Antifouling Panel Testing

This is a combined synopsis and solicitation for commercial items prepared in accordance with the format in FAR Subpart 12.6 –Streamlined Procedures for Evaluation and Solicitation for Commercial Services, as supplemented with additional information included in this notice. This announcement constitutes the only solicitation; quotations are being requested and a written solicitation will not be issued.  This solicitation will be posted for less than fifteen (15) days in accordance with FAR 5.203(a)(2). Incorporated provisions and clauses are those in effect though the most current Federal Acquisition Circular (FAC), 2026-01, June 4, 2026. 

Request for Quotation (RFQ) number is N6660426Q0329. This action is being solicited as a sole source). The North American Industry Classification Systems (NAICS) code is 813312. The Small Business Size Standard is $19.5M.  

Naval Undersea Warfare Center Division, Newport (NUWCDIVNPT) intends to award a purchase order, on a Firm Fixed Price (FFP) basis, for testing of biofouling paints and coatings in Pearl Harbor by The University of Hawaii at Manoa. This requirement is a sole source due to environmental factors that limit the potential geographic testing areas, as well as a necessity to be consistent with established data owned by the University. This procurement is intended as a sole source requirement. A determination by the Government not to compete the proposed contract based upon responses to this notice is solely within the discretion of the Government. All responsible sources may submit a capability statement, proposal, or quotation, which shall be considered by the agency. 

For the purposes of quoting this opportunity, the Contract Line Item Number (CLIN) structure is identified below:  

CLIN 

0001 

Field Handling/Photography 

N/A 

1 (Job) 

6/19/2026-12/18/2026 

0002 

Percent Cover and Organism Identification 

N/A 

1 (Job) 

6/19/2026-12/18/2026 

0003 

Collection, Preservation and Shipment of Biofilm Samples 

N/A 

1 (Job)  

6/19/2026-12/18/2026 

0004 

Force Gauge Testing – Removal of Hard Foulers 

N/A 

1 (Job) 

6/19/2026-12/18/2026 

0005  

Water Jet Removal of Biofilm 

N/A 

1 (Job) 

6/19/2026-12/18/2026 

0006 

University of Hawaii indirect/overhead charge  

N/A 

1 (Job) 

6/19/2026-12/18/2026 

 
Required Delivery is F.O.B. Destination, University of Hawaii at Manoa, Kewalo Marine Laboratory, 41 Ahui Street, Honolulu, HI, 96813. 

In accordance with DFARS Clause 252.211-7003, the contractor shall provide a unique item identifier (UID) for all delivered items for which the Government’s unit acquisition cost is $5,000.00 or more.  

The Government’s method of payment will be electronic payment via Wide Area Workflow (WAWF). 

BASIS FOR AWARD:  

Award will be made based on the LPTA approach with technical acceptability being determined as shown below.  

Offerors shall include the following information with submissions:  

(1) Vendor must meet all criteria via DWG 071044 (including all requirements called out within the document);  

(2) Vendor must meet all the criteria via SBMEPP STP 415-1-0001 (including all the requirements called out within the document);  

(3) Vendor must provide proof that they have performed similar work in the past;  

(4) Vendor must provide all data as proof of the repaired units passing all inspection;  

(6) Contractor CAGE Code. The Government will consider past performance information where negative information within Supplier Performance Risk System (SPRS) may render a quote being deemed technically unacceptable; and, 

(7) The Contractor must identify the quote validity. Quoted prices should be valid for at least 60 days. An award will be made on a Firm Fixed Price basis to the Lowest Price Technically Acceptable.  

Incorporated provisions and clauses are those in effect through the latest Federal Acquisition Circular (FAC). Full text of incorporated FAR/DFARS clauses and provisions may be accessed electronically at https://acquisition.gov/far. 

The following FAR provisions and clauses apply to this solicitation: 

- 52.204-19, Incorporation by Reference of Representations and Certifications  

- 52.204-24, Representation Regarding Certain Telecommunications and Video Surveillance Services or Equipment  

- 52.204-25 PROHIBITION ON CONTRACTING FOR CERTAIN TELECOMMUNICATIONS AND VIDEO SURVEILLANCE SERVICES OR EQUIPMENT (NOV 2021) 

-52.209-11, Representation by corporations Regarding Delinquent Tax Liability or a Felony Conviction under any Federal Law  

- 52.212-1, Instructions to Offerors -- Commercial Items  

- 52.212-2 “Evaluation – Commercial Items” 

-52.212-3 Offeror Representations and Certifications-- Commercial Items (DEVIATION 2025-O0003)(DEVIATION 2025-O0004) 

-52.212-4, Contract Terms and Conditions-- Commercial Items  

-52.212-5, Contract Terms and Conditions Required to Implement Statues or Executive Orders-Commercial Items – (DEVIATION 2025-O0003)(DEVIATION 2025-O0004) 

- 52.225-25, “Prohibition on Contracting With Entities Engaging in Certain Activities or Transactions Relating to Iran—Representation and Certifications” 

-52.233-4, Applicable Law for Breach of Contract Claim  

The following DFARS provisions and clauses apply to this solicitation: 

-252.204-7008 Compliance with Safeguarding Covered Defense Information Controls 

-252.204-7009 Limitations on the Use or Disclosure of Third-Party Contractor Reported Cyber Incident Information 

-252.204-7012 (DEVIATION 2024-O0013) Safeguarding Covered Defense Information and Cyber Incident Reporting 

-252.204-7015 Notice of Authorized Disclosure of Information for Litigation Support 

-252.204-7018, Prohibition on the Acquisition of Covered Defense Telecommunications Equipment or Services, 

- 252.213-7000, Notice to Prospective Suppliers on Use of Supplier Performance Risk System in Past Performance Evaluations 

- 252.215-7013, “Supplies and Services Provided by Nontraditional Defense Contractors” 

- 252.227-2017, “Identification and Assertion of Use, Release, or Disclosure Restrictions” 

- 252.227-7028, “Technical Data or Computer Software Previously Delivered to the Government” 

- 252.246-7048, Sources of Electronic Parts  

Clauses incorporated by full text:  

-52.217-7 Option for Increased Quantity-Separately Priced Line Item 

Option for Increased Quantity-Separately Priced Line Item (Mar 1989) 

The Government may require the delivery of the numbered line item, identified in the Schedule as an option item, in the quantity and at the price stated in the Schedule. The Contracting Officer may exercise the option by written notice to the Contractor within 1 day of the end of the Option Period. Delivery of added items shall continue at the same rate that like items are called for under the contract, unless the parties otherwise agree. 

(End of clause) 

-252.204-21 Contractor Compliance With the Cybersecurity Maturity Model Certification Level Requirements 

CONTRACTOR COMPLIANCE WITH THE CYBERSECURITY MATURITY MODEL CERTIFICATION LEVEL REQUIREMENTS (NOV 2025) 

(a) Definitions. As used in this clause— 

“Controlled unclassified information” means information the Government creates or possesses, or information an entity creates or possesses for or on behalf of the Government, that a law, regulation, or Governmentwide policy requires or permits an agency to handle using safeguarding or dissemination controls (32 CFR 2002.4(h)). 

“Current” means— 

(1) With regard to Conditional Cybersecurity Maturity Model Certification (CMMC) Status— 

(i) Not older than 180 days for Conditional Level 2 (Self) assessments and Conditional Level 2 (certified third-party assessment organization (C3PAO)) assessments, with— 

(A) No changes in compliance with the requirements at 32 CFR part 170 since the Conditional CMMC Status date (see 32 CFR 170.16 and 170.17); and 

(B) A corresponding affirmation of continuous compliance by an affirming official (see 32 CFR 170.4); and 

(ii) Not older than 180 days for Conditional Level 3 (Defense Industrial Base Cybersecurity Assessment Center (DIBCAC)) assessments, with— 

(A) No changes in compliance with the requirements at 32 CFR part 170 since the Conditional CMMC Status date (see 32 CFR 170.18); and 

(B) A corresponding affirmation of continuous compliance by an affirming official; 

(2) With regard to Final CMMC Status— 

(i) Not older than 1 year for Final Level 1 (Self), with— 

(A) No changes in compliance with the requirements at 32 CFR part 170 since the Final CMMC Status date (see 32 CFR 170.15); and 

(B) A corresponding affirmation of continuous compliance, not older than 1 year, by an affirming official; 

(ii) Not older than 3 years for Final Level 2 (Self) assessments and Final Level 2 (C3PAO) assessments, with— 

(A) No changes in compliance with the requirements at 32 CFR part 170 since the Final CMMC Status date (see 32 CFR 170.16 and 170.17); and 

(B) A corresponding affirmation of continuous compliance, not older than 1 year, by an affirming official; and 

(iii) Not older than 3 years for Final Level 3 (DIBCAC) assessments, with— 

(A) No changes in compliance with the requirements at 32 CFR part 170 since the Final CMMC Status date (see 32 CFR 170.18); and 

(B) A corresponding affirmation of continuous compliance, not older than 1 year, by an affirming official; and 

(3) With regard to affirmation of continuous compliance (32 CFR 170.22), not older than 1 year with no changes in compliance with the requirements at 32 CFR part 170. 

“Cybersecurity Maturity Model Certification (CMMC) status” means the result of meeting or exceeding the minimum required score for the corresponding assessment. The potential statuses are as follows: 

(1) Final Level 1 (Self). 

(2) Conditional Level 2 (Self). 

(3) Final Level 2 (Self). 

(4) Conditional Level 2 (C3PAO). 

(5) Final Level 2 (C3PAO). 

(6) Conditional Level 3 (DIBCAC). 

(7) Final Level 3 (DIBCAC). 

“Cybersecurity Maturity Model Certification unique identifier (CMMC UID)” means 10 alpha-numeric characters assigned to each CMMC assessment and reflected in theSupplier Performance Risk System (SPRS) for each contractor information system. 

“Federal contract information (FCI)” means information, not intended for public release, that is provided by or generated for the Government under a contract to develop or deliver a product or service to the Government. It does not include information provided by the Government to the public, such as on public websites, or simple transactional information, such as information necessary to process payments. 

“Plan of action and milestones” means a document that identifies tasks to be accomplished. It details resources required to accomplish the elements of the plan, any milestones in meeting the tasks, and scheduled completion dates for the milestones, as defined in National Institute of Standards and Technology Special Publication 800-115 (32 CFR 170.21). 

(b) Framework. The Cybersecurity Maturity Model Certification (CMMC) is a framework for assessing a contractor’s compliance with applicable information security protections (see 32 CFR part 170). 

(c) Duplication. The CMMC assessments will not duplicate efforts from any other comparable DoD assessment, except for rare circumstances when a reassessment may be necessary, for example, when there are indications of issues with cybersecurity and/or compliance with CMMC requirements. 

(d) Requirements. The Contractor shall— 

(1)(i) Have and maintain for the duration of the contract a current CMMC status at the following CMMC level, or higher: CMMC Level 2 (Self) for all information systems used in performance of the contract, task order, or delivery order that process, store, or transmit FCI or CUI; and 

(ii) Consult 32 CFR 170.23 related to the flowdown of the CMMC requirements, and flow down the correct CMMC level to subcontracts and other contractual instruments; 

(2) Only process, store, or transmit FCI or CUI on contractor information systems that have a CMMC status at the CMMC level requiredin paragraph (d)(1) of this clause, or higher; 

(3) Complete on an annual basis, and maintain as current,an affirmation, by the affirming official (see 32 CFR 170.4), of continuous compliance with the requirements associated with the CMMC level required in paragraph (d)(1) of this clause in the Supplier Performance Risk System (SPRS) (https://piee.eb.mil) for each CMMC UID applicable to each of the contractor information systems that process, store, or transmit FCI or CUI and that are used in performance of the contract; 

(4) Ensure all subcontractors and suppliers complete prior to subcontract award, and maintain on an annual basis,an affirmation, by the affirming official (see 32 CFR 170.4), of continuous compliance with the requirements associated with the CMMC level required for the subcontract or other contractual instrument for each of the subcontractor information systems that process, store, or transmit FCI or CUI and that are used in performance of the subcontract; and 

(5) If the Contractor has a CMMC Status of Conditional, successfully close out a valid plan of action and milestones (32 CFR 170.21) to achieve a CMMC Status of Final. 

(e) Reporting. The Contractor shall— 

(1) Submit to the Contracting Officer— 

(i) The CMMC UID(s) issued by SPRS for contractor information systems that will process, store, or transmit FCI or CUI during performance of the contract; and 

(ii) Any changes in the CMMC UIDs generated in SPRS throughout the life of the contract, task order, or delivery order, if applicable; 

(2)Enter into SPRS the results of a current self-assessment for each CMMC UID, not covered by a C3PAO assessment or DIBCAC assessment, applicable to each of the contractor information systems that process, store, or transmit FCI or CUI and that are used in performance of the contract; and 

(3) Complete in SPRS on an annual basis and maintain as current an affirmation of continuous compliance by the affirming official (see 32 CFR 170.4) for each self-assessment, C3PAO assessment, or DIBCAC assessment required under the contract in SPRS. 

(f) Subcontracts. The Contractor shall— 

(1) Insert the substance of this clause, including this paragraph ( f) and excluding paragraph (e)(1), in subcontracts and other contractual instruments, including those for the acquisition of commercial products and commercial services, excluding commercially available off-the-shelf items , if the subcontract or other contractual instrument will contain a requirement to process, store, or transmit FCI or CUI; and 

(2) Prior to awarding a subcontract or other contractual instrument, ensure that the subcontractor has a current CMMC certificate or current CMMC status at the CMMC level that is appropriate for the information that is being flowed down to the subcontractor based on the requirements at 32 CFR 170.23. 

(End of clause) 

This requirement contains drawings that are designated Distribution D and export controlled. To access the Government documents, the Offeror must possess a valid Joint Certification Program (JCP) certification. In order to obtain access to the drawings, a valid DD 2345 form must be provided to the Request for Quote Point of Contact and the requests for the drawings shall come from the JCP Custodian; drawings will not be provided to other points of contact.  

In accordance with DFARS supplement rule 2019-D041 (Assessing Contractor Implementation of Cybersecurity Requirements), only offerors with a summary level score of a National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 DoD Assessment, of not more than three (3) years old from the date of this combined synopsis and solicitation, posted in the Supplier Performance Risk System (SPRS) will be eligible to receive a copy of the drawings. Additionally, Cybersecurity Maturity Model Certification (CMMC) Level 2 (self) is applicable to this purchase. Offeror shall provide, in its offer, the CMMC unique identifier(s) (CMMC UIDs) issued by SPRS for each contractor information system that will process, store, or transmit FCI or CUI during performance of the contract resulting from this RFQ. Only offerors with a CMMC Level 2 (self) assessment or higher posted in SPRS will be eligible to receive a copy of the drawings. 

Active registration with the System for Award Management (SAM) is required prior to award, pursuant to applicable regulations and guidelines. Registration information can be found at https://www.sam.gov/. Instructions for registration are available at the website.  

Quotes shall be submitted electronically via email to Daniel Sanville at daniel.w.sanville.civ@us.navy.mil and must be received on or before Wednesday May 6, 2026 at 12:00PM Eastern Standard Time (EST). Quotes received after this date are late and will not be considered for award. For questions regarding this acquisition, please contact Daniel Sanville at daniel.w.sanville.civ@us.navy.mil