From Rules to Responsibility: The Top Cyber Shifts from 2025
View Report
  • TALK TO AN EXPERT
  • TALK TO AN EXPERT

Accelerate Navy C-SCRM with the Single-Award NAVAIR IDIQ

Secure mission-critical assets across the Department of the Navy (e.g. NAVAIR, NAVSEA, NAVFAC) and partner organizations through a streamlined, single-award procurement vehicle purpose-built to sustain cyber supply chain resilience. This IDIQ operationalizes a proven C-SCRM capability into a production-grade Navy environment.

Accelerate Navy C-SCRM@2x

The Fortress IDIQ enables the Navy to rapidly procure cyber supply chain risk management (C-SCRM) capabilities:


  • C-SCRM software licenses

  • C-SCRM analysis and reporting and continuous monitoring
  • Software integration and systems administration services

All requirements are executed through individual Delivery [RS2] Orders (DOs) or Task Orders (TOs) issued within the scope of the IDIQ vehicle.

A Supporting Vehicle for 
Navy C-SCRM Resilience

This IDIQ is for the procurement of cyber supply chain risk management (C-SCRM) software licenses, C-SCRM analysis and reports, and software integration and systems administration support.

Cyber Supply Chain Illumination

Cyber Supply Chain Illumination

Expose, assess, illuminate and prioritize vulnerabilities and adversary risk across the full supply chain.

Continuous Monitoring

Continuous Monitoring

Maintain near real-time risk situational awareness as suppliers, software, and hardware vulnerabilities and threats evolve over the life cycle of systems and platforms.

HBOM/SBOM Development, Analysis, and Monitoring

HBOM/SBOM Development, Analysis, and Monitoring

Establish and maintain a single authoritative trusted source for bills of material for critical systems and platforms.

Continuous Risk Management

Continuous Risk Management

Move from periodic assessments to always-on C-SCRM operations that provide continuous monitoring of your most critical vendors, hardware and software.
Dot plot chart

Operationalized CSCRM Threat Intelligence & Findings

Deliver mission-focused data driven insights that drive decisions and prioritize action to reduce and mitigate risk.

Contract Details

Contract Name & Number:
NAVAIR IDIQ Contract – N0042125D0086

Type:
Indefinite-Delivery, Indefinite-Quantity (IDIQ)

Eligible Users:
U.S. Navy, DoD, and other affiliated agencies

Period of Performance:
5 years Contract

Type:
Firm-Fixed-Price (FFP), Time & Material (T&M), & Labor Hours

Contractor:
Fortress Government Solutions

The Navy’s Dedicated C-SCRM Partner

Fortress Government Solutions provides the specialized engineering and systems integration required to sustain the Navy’s C-SCRM capabilities. Fortress’ team of experts is qualified and ready to support and protect our nation's most critical weapon systems and platforms.
Fortress-The-Basics-New-Image
Single-Award Efficiency

Single-Award Efficiency

Orders placed under this IDIQ significantly reduce acquisition timelines.
Enterprise-Wide Volumetric Pricing

Enterprise-Wide Volumetric Pricing

Recognize savings through combining purchases.

Mission-Specific Technical Expertise

Mission-Specific Technical Expertise

Deploy a team of vetted professionals to execute critical missions.

Rapid Pre-Acquisition Cyber Assessments

Rapid Pre-Acquisition Cyber Assessments

Pre-acquisition risk assessments allow programs to get left of the problem, while supporting the accelerated acquisition timeline.

Sustained Operational Readiness

Sustained Operational Readiness

Maintain a resilient defense posture through continuous monitoring and real-time risk management of the supply chain.

Collaborative Enterprise Resilience

Collaborative Enterprise Resilience

Benefit from a shared and standardized C-SCRM solution that increases security across all subordinate commands.

Fortress-NAVAIR IDIQ@2x

How to Use the IDIQ

Contact Us

Reach out to discuss your mission needs. We can assist in assessing requirements against the IDIQ scope, coordinating prospective timelines and objectives, and discussing the means, methods, and investment required to meet organizational goals. Talk to an expert

Establish the Order

Coordinate with the NAVAIR COR and NAWCAD Procurement to establish the order, issue an RFQ/RFP, and align funding (typically via MIPR or IPAC).

Define the Effort

Collaborate with the COR and Fortress Technical POC to refine client objectives and develop a clear requirements statement.

Delivery & Support

Upon receipt of an order from NAWCAD, Fortress will kick off, execute, and deliver the agreed solutions — providing ongoing updates, meeting all deliverables, and ensuring high-quality, on-time performance.

FAQ

What can be purchased under the IDIQ?

  • Supply chain cyber risk management and solutioning assessments
  • Software and data analytics solutions
  • Systems engineering and integration
  • Training and mission support services

What is the contract duration of IDIQ?

This IDIQ has a 5-year ordering period.

What is a task order?

A task order is a specific request for work under the larger IDIQ contract. It outlines exactly what needs to be done, when, where, what it costs, and who is responsible.

What details must each task order include?

Each task order must include:

  • Order date and task order number
  • Description of work and deliverables
  • Place of performance
  • Period of performance
  • Pricing
  • Any security or data requirements (like DD Form 254 or DD Form 1423)
  • Payment, inspection, and acceptance details

 

Can Fortress provide personnel with security clearances?

Fortress has a cadre of qualified personnel with clearances up to TS/SCI. Fortress also has a TS FCL and has done work in the IL5 and IL6 environments.

Secure Your Supply Chain Today

Leverage the speed and authority of the NAVAIR Single-Award IDIQ to identify, assess, and manage cyber supply chain risk across Navy programs.

HEADQUARTERS
250 South Orange Ave. Ste. 500 Orlando, FL 32801
© 2025 Fortress Information Security. All rights reserved

Sign up for our Newsletter