Federal Bureau of Investigation

Industry Engagement – Request For Information

Foreign Intelligence Surveillance Act (FISA) Internal Audit Program

Disclaimer:

THIS NOTICE IS FOR INFORMATIONAL PURPOSES ONLY. THIS IS NOT A REQUEST

FOR PROPOSAL OR QUOTE. IT DOES NOT CONSTITUTE A SOLICITATION AND
SHALL NOT BE CONSTRUED AS A COMMITMENT BY THE GOVERNMENT.
RESPONSES IN ANY FORM ARE NOT OFFERS AND THE GOVERNMENT IS UNDER
NO OBLIGATION TO AWARD A CONTRACT AS A RESULT OF THIS
ANNOUNCEMENT. NO FUNDS ARE AVAILABLE TO PAY FOR PREPARATION OF
RESPONSES TO THIS ANNOUNCEMENT. ANY INFORMATION SUBMITTED BY
RESPONDENTS TO THIS TECHNICAL DESCRIPTION IS STRICTLY VOLUNTARY.

Introduction:

The United States Department of Justice (DOJ), Federal Bureau of Investigation (FBI) is
requesting information on the current market capabilities of professional services firms with
expertise in process design and implementation to advise on the redesign of the FBI’s Foreign
Intelligence Surveillance Act (FISA) internal audit program.

Background and Context:

In response to the Department of Justice, Office of Inspector General’s (OIG) December 9, 2019
Review of Four Applications and Other Aspects of the FBI’s Crossfire Hurricane Investigation,
FBI Director Christopher A. Wray ordered more than 40 corrective actions in response to the
findings and recommendations in the OIG’s report. Because the FBI’s credibility and brand are
central to fulfilling its mission, these corrective actions go beyond those recommended by the
OIG. These corrective actions were intended, above all other things, to ensure that the FBI
undertakes its work with painstaking rigor and has controls in place to ensure that all FISA
applications submitted to the Foreign Intelligence Surveillance Court are accurate and complete.
The corrective actions ordered by Director Wray included audit mechanisms to ensure the FBI’s
FISA controls are effective and that FISA applications are accurate and complete. A robust
FISA audit program will enable the FBI to monitor and improve, as necessary, its core FISA
policies and procedures.
Requirements of the RFI:

The FBI requests capability statements of professional services firms with expertise in process
design and implementation, particularly in the areas of internal audit and controls. The intent of
this Request For Information (RFI) is to obtain information that will assist the FBI in
determining the market for independent, professional firms that have the capability to develop a
robust FISA audit program that will allow the FBI to monitor and ensure FISA application
accuracy and completeness. The FBI is looking for information regarding firms that are proven
thought leaders in the areas of internal audit protocols and programs, process design, and
implementation. Audit program implementation guidance should include recommendations
pertaining to resources, organizational structure, and change management procedures.
Page 1
The FBI is looking for firms that have experience in designing audit programs and conducting
audits of the size and scope necessary for the FBI’s FISA audit functions, proposing best
practice modifications, and offering guidance on implementation. A robust and exacting audit
program will allow the FBI to identify, measure, and remediate any deficiencies that are
detected in its FISA policies, processes, and training - all with the goal of continuously
strengthening the accuracy and completeness of FISA applications.

RFI Information Requested:

The Firms shall submit information on their three (3) most relevant, recent contracts completed as
the Prime Contractor within the past seven (7) years. These references should describe the
development and implementation of programs which support government organizations
comparable in size and scope to the redesigned auditing capabilities of the FBI’s FISA Program.
For the relevant information, the FBI is requesting the following information, not to
exceed three (3) pages for each contract:

• Company/division name, DUNS number, socioeconomic category, and CAGE code

• Program title and contract number, delivery order, task order number
• Contracting agency/customer
• Original contract value and contract type
• Summarize major achievements, successes, innovations and findings that were
accomplished during contract performance, as well as any major problems/challenges
encountered and corrective actions taken to resolve them during the period of
performance of the contract.

The Firms shall submit a brief capabilities package, no more than 10 pages in length. The
capabilities package should include:

• Your Firm’s identifying information (name, address, phone number, CAGE code)
• Indication of whether your Firm is a large or small business
• Contract vehicles (i.e., GSA, GWACS, etc.)
• The Firm’s ability to provide the services listed above in regards to the development of a
robust audit plan for the FBI FISA program.

The RFI capabilities statement shall be sent via email to Contracting Officer Kathrina Sliger, at
the email: klsliger@fbi.gov. Submissions must be received no later than noon Eastern
Standard Time on 19 June 2020. Questions or comments regarding this notice may be
addressed to the email address above. No phone calls will be accepted; all correspondence shall
be in writing at this time.

Page 2