3/20/2025: EDITED TO ADD CSSP ATTACHMENT AND ADD THE FOLLOWING INFORMATION:
WITH SUBMISSION OF APPENDICES, PLEASE INCLUDE ANY EXISTING CONTRACTS THE FIRM HAS THAT COULD BE UTILIZED FOR THIS EFFORT. YOU MAY ALSO INCLUDE CAPABILITY STATEMENTS WITH YOUR RESPONSE TO APPENDIX A AND B.
1. Introduction
(U) The U.S. Army Combat Capabilities Development Command, known as DEVCOM, is a team of world-class scientists, engineers, analysts, technicians and support staff who are fully focused on empowering America’s Soldiers today and in the future. DEVCOM leverages cutting-edge technologies such as artificial intelligence, quantum effects, autonomy, robotics, advanced energetics, and synthetic biology to give Soldiers the ability to see, sense, decide and act faster than their adversaries.
2. Background
(U) DEVCOM is seeking information from qualified vendors regarding commercially available, cloud-based Human Resources Information Systems (HRIS) that meet stringent Army cybersecurity requirements (section 5) while providing comprehensive HR management functionalities and integrated talent management (section 3 & 4). Information is requested per the format in appendices A and B.
(U) DEVCOM is seeking a Human Resources Information System (HRIS) that will: automate HR workflows to enhance efficiency and effectiveness, deliver STRL-based performance management system as a Minimum Viable Product (i.e. initial release), integrate disparate development aspects (including competency-focus), and support data-driven talent management decisions.
3. Scope of Capabilities
(U) The Contractor shall develop, configure, and implement a comprehensive, customized Talent Management Software solution based on specific requirements initially to include 2000 users and scalable for increased users. There is no preferred or in use COTS application or vendor that DEVCOM has currently identified. The preferred type is a Software as a Service Platform certified at minimum FEDRAMP IL4 with a DoD Provisional Authorization. The contractor shall comply with cyber security controls within the risk management framework and C5ISR Center CSSP Cybersecurity Framework Master Plans. DEVCOM is looking to implement a comprehensive Talent Management Solution that will streamline and automate key HR processes, including
3.1 Core HR:
3.1.1(U) Personnel Management: Maintain employee records, including personal information, job history, compensation, performance reviews, and training records. Integrate with authoritative Army personnel database, Defense Civilian Personnel Data System (DCPDS).
3.1.2 (U) Organizational Management: Manage organizational structure, positions, and reporting relationships. Include tracking and analysis of demographics of workforce over time, attrition, retention and gains trends.
3.1.3 (U) Accountability: Allow employees to identify work status for the day, to include reporting capabilities.
3.2 Transactional HR: The contractor shall include capabilities listed below, ensuring that performance management is the priority. This system will enable DEVCOM to manage performance aligned with the Science and Technology Reinvention Laboratory (STRL) demonstration project and incorporate the unique business rules and requirements for a performance management and compensation system.
3.2.1 (U) Recruitment and Onboarding: Manage the entire recruitment lifecycle, from job posting to onboarding new hires. Include resume storage for future analysis of qualified candidates.
3.2.2 (U) Talent Outreach: Manage outreach program, leverage touch points to build brand recognition and talent pipeline.
3.2.3 (U) Performance Management: Conduct performance appraisals, set goals, complete evaluation, conduct reconciliation of scores and calculate compensation based on pre-defined business rules.
3.2.4 (U) Automate Workflows with Authoritative Documents: Replicate common DoD, DA and local authoritative forms and associate workflows for processing, to include storage once approved (e.g. SF-182 Training Request, DD 2875 System Access, etc.).
3.3 Competency-Based Employee Development and Talent Management: The contractor shall include capabilities listed below that operationalizes DEVCOM’s unique competency-based structure (comprised of 6 Domains, 75 Competencies and hundreds of Core Competencies unique to AFC), to employ a full data driven talent management solution.
3.3.1(U) Competency Management: Capture and maintain competency structure, Domain/Competency/Core Competency, to include proficiency levels and definitions. Associate competencies with employees and positions for gap analysis.
3.3.2 (U) Learning Management: Deliver and track mandatory training, employee training programs and professional development opportunities, with the ability to tag learning with competencies.
3.3.3 (U) Learning Management System Integration: Ability to integrate with Army learning systems for wholistic employee experience (e.g. DAU, UDEMY, JKO, CAMP/CAPPMIS, etc.)
3.3.4 (U) Employee Development: Allow employees to compare qualifications (Competencies, skills, education, etc.) for desired positions and link gaps to learning opportunities.
3.3.5 (U) Organizational Talent Management: Facilitate staffing assessment and comparison of current workforce profile to identify gaps and inform talent acquisition and development decisions.
3.4 Additional Functionalities:
3.4.1 (U) Mentoring/Coaching: Identification of mentors/coaches and requesting employees; matching of mentors; identification of needs for mentor/coaching training.
3.4.2 (U) Engagement Indices: Collection, aggregation, analysis of workforce feedback to enable trend analysis
3.4.3 (U) Employee Self-Service: Provide employees with secure access to their personal information, personnel requests, and performance reviews.
3.4.4 (U) Reporting and Analytics: Generate customizable reports and dashboards to analyze HR data and support decision-making.
4. Scope of Services
(U) DEVCOM is seeking vendors who can provide the following services:
-
- (U) System Testing:
4.1.1 (U) Test the platform developed and implemented to ensure that the developed scripts/scenarios can be executed.
4.1.2 (U) Conduct Unit, Integration, and End-to-End Testing
4.1.3(U) Track deficiencies and provide remediation.
4.1.4 (U) Provide applicable test scripts for User Acceptance Testing and support functional test events.
- (U) Training:
4.2.1 (U) Develop training materials.
4.2.2 (U) Conduct “train the trainer” sessions for up to 20 privileged users.
- (U) Project Management:
4.3.1 (U) Provide a Project Manager.
4.3.2 (U) Establish a framework for project planning, communications, reporting, procedural and contractual activity, and other activities associated with the Services.
- (U) Data Protection:
4.4.1 (U) Protect data by implementing robust data encryption measures for both data at rest and data in transit.
4.4.2 (U) Implement secure data backup and disaster recovery procedures to ensure business continuity in case of security incidents.
5. Army Unique Requirements
-
- (U) Cybersecurity: The contractor shall:
5.1.1 (U) Execute the Risk Management Framework in accordance with DoDI 5100.01, DoDI 8510.01, AR-25-2-14 and the DISA Cloud SRG.
5.1.2 (U) Configure the customer-side application and create the required technical body of evidence in direct support of authorization efforts in accordance with NIST 800-53.
- (U) Application Programming Interface (API): The Contractor shall ensure the solution has a comprehensive API capability.
- (U) Cloud Security Service Provider (CSSP) Integration: The Contractor shall:
5.3.1(U) Provide a detailed data dictionary that defines the structure and schema of their audit logs that enumerate each field's name, data type, and description, etc. within a log entry.
5.3.2 (U) Ensure the application has the capability to support log delivery to the CSSP via API at least every 15 minutes.
- (U) Single Sign On (SSO): The Contractor shall enable the ability for SSO utilizing the Enterprise Access Management System-Army (EAMS-A).
- (U) Privacy/ Protecting PII: The contractor shall apply appropriate privacy, and security polices in order to respect user privacy.
5.5.1 (U) As specified in AR 25–1, a privacy and security notice statement must be displayed in a prominent location on at least the first page of all major sections of each website.
5.5.2 (U) Each webpage must be labeled with appropriate security markings at the top and bottom on each page.
6. Requested Information
-
- (U) Company Information: Company name, address, contact information, and relevant experience providing HRIS solutions to government agencies, particularly those within the Department of Defense.
- (U) Solution Overview: Detailed description of the proposed HRIS solution, including key features, functionalities, and benefits.
- (U) Pricing and Timeline: Provide a rough order of magnitude (ROM) cost breakdown for the proposed services and an estimated project timeline.
- (U) References: Include at least three client references for similar projects. Seeking Excellent communication, collaboration, and problem-solving skills.
7. Disclaimer
(U) This is a request for information and does not commit US Army DEVCOM to fund any work. Costs for submitting a response to this RFI will not be paid for by the US Army DEVCOM. The contractor must have an approved accounting system in order to submit a response if any development is proposed.
