RFP Catalog/CMMC Compliance Services

CMMC Compliance Services RFPs

Browse active CMMC Compliance Services RFP opportunities from federal, state, and local government agencies. Find solicitations, track deadlines, and discover bid opportunities updated daily.

Washington Headquarters Services (WHS)

The Department of War (formerly Department of Defense) Office of the Chief Information Officer issued this Request for Information (RFI) titled 'Reforming CMMC and Reducing Compliance Burden for the Defense Industrial Base (DIB).' The RFI solicits industry input on reforming the Cybersecurity Maturity Model Certification (CMMC) program following the immediate suspension of CMMC Phase II requirements announced on July 13, 2026. Industry stakeholders, particularly small, medium, and non-traditional defense contractors, are invited to provide recommendations to reduce compliance burdens while maintaining strong cybersecurity protections for defense industrial base information.

Posted Date

Jul 13, 2026

Due Date

Aug 14, 2026

Timeline Progress18%
Washington Headquarters Services (WHS)

The Department of War (formerly Department of Defense) Office of the Chief Information Officer issued this Request for Information (RFI) titled 'Reforming CMMC and Reducing Compliance Burden for the Defense Industrial Base (DIB).' The RFI solicits industry input on reforming the Cybersecurity Maturity Model Certification (CMMC) program following the immediate suspension of CMMC Phase II requirements announced on July 13, 2026. Industry stakeholders, particularly small, medium, and non-traditional defense contractors, are invited to provide recommendations to reduce compliance burdens while maintaining strong cybersecurity protections for defense industrial base information.

Posted Date

Jul 13, 2026

Due Date

Aug 14, 2026

Timeline Progress18%
Massachusetts Department of Conservation and Recreation

The Massachusetts Department of Conservation and Recreation (DCR) seeks vendors to establish a Master Service Agreement to provide health and safety certification and training, and environmental and compliance certification and training. The solicitation (BD-22-1020-DCRCU-DC250-67989) was posted with an open date of 2021-11-07 and a close date of 2027-01-31.

Posted Date

Nov 7, 2021

Due Date

Jan 31, 2027

Timeline Progress90%
State of North Carolina

This Request for Proposals (RFP) is seeking comprehensive cybersecurity services for state and local entities in North Carolina. The required services include network monitoring, security awareness training, vulnerability assessments, and incident response planning. A significant component of this solicitation involves facilitating the transition to a .gov domain for improved security and compliance.

Posted Date

Jul 9, 2026

Due Date

Aug 7, 2026

Timeline Progress33%
Saskatoon

The City of Saskatoon is soliciting proposals for a comprehensive Cybersecurity Awareness Training program to reduce human‑error driven cyber risk (phishing, social engineering, ransomware, and improper data handling). The program must be repeatable, measurable, scalable across the City’s workforce and the contract term is shown as 36 months. Submissions are online only and the solicitation is open with a closing date of July 30, 2026 at 2:00:59 PM Saskatchewan (CST).

Posted Date

-

Due Date

Jul 30, 2026

Naval Surface Warfare Center (NSWC)

The Contractor shall provide a detailed Project Management Plan (PMP) outlining the execution strategy, staffing plan, timeline, risk mitigation, data extraction strategy with mapping to MARC21/RDA, and LSP ingestion (CDRL A001). Additionally, the Contractor shall provide training manuals and SOPs for OPAC users, catalogers, and administrators (CDRL A005). All manuals and SOPs shall be delivered 30 days prior to operational deployment date. Library Service Platform (LSP) Architecture & OPAC: The Contractor shall provide a 100% Web-Based LSP utilizing Library & Information Science design principles. The system must feature a dedicated Online Public Access Catalog (OPAC) and natively support library interoperability protocols, including Z39.50, SRU/SRW, and OAI-PMH. The platform must operate on a CI/CD Agile methodology for seamless upgrades. See attached file.

Posted Date

Jul 14, 2026

Due Date

Jul 23, 2026

Timeline Progress52%
Collin County Community College District

Provide district insurance - property and cybersecurity.

Posted Date

Jul 10, 2026

Due Date

Aug 31, 2026

Timeline Progress17%
Charter Township of Washington

The Charter Township of Washington (Macomb County, MI) issued a solicitation titled “2026 Municipal Cybersecurity Assessment Services” requesting proposals for independent cybersecurity assessment services to evaluate the township's IT environment, identify vulnerabilities and risks, and recommend remediation and/or improvements. The solicitation was published on 2026-07-01 and proposals are due 2026-07-29 at 10:00 AM EDT. The BidNet/MITN posting indicates the solicitation documents and buyer contact information are accessible to registered members only; no buyer-hosted public PDF was found during research.

Posted Date

Jul 1, 2026

Due Date

Jul 29, 2026

Timeline Progress63%
California Department of Technology

CALNET Managed Cybersecurity Services.

Posted Date

Jun 30, 2026

Due Date

Sep 14, 2026

Timeline Progress25%
Michigan Municipal Services Authority

The 2026 Municipal Cybersecurity Assessment Services RFP solicits a qualified vendor to deliver independent cybersecurity assessment services for Michigan local government entities. The procurement is conducted through the MITN (Michigan Intergovernmental Trade Network) cooperative purchasing group, which is the standard procurement platform for Michigan municipalities and authorized intergovernmental bodies such as the Michigan Municipal Services Authority. Bidders must comply with the published scope of work, requirements document, and contract terms, with a closing date of July 29, 2026.

Posted Date

Jul 1, 2026

Due Date

Jul 29, 2026

Timeline Progress63%
Michigan Department of Technology, Management and Budget

The solicitation titled "2026 Municipal Cybersecurity Assessment Services" requests independent cybersecurity assessment, planning, and coaching services for Michigan local public entities under the State's Michigan Cyber Partners / MIDEAL program. The posting shows a publication date of 2026-07-01 and a bid closing on 2026-07-29 at 10:00 AM EDT; the solicitation page restricts issuing-organization details and bid documents to registered users. The DTMB program page indicates these services are procured from pre-qualified vendors through a competitive RFP process and are structured as vendor contracts (not a grant program).

Posted Date

Jul 1, 2026

Due Date

Jul 29, 2026

Timeline Progress63%
United States Trade and Development Agency

The U.S. Trade and Development Agency (USTDA) is funding a Technical Assistance activity for the implementation of a National Cybersecurity System (NCS) for civilian administrative authorities in the Republic of Bulgaria. Information Services JSC, the Bulgarian state-owned IT services provider acting as USTDA's host-country partner, invites qualified U.S. firms to submit proposals to develop a roadmap scaling up Information Services as the default national Security Operations Center (SOC) provider for Bulgarian government entities. The selected U.S. firm will be paid in U.S. dollars from a $1,382,849 USTDA grant and will deliver a financing plan, legal and regulatory analysis, development impact assessment, environmental and social impact assessment, U.S. sources of supply analysis, and a project implementation plan.

Posted Date

Jun 8, 2026

Due Date

Jul 20, 2026

Timeline Progress97%
Naval Supply Systems Command (NAVSUP)

The U.S. Navy's NAVSUP Weapon Systems Support is soliciting quotes for the manufacture and design of fuse cartridges under solicitation N0010426QBZ62. Contractors must meet the specifications of manufacturer Mersen USA for part number 9F60BBD002-S and comply with quality assurance, packaging, cybersecurity maturity model certification, and security prohibitions/exclusions requirements. A Certificate of Compliance per DI-MISC-81356 is required for each unique combination of Contract/Purchase Order Number, National Stock Number, and Item Nomenclature.

Posted Date

Jul 2, 2026

Due Date

Aug 3, 2026

Timeline Progress52%
Naval District Washington Fire & EMS

The Manufacturing & Services Acquisition (MASA) Manufacturing Support RFP, issued by the Naval Surface Warfare Center (NSWC) Indian Head Division, seeks contractors to provide build-to-print fabrication of military components and assemblies in support of various military projects. The procurement will result in multiple Firm-Fixed-Price (FFP) Indefinite Delivery Indefinite Quantity (IDIQ) supply-type contracts, with performance primarily at the NSWC Indian Head Division in Indian Head, Maryland. The work covers five task areas including first article testing, production hardware, R&D hardware, plating, and electronics assembly, with offerors required to comply with Cybersecurity Maturity Model Certification (CMMC) Level 2 (Self) requirements.

Posted Date

Jul 14, 2026

Due Date

Aug 4, 2026

Timeline Progress22%
U.S. Trade and Development Agency

Technical assistance: public administration cybersecurity.

Posted Date

Jun 8, 2026

Due Date

Jul 20, 2026

Timeline Progress97%
Technology Acquisition Center NJ (36C10B)

The Department of Veterans Affairs, Technology Acquisition Center NJ (36C10B) issued a Sources Sought notice (36C10B26Q0654 / VA-26-00064748) for Cybersecurity Architecture and Engineering Services to support the VA. The procurement seeks industry capability statements for cybersecurity architecture and engineering support services, with a planned performance period beginning around September 18, 2026 and an estimated contract value of $100M–$249M. Performance will be remote with a place of performance in New Jersey, consistent with the issuing TAC NJ office. NAICS code 541519 (Other Computer Related Services) applies, and responses are due July 23, 2026.

Posted Date

Jul 15, 2026

Due Date

Jul 23, 2026

Timeline Progress46%
Village of Westchester

The Village of Westchester is seeking proposals for a fully managed cybersecurity detection, response, and monitoring service, including managed endpoint detection and response, identity threat detection and response, security information and event management, and continuous real-time threat analysis with active human-led incident response.

Posted Date

Jun 3, 2026

Due Date

Jul 31, 2026

Timeline Progress79%
Technology Acquisition Center NJ (36C10B)

The Department of Veterans Affairs, Technology Acquisition Center NJ (36C10B) issued a Sources Sought notice (36C10B26Q0654 / VA-26-00064748) for Cybersecurity Architecture and Engineering Services to support the VA. The procurement seeks industry capability statements for cybersecurity architecture and engineering support services, with a planned performance period beginning around September 18, 2026 and an estimated contract value of $100M–$249M. Performance will be remote with a place of performance in New Jersey, consistent with the issuing TAC NJ office. NAICS code 541519 (Other Computer Related Services) applies, and responses are due July 23, 2026.

Posted Date

Jul 15, 2026

Due Date

Jul 23, 2026

Timeline Progress46%
Kansas State School for the Blind

The Kansas State School for the Blind (KSSB) is soliciting proposals to ensure its website meets web accessibility standards (WCAG 2.1 Level AA), including automated and/or manual testing and remediation work. The solicitation is posted on the State of Kansas eSupplier portal and seeks a qualified vendor to assess and bring the KSSB website into compliance. Proposals are due on July 28, 2026 and will be submitted through the Kansas eSupplier procurement system.

Posted Date

Jun 16, 2026

Due Date

Jul 28, 2026

Timeline Progress78%
California State Water Resources Control Board

Provide assistance with the preparation and processing of the required environmental documents under the environmental quality act (CEQA).

Posted Date

Jun 26, 2026

Due Date

Jul 28, 2026

Timeline Progress71%

Win More CMMC Compliance Services RFPs

Get AI-powered buying signals and real-time alerts for cmmc compliance services opportunities

✓ Trusted by 150+ public sector sellers✓ First results in first weeks✓ Free demo available