Solutions for the Information Technology Enterprise III (SITE III)

This non-personal services contract delivers Solutions for the Information Technology Enterprise III (SITE III) to the Defense Intelligence Agency (DIA) and the National Geospatial-Intelligence Agency (NGA). The Government will not exercise any supervision or control over the service contractors performing the services herein. Servicing contractors are accountable solely to the Contractor, who, in turn is responsible to the Government.


The Chief Information Office (CIO) mission is to provide the full range of support required to plan, maintain, and sustain the global CIO organization. The CIO seeks to exercise broad responsibility and authority for planning and to manage its operations
and services.

This Statement of Work (SOW) describes the basic services contractors shall provide to support the DIA and NGA under the SITE III Indefinite Delivery/Indefinite Quantity (IDIQ) contract vehicle. This IDIQ contract establishes the acquisition framework for delivering the full scope of information technology services and capabilities to support intelligence needs for the DIA and the NGA.

This contract vehicle provides participating organizations with comprehensive Information Technology (IT) technical support services. This vehicle leverages a mix of large and small prime and subcontractor businesses to satisfy mission requirements.

The SITE III multiple award contract vehicle qualifies selected contractors to propose solutions for ensuing TOs. The Government will provide a Performance Work Statement (PWS) or Statement of Work (SOW), Cost Volume, and a Quality Assurance Surveillance Plan (QASP) for each task order. Associated performance objectives, deliverables, and thresholds will be specified in the PWS or SOW in each TO as appropriate.


The DIA CIO’s primary objective with SITE III is to support warfighters, policymakers, and acquisition leaders across the Defense Intelligence Enterprise (DIE) by achieving an Information and Communications Technology advantage. SITE III provides strategic, technical, and program management guidance and support services to facilitate the operations and modernization of the agency’s infrastructure, systems, and applications. The SITE III contract is not intended for staff augmentation. Rather, the SITE III contract provides managed services directed towards improving integration, information sharing, and information safeguarding through the use of a streamlined information technology (IT) approach. The CIO expects innovation with common architecture, consolidated operations, and cloud environments in alignment with the Intelligence Community’s Information Technology Enterprise (IC ITE) as directed by the Director of National Intelligence (DNI). Task Orders issued under SITE III must comply with Industry Standards, IC, and CIO Directives, to include memorandums and directives issued by the CIO Technical Leadership Council (TLC).


The SITE III IDIQ contract vehicle addresses the evolving needs vital to the security of the United States. SITE III facilitates worldwide coverage for integrated IT intelligence requirements and technical support services to the DIA and NGA.

Contractors shall provide the full range of integrated strategic, analytic, and technical support services DIA may need to design and implement optimal Infrastructure, Systems, and Applications initiatives and ensure progress toward meeting requirements and objectives. The selected contractors shall have subject matter expertise and provide all resources necessary to perform the specific requirements as defined in individual task orders.

Contractors shall develop, maintain, and periodically update Supply Chain Risk Management (SCRM) plans at no cost to the Government. SCRM plans are intended to reduce performance and security risks of the products sold, installed, and maintained throughout the life-cycle. SCRM plans shall include sufficient detail for the Government to determine that the Contractor reasonably understands its supply chain and the associated risks. The Contractor shall ensure that genuine Information and Communication Technology (ICT) will be available under the contract and shall manage the risk to ensure counterfeit or illegally modified products are not shipped. SCRM plans shall describe the processes and practices ensuring Contractors can deliver genuine ICT.

The services and capabilities supported by the SITE III contract vehicle will provide responsive, secure, and timely solutions to participating organizations that meet current and future IT requirements. Technical requirements are defined in Section 5 of this document. The SITE III contract supports both classified and unclassified programs on multiple networks and security domains. Individual task orders will identify the scope of work required for networks, domains, and security.

It is not possible for the Government to determine the precise types or amounts of services it will require during the full term of the contract. The Government will make every effort to provide the Contractor with ample time to respond to new requirements. However, some task orders on this contract may require fast responses to address emergent requirements. Services performed will be non-personal and shall not include inherently governmental services. The Government reserves the right to designate selected task orders (TOs) as set-asides for competition among small businesses.


The SITE III IDIQ contract vehicle streamlines the delivery and management of application and infrastructure services and functions for current and emerging requirements. Industry partners shall have relevant experience in essential IT services and the functions listed within this document. Task orders may contain requirements for one to many of the IT services and functions listed based on a participating Government organization’s requirements. Enterprise activities and services may be combined to maximize efficiencies, drive process improvements, eliminate service overlaps, evolve with leading-edge technology, and realize cost efficiencies at the task order level to provide strategic IT advantages to the US Government.



The Contractors shall provide the following:

5.1. Enterprise Activities and Services

5.1.1. Enterprise Architecture Definition, Documentation, and Planning The Contractor shall develop the IT system architecture documentation, design, and plans of current and future technical and functional/business systems by depicting technical, systems, and functional architecture views. Services include the facilitation and development of plans that enable information sharing, integration, and interoperability by considering service-oriented architecture best practices by aligning architectures with overarching Federal, IC, Department of Defense (DoD) architectures, and other related architecture activities. Contractors shall provide the architectural support through the full life-cycle of planning, execution and management of Enterprise data backup, Humanitarian Assistance and Disaster Response (HA/DR), Continuity of Operations (COOP), and include initial planning through systems decommissioning.

5.1.2. Technology Assessment and Evaluation The Contractor shall provide or support researching, developing, testing, and evaluating (RDT&E) of new and emerging technology for potential insertion into current and future programs to satisfy mission requirements based on a business case analysis (e.g., cloud services or Big Data analysis). These tasks may include but are not limited to, analytical capabilities, infrastructure innovation, data innovation, and other strategic innovations. The RDT&E shall comprise of practices that enable rapid fielding of capabilities developed externally, including the establishment of a Continuous Integration/Continuous Delivery (CI/CD) methodology and a systematic, repeatable, secure, and streamlined delivery of capabilities to production environments.

5.1.3. Independent Testing and Verification The Contractor shall provide management and operational support for enterprise independent testing activities designed for system, application, and service-oriented IT functions to uncover operational software, hardware, and/or system flaws before fielding to reduce and eliminate erroneous products or mission failure. Activities associated with these efforts include, but are not limited to, establishing evaluation criteria and conducting evaluations for applications; ensuring security controls are aligned with the assessment & authorization and audit processes, and applications comply with risk management authorization process in accordance with IC Directive 503, DoD Instruction 8500 (i.e., IA Controls, Cyber Security), IC Standard 500-27 audit data, and Other relevant DoD and IC Cyber Security/Security policies, implementing a centrally managed test process, documenting testing requirements for evolving service-oriented architectures, participating in mission application in-plant acceptance testing and beta tests, working with functional users that the test processes address user requirements and issues, and establishing a library of widgets that link to documented test processes plans and procedures for enhancement and reuse on various mission applications.

5.1.4. Project Management and Planning The Contractor shall provide project management and planning services with the capability to manage large projects applying the Project Management Institute (PMI) best practices (e.g., Project Management Body of Knowledge, (PMBOK), Guide & Standards, and IC agency-level software development lifestyle standards. The Contractor shall provide Information Technology Infrastructure Library (ITIL) Service Management Framework (Version n and any subsequent revisions), and guide provisioning of the services and the processes, functions, and other capabilities needed to support them. Apply current industrial software development best practices that contain iterative and incremental project management techniques similar to the agile software development life cycle standards while utilizing DIA’s Risk Management Framework (RMF). The Contractor shall provide for processes and functions across the entire ITIL life-cycle (Service Strategy, Service Design, Service Transition, Service Operation, and Continual Service Improvement); organizations may call out specific ITIL process and functional requirements within follow-on task orders to support their IT operating models.

5.1.5. Logistical Support and Inventory Management The Contractor shall perform associated logistical support and inventory management functions to maintain and track equipment and software accountable (unless provided as Government furnished equipment) under the contract. This task includes acquiring and managing all parts and materials necessary to support the actions required as specified in task orders. Logistics support and inventory management includes but is not limited to, the equipment, spares, and licensing inventory management, shipping and receiving, ordering, tracking, shipping, expediting purchases, warehousing, storage, and staging. The Contractor shall develop and implement techniques, processes, and procedures to maintain a “just-in-time” inventory methodology, which ensures customer fulfillment while reducing warehousing cost of storage. The vendor shall analyze and recommend updates, enhancements, or replacements to extend the life or improve the reliability of critical equipment or equipment no longer supportable by repair or replacement. Contractors shall have written Government approval prior to the implementation of recommendations and purchases in accordance with all Federal, DoD, and DIA contracting regulations. Recommended updates shall support integration with existing systems and dashboards at DIA, ensuring a centralized view of logistical support, inventory management, and records maintenance in accordance with DIA, Office of the Director of National Intelligence (ODNI), and DoD policies to support audit requirements.

5.1.6. Asset and Configuration Management The Contractor shall provide current architectures comprised of separate disparate client server legacy, virtual, and cloud environments. The Government will migrate and transition to a hybrid architecture with a heavy emphasis on virtual and cloud environments. Asset and configuration management are defined differently for each of environment. The work includes asset management and configuration management (CM) services to maintain technical and administrative control of the functional and physical characteristics of technology assets. It also provides continuous visibility into the types and numbers of assets throughout the enterprise. The work includes identification and definition of the IT configuration items (CIs) in the system and control the change of these items throughout their life-cycle as well as report status of a CI during its life cycle. The work objectives include supporting and conducting periodic change boards or other CM-related meetings. The work includes managing the status accounting process, facilitating status review and change boards, document review board results, and follow up on action items from the CM-related meetings. The Contractor shall integrate with existing systems and Dashboards to ensure DIA maintains a continuous centralized view of asset and configuration management and eliminates hierarchical and organizational information flow constraints, also known as stovepiping.

5.1.7. Knowledge Management, Technical Writing and Document Support The Contractor shall provide technical writing and documentation support. Technical Writing Services and Documentation Support include but are not limited to, supporting technical staff in the development and dissemination of technical documents including requirements analyses, design documents, manuals, fielding documents, and network security documents. This task includes preparing contract deliverables and reports, assisting in the preparation of presentation graphics and supporting the development of deliverables and reports, and maintaining configuration management control of all documents.

5.1.8. Enterprise Operations, Event Monitoring and Management, Performance Monitoring,
and Analysis The Contractor shall conduct enterprise operations, event monitoring and management, performance monitoring, and analysis services. The Contractor shall provide continuous centralized operations, monitoring, management and analysis of enterprise applications, systems, and core services as well as infrastructure assets to include file servers, email servers, application servers, web servers, and storage for all enterprise service providers 24 hours per day, seven days per week to include holidays. Contractor services shall include but are not limited to, monitoring established thresholds, responding to warning and alert messages from the monitoring systems, coordinating corrective action once thresholds are reached to prevent issues from reoccurring, and conducting the initial troubleshooting to restore services as quickly as possible. Other services include providing feeds to the enterprise watch and other Government designated watch centers as directed for situational awareness, responding to escalated incidents and outages (e.g., from the service desk), taking corrective actions to resolve the issue, escalate unresolved issues, maintaining, and upgrading the supporting network infrastructure and services.

5.1.9. Information Technology Service Management The Contractor shall conduct Information Technology Infrastructure Library (ITIL) Service Management Framework (Version n and any subsequent revisions) guide provisioning of the services and the processes, functions, and other capabilities needed to support them. The Contractor shall provide processes and functions across the entire ITIL life-cycle (Service Strategy, Service Design, Service Transition, Service Operation, and Continual Service Improvement). Supported Government organizations may call out specific ITIL processes and functional requirements within follow-on task orders to support their IT operating models.

5.2. Infrastructure Development/Sustainment

5.2.1. Customer and Work Center Support Services The Government requires Contractor assistance at all phases of the IDLC with refining requirements, securing design, and integrating hardware and software. The Contractor shall have the capability to test, distribute, use, maintain, and dispose of hardware and software. The Contractor provided services shall include but are not limited to, local and worldwide engineering and installation management, conducting site surveys, estimating bills of materials, estimating timelines, recommending hardware and cabling technical solutions, ensuring security controls and authorizations are in place, documenting project status and the installation “as-is” and “to-be” architectures, planning, building, and installing patch panels and cable/fiber infrastructures, installing.

More information about the DIA ESITE III program is available at this link.