Trusted Operations, Maintenance, Cybersecurity, Assurance, and Technology
Overview
Buyer
Place of Performance
NAICS
PSC
Set Aside
Original Source
Timeline
Qualification Details
Fit reasons
- NAICS alignment with historical contract wins in similar service areas.
- Scope strongly matches core technical capabilities and delivery model.
Risks
- Past performance thresholds may require one additional teaming partner.
- Potential clarification needed on staffing minimums before bid/no-bid.
Next steps
Validate eligibility requirements, assign capture owner, and schedule partner outreach to confirm teaming strategy before submission planning.
Quick Summary
The Transportation Security Administration (TSA) is conducting market research through this Request for Information (RFI) for Trusted Operations, Maintenance, Cybersecurity, Assurance, and Technology (TOMCAT). This RFI seeks industry feedback on a Draft Statement of Objectives (SOO) and specific questions to inform a future solicitation for robust and scalable IT/OT support services. Responses are due by March 2, 2026, at 2 PM EST.
Purpose
This RFI is issued solely for market research (FAR Part 10) to identify firms capable of providing comprehensive IT/OT Operations and Maintenance (O&M) support. The goal is to advance TSA IT's strategic mission, modernize operations, enhance service delivery, strengthen agency capabilities, leverage innovative technologies, improve decision-making, and enhance customer experience. This is not a formal solicitation, and no contract will be awarded from this RFI.
Scope of Work
The anticipated future contract will cover full lifecycle management of TSA's complex IT/OT infrastructure across headquarters, field sites, airports, training centers, and international locations. Key functional areas include:
- Operations and Engineering Support Services: Fault remediation, Network Operations Center (NOC) support, incident and restoration management, image and patch management, systems performance monitoring, change/configuration/release management, disaster recovery, and testing.
- Information Assurance and Cybersecurity Support Services: Support for TSA's cybersecurity program, including incident response, FISMA compliance, Plan of Action and Milestones (POA&M) management, and vulnerability management. Services extend to on-premises, cloud (AWS, Azure), and hybrid environments, encompassing program management, IT Service Management (ITSM)/IT Operations Management (ITOM), enterprise architecture, critical incident management, network services, Identity Credential and Access Management (ICAM), and communications.
Contract & Timeline
- Type: Request for Information (RFI) / Sources Sought. Anticipated future award: Delivery/Task Order under GSA Federal Supply Schedule (FSS) Information Technology Category.
- Duration: Anticipated up to five years for the future award.
- Set-Aside: None specified (market research stage).
- Response Due: March 2, 2026, 2 PM EST.
- Published: February 19, 2026.
- Place of Performance: Springfield, VA, United States.
Response Instructions
Interested parties should:
- Comment on the Draft SOO using the provided MS Excel spreadsheet.
- Answer specific questions outlined in the MS Forms (under Links), with desired responses of approximately 300 words per question.
- Do not include proprietary, classified, confidential, or sensitive information unless appropriately marked.
- Do not submit proposals, offers, quotes, or capability statements in response to this notice.
- Email the MS Excel Spreadsheet to Michele.Reeves@tsa.dhs.gov and Sarah.Trudeau@tsa.dhs.gov.
Additional Notes
This RFI is for planning purposes only and does not guarantee a solicitation. TSA is reviewing requests for access to a Virtual Reading Room (VRR) containing Sensitive Security Information (SSI). Potential conflicts of interest with other TSA procurements are being evaluated.