RFI - Enterprise Collaboration Tools

Questions & Answers / Clarifications

This document provides responses to questions submitted by potential vendors regarding the RFI for content collaboration and work tracking solutions.

• Requirement Type: The requirement is not considered new. Specific incumbent contractor details cannot be provided.
• Solution Approach: Both single integrated suites and integrated best-of-breed ecosystems will be evaluated equally, provided they meet RFI requirements.
• Deployment Environments: Solutions must be deployable on-premise, Azure Government, and AWS GovCloud. Standard landing zone requirements apply.
• User Access: All users are unprivileged general users. CI/CD runners and agents on servers are acceptable for installation, as are Git clients.
• Scalability Assumptions: Assume approximately 2,000-3,000 peak concurrent users, 15,000-20,000 tickets per month, 1,000 repositories, and 1,000 CI jobs per day.
• Availability & DR: RTO/RPO are out of scope for the RFI but will be required in proposals.
• Security & Compliance: NIST 800-53 Rev 5 is a baseline. CJISD will primarily handle ATO internally, but vendor assistance may be requested. FedRAMP is only required when not deployed in CJISD-owned cloud environments.
• Identity & Access: Both AD and Entra ID are authoritative identity sources, and federation is required. Support for SAML and OIDC is not required, but constraints on token lifetimes, refresh flows, and session management exist. MFA should be provided by Entra ID. ABAC should be natively supported using directory attributes and group memberships.
• Integrations: Low-code automation is acceptable for integrations. All code created for CJISD must be delivered. REST APIs and webhooks are expected. All identities must be synced from a single IdP.
• AI Capabilities: Vendors may propose AI capabilities, but all AI solutions must be private and secure. Non-private AI uses are strictly out of scope. Prompt logging, model training, and retention depend on the proposed product.
• Data Migration: No specific constraints on importing historical data (tickets, documentation, code repositories) exist.

These clarifications provide essential details on technical, security, and operational requirements, influencing how vendors should structure their market capability responses.

Request for Information (RFI)

This RFI is issued by the Federal Bureau of Investigation (FBI) CJIS Division (CJISD) to conduct market research for enterprise collaboration tools. The goal is to identify capabilities that will enable and empower the internal workforce by standardizing development and operations environments across CJIS projects. This aims to implement an integrated suite of tools supporting the Scaled Agile Framework (SAFe) for more effective development and operations teams.

The desired platform should encompass:

• Agile planning and work management (supporting SAFe practices, sprint planning, backlog management, work tracking).

• Source code repository management with version control.

• Automated continuous integration and deployment (CI/CD) pipelines.

• Service desk capabilities for incident and problem management.

• Technical documentation for development artifacts and operational runbooks.

• Centralized user management with role-based access controls.

• Integration with existing tools (e.g., ticket management, git repositories, wikis, CRM, AI/LLM platforms).

• Support for various user roles in SAFe, project and portfolio management, metrics, and automation.

• User-friendly interface for non-IT users while offering advanced features for IT professionals.

• Ability to handle customer interactions via multiple channels and manage SLAs.

• Support for FedRAMP authorization or existing federal Authority to Operate (ATO).

• Documentation of current user base and installations, especially within federal environments.

• This is an RFI for informational and planning purposes only; it is not a solicitation, RFP, or quote.

• Responses are voluntary and will not be paid for.

• Submissions should include capability packages and informal market research pricing, not exceeding 15 pages.

• Responses should be succinct and address the RFI requirements, assumptions, and potential approaches.

• Innovative suggestions for products, solutions, and savings are encouraged.

• Submitted proposals or offers, past performance, requests for award, or additions to mailing lists will not be accepted.

• Questions due: March 18, 2026, by 12pm ET.

• Responses due: March 25, 2026, by 12pm ET.

• Open to all manufacturers.

• No set-aside designation mentioned.

• No potential incumbents or current contractors disclosed.

• The information gathered may be used to formulate acquisition strategies for competitive solicitations.

• Proprietary information must be clearly marked.

• No estimated award values or budget ranges have been provided.