RFQ: Currency Reader Information Management System (CRIMS) Support, Enhancements, and Upgrades

Form / Attachment / Pricing Sheet

This document, "Attachment J7 - Agile Methodology," serves as a comprehensive guide to Agile software development principles and practices, specifically focusing on the Scrum framework. It is intended to inform potential bidders about the methodologies and processes that may be employed in the execution of the contract.

• Agile Principles and Manifesto: Outlines the core values and principles of Agile development.
• Scrum Framework: Details the roles (Scrum Master, Product Owner, Scrum Team Member, Stakeholders), ceremonies (Sprint Planning, Daily Standup, Backlog Refinement, Sprint Review, Sprint Retrospective), artifacts (Product Backlog, Sprint Backlog, User Stories, Tasks), and processes within Scrum.
• Agile@Library Specifics: Includes guidance on Agile@Library's approach to Product Roadmaps, Feature Roadmaps, Release Planning, Definitions of Ready and Done, and User Acceptance Testing (UAT).
• Metrics and Progress Tracking: Explains various metrics used to measure progress, such as Sprint Burndown, Version Report, Predictability, Productivity, Defects, and Team Velocity.
• Splitting Techniques: Describes methods for breaking down work into manageable units, including FEEDBACK for Epics and SPIDR for User Stories.

This document is crucial for bidders to understand the expected development methodology. It highlights the importance of iterative development, collaboration, frequent feedback, and adaptability. Bidders should familiarize themselves with these Agile and Scrum concepts to demonstrate their capability to work within such a framework, which is likely to be a key aspect of the project's execution and evaluation.

Form / Attachment / Pricing Sheet

This document is an Excel spreadsheet titled 'Attch J6 Sol Q A Matrix.xlsx'. It appears to be a matrix designed for recording questions or observations related to a solicitation, along with responses. The columns include 'No.', 'Page #', 'Document & Section Number', 'Reference Text', 'Questions or Other Observations', and 'Library of Congress Response'.

• The matrix is structured to log specific questions or comments from offerors.
• It allows for referencing specific parts of the solicitation documents.
• It includes a column for the government's official response.

This attachment is likely intended for bidders to submit their questions or seek clarifications regarding the solicitation. It serves as a structured method for communication between potential offerors and the contracting agency, ensuring that all questions and answers are documented and potentially shared. Bidders should use this format if instructed to submit questions through this specific channel.

Form / Attachment / Pricing Sheet

This document is a draft Service Level Agreement (SLA) outlining the services the Contractor will provide to the National Library Service for the Blind and Physically Handicapped (NLS) for the Currency Reader Information Management System (CRIMS). It details performance expectations, support procedures, and security requirements.

• Service Levels: Defines response and resolution times for different ticket categories (Urgent, High, Normal, Low).
• Support Services: Outlines help desk operations, ticket submission process, and categorization of requests.
• Security: Addresses compliance with Library of Congress Security Directives, FedRAMP moderate certification, and security scanning.
• Backups and Disaster Recovery: Specifies Recovery Time Objective (RTO) and Recovery Point Objective (RPO), daily/weekly backup procedures, and DR site maintenance.
• Monitoring: Details continuous monitoring of system performance, logs, and security scanning.
• Change Management: Describes the process for requesting and approving changes to the application, including a Change Control Board (CCB).
• System Patching: Outlines procedures for applying OS, software, and application updates, including a process for zero-day security patches.
• Outages and Maintenance: Differentiates between planned and unplanned outages, notification requirements, and root cause analysis.
• Escalation Policy: Details the process for escalating issues if support response times or performance metrics are not met.

This SLA is crucial for potential bidders as it defines the operational and performance standards expected for the CRIMS application. It highlights the critical nature of system availability, response times, security compliance, and disaster recovery. Bidders should carefully review these requirements to assess their capability to meet the defined service levels and understand the associated responsibilities and processes for support, maintenance, and change management.

Solicitation / RFP / RFQ

This solicitation is for the "Currency Reader Information Management System (CRIMS) Maintenance Support" for the Library of Congress (LOC). The objective is to enhance electronic patron engagement and patron record security by implementing a secure Azure web-based user interface and associated tools. This aims to improve application throughput for the US Currency Reader Distribution Program (CRDP), which distributes assistive technology for reading paper money.

• Maintain the existing CRIMS system and support legacy upgrades.

• Devolve paper-based workflows to electronic ones and migrate user operations to a fully web-based electronic workflow.

• Improve system security using a robust Microsoft Azure environment.

• Support Agile Software Development, including developing and maintaining the System User Interface, providing Azure infrastructure support, and maintaining system website development.

• Provide cloud hosting environments, operations, and cloud support.

• Deliver various documentation, including a Service Level Agreement (SLA), boundary and architecture diagrams, and IT security documentation.

• Support optional CLIN for Phase-In/Out implementation of system transition.

• Contract Type: Firm-Fixed-Price.

• Period of Performance: Base Period of 12 months (2/18/2026 – 2/17/2027) and Option Period 1 of three months (2/18/2027 – 5/17/2027).

• Award Amount (for PO LCNLS25P0002): $180,600.00

• Questions due: December 8, 2025, 20:00 EST. Must use Attachment J6.

• Response due: Offer due date listed in Box 8 on page 1 (December 19, 2025, 18:00 EST).

• Submission: Email to tblose@loc.gov and qcart@loc.gov.

• Evaluation: Best Value Trade Off approach, considering Technical Approach and Corporate Experience as primary non-price factors, with price being less important. Offerors with "Low Confidence" ratings in technical factors will not be considered for award.

• This acquisition is unrestricted.

• Incumbent Information: Capstone IT, Inc. | UEI: NQR8NCCRK745.

• Offerors must submit proposals with no more than 10 pages for non-price evaluation factors.

• Price/payment details are to be indicated in Attachment J6, with a preference for published rates.

Form / Attachment / Pricing Sheet

This document is Attachment J5, a Pricing Quote Template for Solicitation # 030ADV26Q0024, titled 'FY26 Currency Reader Information Management System (CRIMS) Maintenance Support'. Offerors are required to complete this template to fulfill the requirements outlined in the Statement of Work.

• Offeror Information: Fields for Offeror Name and UEI #.
• Base Year (02/18/2026 - 02/17/2027): Includes CLINs for System Administrator Level III, Application Programmer Level III, Project Manager Level III (priced per Sprint), and MS Azure Support (priced per Month).
• Option Period 1 (02/18/2027 - 05/17/2027): Includes corresponding CLINs for the same services.
• Pricing Fields: Columns for Quantity, Unit, Rate, Discount, Final Rate, Unit Price, and Total Amount.
• MS Azure Support Breakdown: A separate sheet is provided for offerors to detail the breakdown of monthly MS Azure Support services, including part numbers, unit prices, discounts, and labor rates.

Offerors must use this template to submit their pricing proposal. The template guides the structure of the price quote, including labor categories and level of effort. While the government provides estimated labor categories and levels of effort for informational purposes, offerors should propose their own based on their technical approach. Discounts are encouraged but must be clearly identified as a percentage off quoted or published rates. The breakdown of MS Azure Support is crucial for price reasonableness determinations.

Form / Attachment / Pricing Sheet

This document, the "Currency Reader Information Management System (CRIMS) Configuration Management Plan Version 1.2," outlines the processes and procedures for managing changes to the CRIMS system throughout its lifecycle. It serves as a guideline for how changes should occur for applications, subsystems, and devices within the CRIMS authorization boundary.

• Scope: Covers all changes to the CRIMS system and related documentation, including configuration and accreditation documentation.
• Configuration Items (CIs): Identifies hardware, software, firmware, and documentation as CIs subject to configuration management.
• Roles and Responsibilities: Defines roles such as Change Requestor, Change Agent, Information System Security Officer (ISSO), OCIO Change Advisory Board (CAB), Documentation Configuration Manager, System/Application Administrator (SA/AA), and Information System User.
• Configuration Management Process: Details the process for managing changes, including Change Requests (CRs) and Emergency Change Requests.
• Baseline Configuration: Establishes and maintains a baseline configuration as a reference for future changes.
• Hardening Guides: References LOC Hardening Guides used for configuring IT products to operational environments and verifying proper configuration.

While this document is primarily an internal process document for managing the CRIMS system, it provides insight into the operational framework and change control procedures governing the system. Bidders involved in future opportunities related to CRIMS may find it useful to understand the established processes for system modifications, security reviews, and documentation management. It highlights the importance of adhering to defined procedures and the roles involved in system changes.

Other / Unclassified

This document is the Library of Congress (LC) Information Technology (IT) Security Directive 5-410.1, titled "General Information Technology Security." It establishes the baseline security requirements for LC information systems and provides direction to managers and senior executives for protecting these systems. The directive outlines policies related to management, operational, and technical controls necessary for ensuring confidentiality, integrity, and availability within the LC information system infrastructure and operations.

While this document is not a solicitation, RFP, or SOW, it provides critical context for any vendor seeking to do business with the Library of Congress involving IT systems. It details the comprehensive IT security policies, procedures, and controls that all systems, including those of outside organizations granted access to LC IT resources, must comply with. Understanding these requirements is essential for any potential bidder to ensure their proposed solutions and ongoing operations will meet LC's stringent security standards. Key areas covered include:

• Scope: Applies to all LC hardware, software, media, facilities, service units, personnel, and contractors, as well as outside organizations accessing LC IT resources.
• Compliance: New IT systems must comply immediately; existing systems must comply within 90 days.
• Roles and Responsibilities: Defines key roles such as CIO, CISO, Authorizing Official (AO), Information System Business Owner (ISBO), and Information System Security Officer (ISSO), outlining their security responsibilities.
• Security Controls: Organizes policies into Management, Operational, and Technical controls.
• Specific Areas: Covers a wide range of security topics including Risk Management, Supply Chain Risk Management, Vulnerability Management, Access Control, Cryptography, Malware Protection, and Incident Response.
• Contractor Requirements: Explicitly states that statements of work and contract vehicles must identify specific security requirements for contractors.

Form / Attachment / Pricing Sheet

This document, "Attachment J2 Currencyreader.gov Site Defined," outlines the functional requirements for a webform and associated system processes related to the Currencyreader.gov website. It details the maintenance, submission, validation, data analysis, and integration requirements for a system that allows users to request currency reader devices.

• Webform Functionality: Requires maintenance in English and Spanish, confirmation of submission with a unique identifier, prompts for errors, digital signature capability, and validation of applicant information.
• Required Fields: Includes Applicant Name, Street Address, City, State, Zip Code, Email Address, and radio buttons for NLS membership, US citizenship, and confirmation of hand-delivered transactions.
• NLS Review and Validation: Describes a workflow for NLS staff to review, edit, update, or delete patron data from submitted forms before import into CRIMS.
• Data and Analytics: Specifies capabilities for data analysis, reporting via a web interface, CSV export, and maintenance of all application records.
• Integration with CRIMS: Details the integration of a new MS Azure UI with the legacy CRIMS system for editing and accreting patron records, including manual editing, managing duplicate entries, and maintaining legacy records and service level agreements.

This attachment defines critical system functionalities and requirements for a web-based application. Bidders should review these requirements to understand the technical specifications, data handling processes, and integration needs for the Currencyreader.gov platform. This information is crucial for developing or proposing solutions that meet the government's operational and technical standards for this system.