contact (michelle.prinston@va.gov and jason.king6@va.gov).

• Format: Responses should not exceed 12 pages. No marketing materials or generic capability statements will be accepted.

• Required Information: Vendors must include company name, address, point of contact, phone number, email, business size and status (including VOSB/SDVOSB proof if applicable), NAICS code(s), socioeconomic data, Unique Entity Identifier (UEI), and existing contractual vehicles.

• Marking: Proprietary information must be clearly marked.

• File Size Limit: Email attachments must not exceed 5 MB.

Set-aside decisions may be made based on the information provided in response to this RFI. Vendors interested in VOSB and SDVOSB set-asides should indicate their ability to comply with VAAR 852.219-10.

• The VA is not responsible for any costs incurred in responding to this RFI.
• Submissions are voluntary and become government property.
• The VA is under no obligation to provide feedback or contact respondents for clarification.
• Respondents are advised that this requirement may be delayed, canceled, or revised at any time.

Statement of Work (SOW) / Performance Work Statement (PWS)

This Performance Work Statement (PWS) outlines the requirements for the Department of Veterans Affairs (VA) Office of Information & Technology (OIT), Digital Service Delivery (DSD), Health Services Portfolio, Healthcare Environment and Logistics Management (HELM) to modernize, sustain, standardize, and streamline software solutions for supply chain, logistics, and related areas. The goal is to support a unified, efficient, and data-driven supply chain and logistics environment across the VA.

The contractor will provide comprehensive technical, functional, and lifecycle support for existing and future HELM Product Line (PL) products and new systems. This includes full Software Development Life Cycle (SDLC) services, Operations & Maintenance (O&M), cybersecurity and regulatory compliance, enterprise deployment, incremental enhancements, implementation and integration support, interface development, platform management, training, and Cloud Migration and Hosting services. The contractor will apply advanced DevSecOps and engineering capabilities aligned with VA's Zero Trust Architecture Strategy and Digital Modernization Strategy.

The Performance Period (PoP) is a 12-month base period with four 12-month option periods, not to exceed 60 months. Work will primarily be performed at contractor facilities, with potential for remote work with COR concurrence. Travel is anticipated and will be in accordance with Federal Travel Regulations.

• Order Type: Hybrid Firm-Fixed Price (FFP) Base with Time and Materials (T&M) optional tasks and a Cost Reimbursable Travel Line.
• Labor Categories: Personnel must meet applicable Labor Category (LCAT) levels, qualifications, and certifications, with expertise in SAFe Agile, Product Management, DevSecOps, engineering, and Data Migration.
• Agile Framework: The contractor shall utilize the Agile framework for product management, delivering iteratively and incrementally.
• Technical Reference Model (TRM): VA TRM compliant tools are to be used.
• DevSecOps Practices: Adherence to VA policies and DevSecOps practices is required.
• Collaboration: Work with other Government Contractors and stakeholders is expected.
• Security & Privacy: Compliance with all applicable federal and VA security and privacy requirements, including Zero Trust, FICAM, and Section 508, is mandatory. A Business Associate Agreement (BAA) is required.
• Government Furnished Equipment (GFE): Laptops will be provided for remote access. Other IT accessories are the contractor's responsibility.
• AI/ML Requirements: If AI/ML is part of the solution, compliance with specific executive orders and memorandums is required, ensuring trustworthy, secure, responsible, accountable, and ideologically neutral AI innovation.

Solicitation / RFP / RFQ

This document is a Request for Information (RFI) for the Supply Chain Management DevSecOps and Integration (SCMDSO) - New TO (VA-26-00021946) requirement. It includes several attached documents providing further details.

This RFI is accompanied by:

• Request for Information 36C10B26Q0376 HELM Products Attach_1

• Request for Information 36C10B26Q0376 SCM DSO DRAFT PWS

• Request for Information 36C10B26Q0376 SCM DSO

• Product Service Code: DA01

• NAICS Code: 541512

• Contracting Office Address: Department of Veterans Affairs, Technology Acquisition Center, 23 Christopher Way, Eatontown NJ 07724

• Response Date/Time/Zone: 05-08-2026 12:00 EASTERN TIME, NEW YORK, USA

Not specified in the provided text.

This appears to be an RFI, and the attached documents contain the core details of the requirement. Bidders should review all attached documents for comprehensive information.

Form / Attachment / Pricing Sheet

This document is an Excel spreadsheet containing detailed information about various IT systems and products relevant to the Health Executive Leadership Management (HELM) portfolio. It serves as a reference for understanding the technical landscape, system functionalities, and operational status of these IT assets.

• System Name & Acronym: Identifies each IT system.
• System Status: Indicates if the system is in Production, Development, etc.
• IT Product Model / Sub Product Line: Specifies the type of IT product or its categorization.
• Number of Users / User Count: Provides an estimate of the user base.
• ATO Expiration Date / Hosting: Details the Authority to Operate status and hosting environment (e.g., VAEC AWS, VA Platform One).
• Software Type / Technology: Lists the programming languages, COTS products, and underlying technologies used.
• Interfaces: Outlines the systems and platforms each IT asset integrates with.
• Product Description: Offers a narrative summary of the system's purpose and functionality.

This attachment provides potential bidders with a comprehensive overview of the existing IT infrastructure and systems within the HELM portfolio. Understanding these systems, their technologies, dependencies, and operational status is crucial for bidders to assess the technical environment, identify potential integration challenges or opportunities, and tailor their proposals to align with the VA's current technological landscape. It highlights the types of solutions the VA utilizes and the interconnections between them, which can inform technical approach and resource planning.