Sample Statement of Work for Federal Computer Security Services: For Use in-House or Contracting Out
D M. Gilbert, N Lynch
Each federal organization is fully responsible for its computer security program whether the security program is performed by in-house staff or contracted out. Time constraints, budget constraints, availability or expertise of staff, and the potential knowledge to be gained by the organization from an experienced contractor are among the reasons a federal organization may wish to get external assistance for some of these complex, labor intensive activities. An interagency working group of federal and private sector security specialists developed this document. The document presents the ideas and experiences of those involved with computer security. It supports the operational field with a set of Statements of Works (SOWs) describing significant computer security activities. While not a substitute for good computer security management, organization staff and government contractors can use these SOWs as a basis for a common understanding of each described activity. The sample SOWs can foster easier access to more consistent, high-quality computer security services. The descriptions apply to contracting for services or obtaining them from within the organization.
and Lynch, N.
Sample Statement of Work for Federal Computer Security Services: For Use in-House or Contracting Out, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD
(Accessed March 1, 2024)