SOLICITATIONICONTRACTIORDER FOR COMMERCIAL ITEMS 1. REQUISITION NUMBER PAGE OF

OFFEROR TO COMPLETE BLOCKS 12. 17.23.24, £30 RI- 14-0028 1 I 422. CONTRACT NO 3 AWARD/ 4 ORDER NUMBER IS. SOLICITATION NUMBER 6. SOLICITATIONNRC-RI-91-I4-C-0002 EFFECTIVEDATE NRC-Rl-91-14-R-0001 ISSUE DATEE02/21/2014

7. FOR SOLICITATION a NAME b. TELEPHONE NUMBER (Nb coiled ca's) 8. OFFER DUE DATEILOCAL TIME

INFORMATIONCALL: KARLA GARCIA 302-492-3603 ET

9 ISSUED BY CODE INRCHQ 10. THISACQUISITIONIS [ UNRESTRICTEDOR Y SETASIDE: 1CO,00 %FOR;

WOMEN-OWNED SMALL BUSINESS

US NRC - HQ SMALL BUSINESS (WOSB) ELIGIBLE UNDER THE WOMENOWNED

ACQUISITION MANAGEMENT DIVISION HUBZONE SMALL SMALL BUSINESS PROGRAM NAICS 811213MAIL STOP 3WFN-05-C64MP BUSINESS EDWOSB

WASHINGTON DC 20555-0001 SERVICE-DISABLED $(A)VETERAN-OWNED SIZE STANDARD: $ 1 0 . 0SMALL BUSINESS

11. DELIVERY FOR FOBODESTINA- 12 DISCOUNT TERMS 13b. RATING

2 ION UNLESS BLOCK IS 13a THISCONTRACTNISAMARKED RATED ORDER UNDER

I SEE SCHEDULE DPAS (15 CFR 70A) 14. METHOD OF SOLICITAW ION

•RFO IFB X RFP

1. DELICOR TO CODE I IRG IT 16 ADMENT STERE D BY CODE IN RCAHQ

US NRC REG SON L US NRC - HQ2100 RENAISSANECE BOULEVARD ACQUISITION MANAGEMENT DIVISIONRENAISSANCE PARK MAIL STOP 3WFN-05-C64MP

KING OF PRUSSIA PA 19406 WASHINGTON DC 20555-0001

17a CHECK I CE IS FADD LITY O 8a PAYMENT WILLN IE MADE BY CODE I UCK BELOOFFEROR CODE

ALTUS TECHNICAL SOLUTIONS LLC US NUCLEAR REGULATORY COMMISSION

300 FAIRFIELD DR ONE WHITE FLINT NORTH

SIEVERN MD 21144 U R555 ROCKVILLE PIKEMAI LSTOP O3-E 17AROCKVILLE 14D 20852-2738

tELEPHONE NO

"•17b. CHECK IF REMITTANCE IS DIFFERENT AND PUT SUCH ADDRESS IN OFFER 18b SUBMIT INVOICES TO ADDRESS SHOWN IN BLOCK 111, UNLESS BLOCK BELOW

IS CHECKED SEE ADDENDUM

"1 20. 21. 22. 23. 24.ITE No. SCHEDULE OF SUPPLIES'SERVICES QUANTITY IUNIT UNIT PRICE AMOUNT

This is a non-personnel services contract toprovide the U.S. Nuclear Regulatory Commission(NRC) Region I telecommunications system PrivateBranch Exchange (PBX) Maintenance in accordancewith the attached Performance Work Statement(PWS).

Total Obligated Amount: $43,751.40Total Base and All Options: $230,078.12Period of Performance: June 1, 2014 - May 31, 2015

(Use Reverse and/or Attach Additional Sheets as Necessary)

25. ACCOUNTING AND APPROPRIATION DATA . TOTAL AWARD AMOUNT (For Govt. Uso Only)

2014-X0200-FEEBASED-91-91D099-51-J-144-E9109-2570 $230,078.1227a SOLICITATION INCORPORATES BY REFERENCE FAR 52 212-1, 52.212-4. FAR 52212-3 AND 52.212-5 ARE ATTACHED. ADDENDA ARE : ARENOTATTACHED.

X 27b CONTRACTIPURCHASE ORDER INCORPORATES BY REFERENCE FAR52 212-4. FAR 52.212-5 IS ATTACHED. ADDENDA i ARE X ARE NOTATTACHED.

X 28. CONTRACTOR IS REQUIRED TO SIGN THIS DOCUMENT AND RETURN I - 29. AWARD OF CONTRACT: REF. OFFER

COPIES TO ISSUING OFFICE. CONTRACTOR AGREES TO FURNISH AND DELIVER DATED . YOUR OFFER ON SOLICITATION (BLOCK 5),ALL ITEMS SET FORTH OR OTHERWISE IDENTIFIED ABOVE AND ON ANY ADDITIONAL INCLUDING ANY ADDITIONS OR CHANGES WHICH ARE SET FORTHSHEETS SUBJECT TO THE TERMS AND CONDITIONS SPECIFIED. HEREIN. IS ACCEPTED AS TO ITEMS:

30a SIG;,OT'URE OF OFFERORiCONTRACTOR 31s. UNITED STATES OF AMERICA (SIGNATURE OF CONTRACTING OFFICER)

30b NAME AND TIE F SIGNER (Type or"pri) 3c. DATE SIGNED 3b NAMEOFCONT CTING OFFICER (Type or prnt:) 31c. DATE SIGNED

DavidJ. BrasWear-President 04/17/2014 DOMINIQUE MALONE - -?I - ,,II~~ 10RLG qII L.R RCFYOUU U

ALIUTIHORIZED: PFOR LOCAL RE"PROUCTGIOINPREVIOUS EDITION IS NOT USABLE

TEMPIATE -A0910

STANDARDC FORM 1440 (REV. 2U12012

PmascdbadbvGQ- -(I48CFR)53.212

SUNSI REVIEW COMPLETE ZOOuiv A - ShIU

.of 42

19. 20. 21. 2 I U. I23. 24.ITEM NO SCHEDULE OF SUPPLIES/SERVICES QUANTI UNIT UNIT PRICE AMOUNT

32a. QUANTITY IN COLUMN 21 HAS BEEN

E RECEIVED [] INSPECTED E ACCEPTED, AND CONFORMS TO THE CONTRACT, EXCEPTAS NOTED.

32b. SIGNATURE OF AUTHORIZED GOVERNMENT REPRESENTATIVE 32c. DATE 32d. PRINTED NAME AND TITLE OF AUTHORIZED GOVERNMENT REPRESENTATIVE

32e. MAILING ADDRESS OF AUTHORIZED GOVERNMENT REPRESENTATIVE 32f. TELEPHONE NUMBER OF AUTHORIZED GOVERNMENT REPRESENTATIVE

32g. E-MAIL OF AUTHORIZED GOVERNMENT REPRESENTATIVE

33. SHIP NUMBER 34. VOUCHER NUMBER 35. AMOUNT VERIFIED 36 PAYMENT 37. CHECK NUMBER

CORRECT FOR

FE COMPLETE E PARTIAL E] FINAL[fl PARTIAL E] FINAL

3 . S/R ACCOUNT NUMBER 39. SIR VOUCHER NUMBER 40. PAID BY

41a. I CERTIFY THIS ACCOUNT IS CORRECT AND PROPER FOR PAYMENT 42a. RECEIVED BY (Print)

41b. SIGNATURE AND TITLE OF CERTIFYING OFFICER 41c. DATE

42b. RECEIVED AT (Location)

42c. DATE REC'D (YYIMM/DD) 42d. TOTAL CONTAINERS

STANDARD FORM 1449 IREV. 2320121 BACK

SECTION B SCHEDULE OF SUPPLIES/SERVICES

B.1 CONTRACT TYPE

A. The contract type is a hybrid consisting of labor-hour and firm-fixed-price contract line items (CLINS).

B. The labor rates and categories provided for the labor hour CLINS shall be applicable for the duration of thiscontract.

B.2 CONSIDERATION AND OBLIGATION- LABOR-HOUR CONTRACT

(a) The ceiling price to the Government for full performance under this contract for CLIN 0005 is S5.100.

(b) The contract includes direct labor hours at specified fixed hourly rates, inclusive, of wages, fringe. overhead,general and administrative expenses, and profit.

(c) It is estimated that the amount. currently obligated will cover performance through May .31. 2015.

(d) This is an incrementally-funded contract and FAR 52.232-22 - "Limitation of Funds" applies.

B.3 CONSIDERATION AND OBLIGATION-FIRIWM-FIXED-PRICE

The total amount of the Firm-Fixed-Price portion of this contract is S35,651.14 and this amount is fully-funded.

B.4 PRICE SCHEDULE

B.4.1 Base Year: June 1, 2014- NMi 31. 2015CLIN Description QTY Unit Unit Toa] Line lten Type SOW

No. Price/Labor Price/Estimated __ Section

000i Telecommunications - Months Firm-Fixed-Price .1System Maintenance , ____ j

0002 Quarterly Condition Ia Quarterly • m Firm-Fixed-Price 5.1.6Review _ I

00103 Annual PBX Security , Annual Firm-Fixed-Price 5.2Audit

0004 Annual UPS est Annual Firm7Fixed-Price 5.3____Verification Tes ____ ______________ I ____

0005 Project Supplemental Hours m u Labor Hour - 5.4. Technical Sunnort_ NTE

0006 Replacement Parts- N/A N Materials - NTE 5.5L__ (Materials')

Base Year Total: S43-7-51.40

I

I

B.4.3 Option Year Two: June 1,2016 - May 31. 2017CLIN Description QTY Unit Unit Total Line Item Type SOWNo. Price/Labor Price/Estimated Section

2001 Teiecommunications Months Firm-Fixed-Price 5.1____Svstem MvaintenanceMotsjFr-iePic 5.

2002 Quarterly Condition Quarterly Firm-Fixed-Price 5.1.6Review

2003 Annual PBX Secur AnnualFi-Audi Fir_-Fixed-Price 5._

2004 jAnnual UPS Annual IFr-ie-rcVerification Test

J1 i__ _ _ __ _ _

2005 Project Supplemental Hours Labor Hour 5.4

Technical Support NTE2006 Replacement Parts NIA N/A NiA____Ma rials______ j Materiais - NTE 5.5

Option Year Two T otal: $45,983.08

I

I*

I

Option Year Three Total:

B.4.3 (CLINNo.

4001

4002

4003

4004

4005

4006

Option Year Four Total: $48,344.24

B.5 PERIOD OF PERFORMANCE

It is anticipated that the contract will commence on June 1, 2014 and shall not extend beyond May 31, 2019 (if alloption years be exercised.)

:-ýLength4OffPerformance.:•exiod, E.•::-."-":..,,- M stimated4atesl-.One (1) Year June 1, 2014- May 31,2015One (1) Year June 1. 2015 - Mav 31, 201.6One (1) Year June 1. 201.6- May, 31. 2017One (1) Year June 1. 2017 - May31. 2018One (1) Year J June 1, 2018 - May 31. 2019

SECTION C CLAUSES

C.1 CONTRACT CLAUSES INCORPORATED BY REFERENCEThe following contract clauses pertinent to this section are hereby incorporated by reference (by Citation Number,Title, and Date) in accordance with the clause at FAR 52.252-2 CLAUSES INCORPORATED BYREFERENCE, as provided herein. See FAR 52.252-2 for an Internet address (if specified) for electronic accessto the full text of a clause.

NUMBER TITLE DATE

52.212-4 CONTRACT TERMS AND CONDITIONS FEB 2007- COMMERCIAL ITEMS WITH ALTERNATE I AUG 2012

52.219-14 LIMITATIONS ON SUBCONTRACTING DEC 1996

52.223-18 ENCOURAGING CONTRCTOR POLICIES AUG 2011TO BAN TEXT MESSAGNING WHILE DRIVING

52.225-13 RESTRICTIONS ON CERTAIN FOREIGN PURCHASES JUN 2008

52.228-5 INSURANCE - WORK ON A GOVERNMENT JAN 1997INSTALLATION

52.232-39 UNENFORCEABILITY OF UNAUTHORIZED JUN 2013OBLIGATIONS

52.233-4 APPLICABLE LAW FOR BREACH OF CONTRACT OCT 2004CLAIM

52.242-15 STOP-WORK-ORDER AUG 1989

C.2 CONTRACT CLAUSES IN FULL TEXT

C.2.1 52.212-5 CONTRACT TERMS AND CONDITIONS REQUIRED TO IMPLEMENT STATUTESOR EXECUTIVE ORDERS - COMMERCIAL ITEMS (NOV 2013) - ALTENATE I (FEB 2000)

(a) The Contractor shall comply with the following Federal Acquisition Regulation (FAR) clauses, whichare incorporated in this contract by reference, to implement provisions of law or Executive ordersapplicable to acquisitions of commercial items:

(1) 52.222-50, Combating Trafficking in Persons (FEB 2009) (22 U.S.C. 7104(g)).

(2) 52.233-3, Protest After Award (AUG 1996) (31 U.S.C. 3553).

(3) 52.233-4, Applicable Law for Breach of Contract Claim (OCT 2004) (Pub. L. 108-77,108-78).

(b) The Contractor shall comply with the FAR clauses in this paragraph (b) that the Contracting Officerhas indicated as being incorporated in this contract by reference to implement provisions of law orExecutive orders applicable to acquisitions of commercial items: (Contracting Officer check asappropriate.)

[X] (1) 52.203-6, Restrictions on Subcontractor Sales to the Government (SEP 2006), withAlternate I (OCT 1995) (41 U.S.C. 253g and 10 U.S.C. 2402).

[](2) 52.203-13, Contractor Code of Business Ethics and Conduct (APR 2010)(Pub. L. 110-252,Title VI, Chapter 1 (41 U.S.C. 251 note)).

[] (3) 52.203-15, Whistleblower Protections under the American Recovery and Reinvestment Actof 2009 (JUN 2010) (Section 1553 of Pub. L. 111-5). (Applies to contracts funded by theAmerican Recovery and Reinvestment Act of 2009.)

[X] (4) 52.204-10, Reporting Executive Compensation and First-Tier Subcontract Awards (JUL2013)(Pub. L. 109-282)(31 U.S.C. 6101 note).

[](5) 52.204-11, American Recovery and Reinvestment Act-Reporting Requirements (JUL 2010)(Pub. L. 111-5).

[X] (6) 52.209-6, Protecting the Government's Interest When Subcontracting with ContractorsDebarred, Suspended, or Proposed for Debarment. (AUG. 2013) (31 U.S.C. 6101 note).

[](7) 52.209-9, Updates of Publicly Available Information Regarding Responsibility Matters(JUL 2013) (41 U.S.C. 2313).

[] (8) 52.209-10, Prohibition on Contracting with Inverted Domestic Corporations (MAY 2012)(section 738 of Division C of Pub. L. 112-74, section 740 of Division C of Pub. L. 11 I-117,section 743 of Division D of Pub. L. 111-8, and section 745 of Division D of Pub. L. 110-161).

[] (9) 52.219-3, Notice of HUBZone Set-Aside or Sole-Source Award (NOV 2011) (15 U.S.C.657a).

[](10) 52.219-4, Notice of Price Evaluation Preference for HUBZone Small Business Concerns(JAN 2011) (if the offeror elects to waive the preference, it shall so indicate in its offer) (15U.S.C. 657a).

[I (11) (Reserved)

[XI (12)(i) 52.219-6, Notice of Total Small Business Set-Aside (NOV 2011) (15 U.S.C. 644).

[](ii) Alternate 1 (NOV 2011).

[] (iii) Alternate II (NOV 2011).

[](13)(i) 52.219-7, Notice of Partial Small Business Set-Aside (JUN 2003) (15 U.S.C. 644).

[](ii) Alternate I (OCT 1995) of 52.219-7.

[] (iii) Alternate II (MAR 2004) of 52.219-7.

[] (14) 52.2 19-8, Utilization of Small Business Concerns (JUL 2013) (15 U.S.C. 637 (d)(2) and(3)).

[X] (15)(i) 52.219-9, Small Business Subcontracting Plan (JUL 2013) (15 U.S.C. 637(d)(4)).

[] (ii) Alternate 1 (OCT 2001) of 52.219-9.

[](iii) Alternate 11 (OCT 2001) of 52.219-9.

[](16.) 52.219-13, Notice of Set-Aside of Orders (NOV 2011) (15 U.S.C. 644(r)).

[X] (17) 52.219-14, Limitations on Subcontracting (NOV 2011) (15 U.S.C. 637(a)(14)).

[] (18) 52.219-16, Liquidated Damages-Subcontracting Plan (JAN 1999) (15 U.S.C.637(d)(4)(F)(i)).

[] (19)(i) 52.219-23, Notice of Price Evaluation Adjustment for Small Disadvantaged BusinessConcerns (OCT 2008) (10 U.S.C. 2323)(if the offeror elects to waive the adjustment, it shall soindicate in its offer.)

[](ii) Alternate I (JUN 2003) of 52.219-23.

[](20) 52.219-25, Small Disadvantaged Business Participation. Program-Disadvantaged Statusand Reporting (JUL 2013) (Pub. L. 103-355, section 7102, and 10 U.S.C. 2323).

[3(21) 52.2119-26, Small Disadvantaged Business Participation Program-Incentive Subcontracting(OCT 2000) (Pub. L. 103-355, section 7102, and 10 U.S.C. 2323).

[1(22) 52.219-27, Notice of Service-Disabled Veteran-Owned Small Business Set-Aside (NOV2011) (15 U.S.C. 657f).

[X] (23) 52.219-28, Post Award Small Business Program Rerepresentation (JUL 2013) (15U.S.C. 632(a)(2)).

[] (24) 52.2119-29, Notice of Set-Aside for Economically Disadvantaged Women-Owned SmallBusiness (EDWOSB) Concerns (JUL 2013) (15 U.S.C. 637(m)).

[] (25) 52.219-30, Notice of Set-Aside for Women-Owned Small Business (WOSB) ConcernsEligible Under the WOSB Program (JUL 2013) (15 U.S.C. 637(m)).

[X] (26) 52.222-3, Convict Labor (JUN 2003) (E.O. 11755).

[X] (27) 52.222-19, Child Labor-Cooperation with Authorities and Remedies (NOV 2013) (E.O.13126).

[X] (28) 52.222-21, Prohibition of Segregated Facilities (FEB 1999).

[X] (29) 52.222-26, Equal Opportunity (MAR 2007) (E.O. 11246).

[X] (30) 52.222-35, Equal Opportunity for Veterans (SEP 2010) (38 U.S.C. 4212).

[X] (31) 52.222-36, Affirmative Action for Workers with Disabilities (OCT 2010) (29 U.S.C.793).

[X] (32) 52.222-37, Employment Reports on Veterans (SEP 2010) (38 U.S.C. 4212).

[X] (33) 52.222-40, Notification of Employee Rights Under the National Labor Relations Act(DEC 2010) (E.O. 13496).

[X] (34) 52.222-54, Employment Eligibility Verification (AUG 2013). (Executive Order 12989).(Not applicable to the acquisition of commercially available off-the-shelf items or certain othertypes of commercial items as prescribed in 22.1803.)

[] (35)(i) 52.223-9, Estimate of Percentage of Recovered Material Content for EPA-DesignatedItems (MAY 2008) (42 U.S.C. 6962(c)(3)(A)(ii)). (Not applicable to the acquisition ofcommercially available off-the-shelf items.)

[](ii) Alternate I (MAY 2008) of 52.223-9 (42 U.S.C. 6962(i)(2)(C)). (Not applicable tothe acquisition of commercially available off-the-shelf items.)

[](36) 52.223-15, Energy Efficiency in Energy-Consuming Products (DEC2007) (42 U.S.C..8259b).

[] (37)(i) 52.223-16, IEEE 1680 Standard for the Environmental Assessment of PersonalComputer Products (DEC 2007) (E.O. 13423).

[](ii) Alternate I (DEC 2007) of 52.223-16.

[](38) 52.223-18, Encouraging Contractor Policies to Ban Text Messaging While Driving (AUG2011).

[X] (39) 52.225-1, Buy American Act - Supplies (FEB 2009) (41 U.S.C. 1Oa-0Od).

[](40)(i) 52.225-3, Buy American Act-Free Trade Agreements-Israeli Trade Act (NOV 2012) (41U.S.C. chapter 83, 19 U.S.C. 3301 note, 19 U.S.C. 2112 note, 19 U.S.C. 3805 note, 19 U.S.C.4001 note, Pub. L. 103-182, 108-77, 108-78, 108-286, 108-302, 109-53, 109-169, 109-283,110-138, 112-41, 112-42, and 112-43).

[](ii) Alternate I (MAR 2012) of 52.225-3.

[](iii) Alternate II (MAR 2012) of 52.225-3.

[](iv) Alternate III (NOV 2012) of 52.225-3.

[](41) 52.225-5, Trade Agreements (NOV 2013) (19 U.S.C. 2501, el seq., 19 U.S.C. 3301 note).

[X] (42) 52.225-13, Restrictions on Certain Foreign Purchases (JUN 2008) (E.O.'s,proclamations, and statutes administered by the Office of Foreign Assets Control of theDepartment of the Treasury.

[] (43) 52.225-26, Contractors Performing Private Security Functions Outside the United States

(JUL 2013) (Section 862, as amended, of the National Defense Authorization Act for Fiscal Year2008; 10 U.S.C. 2302 Note).

[1(44) 52.226-4., Notice of Disaster or Emergency Area Set-Aside (NOV 2007) (42 U.S.C. 5150).

[](45) 52.226-5, Restrictions on Subcontracting Outside Disaster or Emergency Area (NOV2007) (42 U.S.C. 5150).

[](46) 52.232-29, Terms for Financing of Purchases of Commercial Items (FEB 2002) (41 U.S.C.255(f), 10 U.S.C. 2307(f)).

[] (47) 52.232-30, Installment Payments for Commercial Items (OCT 1995) (41 U.S.C. 255(f), 10U.S.C. 2307(f)).

[X] (48) 52.232-33, Payment by Electronic Funds Transfer - System for Award Management(JUL 2013) (31 U.S.C. 3332).

[] (49) 52.232-34, Payment by Electronic Funds Transfer - Other than System for AwardManagement (JUL 2013) (31 U.S.C. 3332).

[1(50) 52.232-36, Payment by Third Party (JUL 2013) (31 U.S.C. 3332).

[](51) 52.239-1, Privacy or Security Safeguards (AUG 1996) (5 U.S.C. 552a).

[] (52)(i) 52.247-64, Preference for Privately Owned U.S.-Flag Commercial Vessels (FEB 2006)(46 U.S.C. Appx 1241(b) and 10 U.S.C. 2631).

[1 (ii) Alternate I (APR 2003) of 52.247-64.

(c) The Contractor shall comply with the FAR clauses in this paragraph (c), applicable to commercialservices, that the Contracting Officer has indicated as being incorporated in this contract by reference toimplement provisions of law or Executive orders applicable to acquisitions of commercial items:(Contracting Officer check as appropriate.)

[1(1) 52.222-41, Service Contract Act of 1965 "(NOV 2007)" (41 U.S.C. 351, et seq.).

[](2) 5.22"2-42, Statement of Equivalent Rates for Federal Hires (MAY 1989) (29 U.S.C. 206and 41 U.S.C. 351, et seq.).

[] (3) 52.222-43, Fair Labor Standards Act and Service Contract Act-Price Adjustment (MultipleYear and Option Contracts) (SEP 2009) (29 U.S.C. 206 and 41 U.S.C. 351, et seq.).

[] (4) 52.222-44, Fair Labor Standards Act and Service Contract Act-Price Adjustment (SEP2009) (29 U.S.C. 206 and 41 U.S.C. 351, et seq.).

[] (5) 52.222-51, Exemption from Application of the Service Contract Act to Contracts forMaintenance, Calibration, or Repair of Certain Equipment-Requirements "(NOV 2007)" (41U.S.C. 351, et seq.).

[1(6) 52.222-53, Exemption from Application of the Service Contract Act to Contracts forCertain Services-Requirements (FEB 2009) (41 U.S.C. 351, et seq.).

[] (7) 52.222-17, Nondisplacement of Qualified Workers (JAN 2013) (E.O. 13495).

[](8) 52.226-6, Promoting Excess Food Donation to Nonprofit Organizations. (MAR 2009) (Pub.L. 110-247).

[] (9) 52.237-11, Accepting and Dispensing of $1 Coin (SEP 2008) (31 U.S.C. 5112(p)(1)).

(d)(1) Notwithstanding the requirements of the clauses in paragraphs (a), (b), and (c) of this clause, theContractor is not required to flow down any FAR clause, other than those in this paragraph (d)(1) of thisparagraph in a subcontract for commercial items. Unless otherwise indicated below, the extent of the flowdown shall be as required by the clause-

(i) 52.203-13, Contractor Code of Business Ethics and Conduct (APR 2010) (Pub. L.110-252, Title VI, Chapter 1 (41 U.S.C. 251 note)).

(ii) 52.219-8, Utilization of Small Business Concerns (JUL 2013) (15 U.S.C. 637(d)(2)and (3)), in all subcontracts that offer further subcontracting opportunities. If thesubcontract (except subcontracts to small business concerns) exceeds $650,000 ($1.5million for construction of any public facility), the subcontractor must include 52.219-8in lower tier subcontracts that offer subcontracting opportunities.(iii) 52.222-17, Nondisplacement of Qualified Workers (JAN 2013) (E.O. 13495). Flow

down required in accordance with paragraph (1) of FAR clause 52.222-17.

(iv) 52.222-26, Equal Opportunity (MAR 2007) (E.O. 11246).

(v) 52.222-35, Equal Opportunity for Veterans (SEP 2010) (38 U.S.C. 4212).

(vi) 52.222-36, Affirmative Action for Workers with Disabilities (OCT 2010) (29 U.S.C.793).

(vii) 52.222-40, Notification of Employee Rights Under the National Labor Relations Act(DEC 2010) (E.O. 13496). Flow down required in accordance with paragraph (f) of FARclause 52.222-40.

(viii) 52.222-41, Service Contract Act of 1965 "(NOV 2007)" (41 U.S.C. 351, et seq.).

(ix) 52.222-50, Combating Trafficking in Persons (FEB 2009) (22 U.S.C. 7104(g)).

Alternate I (AUG 2007) of 52.222-50 (22 U.S.C. 7104(g)).

(x) 52.222-51, Exemption from Application of the Service Contract Act to Contracts forMaintenance, Calibration, or Repair of Certain Equipment-Requirements "(NOV 2007)"(41 U.S.C. 351, et seq.).

(xi) 52.222-53, Exemption from Application of the Service Contract Act to Contracts forCertain Services-Requirements (FEB 2009)(41 U.S.C. 351, et seq.).

(xii) 52.222-54, Employment Eligibility Verification (AUG 2013).

(xiii) 52.225-26, Contractors Performing Private Security Functions Outside the UnitedStates (JUL 2013) (Section 862, as amended, of the National Defense Authorization Actfor Fiscal Year 2008; 10 U.S.C. 2302 Note).

(xiv) 52.226-6, Promoting Excess Food Donation to Nonprofit Organizations. (MAR2009) (Pub. L. 110-247). Flow down required in accordance with paragraph (e) of FARclause 52.226-6.

(xv) 52.247-64, Preference for Privately Owned U.S.-Flag Commercial Vessels (FEB2006) (46 U.S.C. Appx 1241(b) and 10 U.S.C. 2631). Flow down required in accordancewith paragraph (d) of FAR clause 52.247-64.

(2) While not required, the contractor may include in its subcontracts for commercial items aminimal number of additional clauses necessary to satisfy its contractual obligations.

(End of clause)

C.2.2 52.219-I1 SPECIAL 8(a) CONTRACT CONDITIONS (FEB 1999)

The Small Business Administration (SBA) agrees to the following:

(a) To. furnish the supplies or services set forth in this contract according to the specifications and the terms andconditions hereof by subcontracting with an eligible concern pursuant to the provisions of section 8(a) of theSmall Business Act, as amended (15 U.S.C. 637(a)).

(b) That in the event SBA does not award a subcontract for all or a part of the work hereunder, this contract maybe terminated either in whole or in part without cost to either party.

(c) Except for novation agreements and advance payments, delegate to the U.S. Nuclear Regulatory Commission(NRC) the responsibility for administering the subcontract to be awarded hereunder with complete authority totake any action on behalf of the Government under the terms and conditions of the subcontract; provided,however, that the NRC shall give advance notice to the SBA before it issues a final notice terminating the right ofa subcontractor to proceed with further performance, either in whole or in part, under the subcontract for defaultor for the convenience of the Government.

(d) That payments to be made under any subcontract awarded under this contract will be made directly to thesubcontractor by the NRC.

(e) That the subcontractor awarded a subcontract hereunder shall have the right of appeal from decisions of theContracting Officer cognizable under the "Disputes" clause of said subcontract.

(f) To notify the NRC Contracting Officer immediately upon notification by the subcontractor that the owner orowners upon whom 8(a) eligibility was based plan to relinquish ownership or control of the concern.

(End of Clause)

C.2.3 52.219-12 SPECIAL 8(a) SUBCONTRACT CONDITIONS (FEB 1990)

(a) The Small Business Administration (SBA) has entered into Contract No. NRC-RI-91-14-C-0001 with theU.S. Nuclear Regulatory Commission (NRC) to furnish the supplies or services as described therein. A copy ofthe contract is attached hereto and made a part hereof.

(b) The Altus Technology Solutions, hereafter referred to as the subcontractor, agrees and acknowledges asfollows:

(1) That it will, for and on behalf of the SBA, fulfill and perform all of the requirements of Contract No.NRC-RI-91-14-C-0001 for the consideration stated therein and that it has read and is familiar with eachand every part of the contract.

(2) That the SBA has delegated responsibility, except for novation agreements and advance payments, forthe administration of this subcontract to the NRC with complete authority to take any action on behalf ofthe Government under the terms and conditions of this subcontract.

(3) That it will not subcontract the performance of any of the requirements of this subcontract to anylower tier subcontractor without the prior written approval of the SBA and the designated ContractingOfficer of the NRC.

(4) That it will notify the NRC Contracting Officer in writing immediately upon entering an agreement(either oral or written) to transfer all or part of its stock or other ownership interest to any other party.

(c) Payments, including any progress payments under this subcontract, will be made directly to the subcontractorby the NRC.

(End of Clause)

C.2.4 52.219-17 SECTION 8(a) AWARD (DEC 1996)

(a) By execution of a contract, the Small Business Administration (SBA) agrees to the following:

(I) To furnish the supplies or services set forth in the contract according to the specifications and the terms andconditions by subcontracting with the Offeror who has been determined an eligible concern pursuant to theprovisions of section 8(a) of the Small Business Act, as amended (15 U.S.C. 637(a)).

(2) Except for novation agreements and advance payments, delegates to the U.S. Nuclear RegulatoryCommission (NRC) the responsibility for administering the contract with complete authority to take anyaction on behalf of the Government under the terms and conditions of the contract; provided, howeverthat the contracting agency shall give advance notice to the SBA before it issues a final notice terminatingthe right of the subcontractor to proceed with further performance, either in whole or in part, under thecontract.

(3) That payments to be made under the contract will be made directly to the subcontractor by thecontracting activity.

(4) To notify the NRC Contracting Officer immediately upon notification by the subcontractor that theowner or owners upon whom 8(a) eligibility was based plan to relinquish ownership or control of theconcern.

(5) That the subcontractor awarded a subcontract hereunder shall have the right of appeal from decisionsof the cognizant Contracting Officer under the "Disputes" clause of the subcontract.

(b) The offeror/subcontractor agrees and acknowledges that it will, for and on behalf of the SBA. fulfill andperform all of the requirements of the contract.

(c) The offeror/subcontractor agrees that it will not subcontract the performance of any of the requirements of thissubcontract to any lower tier subcontractor without the prior written approval of the SBA and the cognizantContracting Officer of the NRC.

(End of Clause)

C.2.5 52.217-8 OPTION TO EXTEND SERVICES (NOV 1999)

The Government may require continued performance of any services within the limits and at the rates specified inthe contract. These rates may be adjusted only as a result of revisions to prevailing labor rates provided by theSecretary of Labor. The option provision may be exercised more than once, but the total extension of performancehereunder shall not exceed 6 months. The Contracting Officer may exercise the option by written notice to theContractor within 60 days of the end of the contract.

(End of clause)

C.2.6 52.217-9 OPTION TO EXTEND THE TERM OF THE CONTRACT (MAR 2000)

(a) The Government may extend the term of this contract by written notice to the Contractor within 30 days;provided that the Government gives the Contractor a preliminary written notice of its intent to extend at least 30before the contract expires. The preliminary notice does not commit the Government to an extension.

(b) If the Government exercises this option, the extended contract shall be considered to include this optionclause.

(c) The total duration of this contract, including the exercise of any options under this clause, shall not exceed fiveyears.

(End of clause)

C.3 NRC LOCAL CLAUSES

C.3.1 ELECTRONIC PAYMENT (SEP 2013)

The Debt Collection Improvement Act of 1996 requires that all payments except IRS tax refunds be made byElectronic Funds Transfer. Payment shall be made in accordance with FAR 52.232-33, entitled "Payment byElectronic Funds Transfer-System Award Management".

To receive payment, the contractor shall prepare invoices in accordance with NRC's Billing Instructions. Claimsshall be submitted on the payee's letterhead, invoice, or on the Government's Standard Form 1034, "PublicVoucher for Purchases and Services Other than Personal," and Standard Form 1035, "Public Voucher forPurchases Other than Personal - Continuation Sheet." The preferred method of submitting invoices/vouchers iselectronically to the U.S. Nuclear Regulatory Commission, via email to: NRCPayments(-nrc.gov.

(End of Clause)

C.3.2 USE OF AUTOMATED CLEARING HOUSE (ACH) ELECTRONIC PAYMENT/REMITTANCEADDRESS

The Debt Collection Improvement Act of 1996 requires that all Federal payments except IRS tax refunds be madeby Electronic Funds Transfer. It is the policy of the Nuclear Regulatory Commission to pay government vendorsby the Automated Clearing House (ACH) electronic funds transfer payment system. Item 15C of the StandardForm 33 may be disregarded.

(End of Clause)

C.3.3 GREEN PURCHASING (SEP 2013)

(a) In furtherance of the sustainable acquisition goals included in Executive Order 13514, "Federal Leadership inEnvironmental, Energy, and Economic Performance," products and services acquired under this contract/ordershall be energy-efficient (Energy Star or Federal Energy Management Program (FEMP) designated),water-efficient, biobased, environmentally preferable (e.g., Electronic Product Environmental Assessment Tool(EPEAT) certified), non-ozone depleting, recycled content, and non-toxic or less toxic alternatives, to themaximum extent practicable in meeting NRC contractual requirements.

(b) See NRC's Green Purchasing Plan (GPP) at: http://pbadupws.nrc.gov/docs/ML1219//ML 12191Al130.pdf andthe General Service Administration's (GSA) Green Procurement Compilation at:http://www.gsa.gov/portal/content/ l98257.

(c) The contractor shall flow down this clause into all subcontracts and other agreements that relate toperfornance of this contract/order.

(End of Clause)

C.3.4 CONTRACTOR RESPONSIBILITY FOR PROTECTING PERSONALLY IDENTIFIABLEINFORMATION (PH1)

In accordance with the Office of Management and Budget's guidance to Federal agencies and the NuclearRegulatory Commission's (NRC) implementing policy and procedures, a contractor (including subcontractors andcontractor employees), who performs work on behalf of the NRC, is responsible for protecting, from unauthorizedaccess or disclosure, personally identifiable information (P11) that may be provided, developed, maintained,collected, used, or disseminated, whether in paper, electronic, or other format, during performance of this

contract.

A contractor who has access to NRC owned or controlled PII, whether provided to the contractor by the NRC ordeveloped, maintained, collected, used, or disseminated by the contractor during the course of contractperformance. must comply with the following requirements:

(1) General. In addition to implementing the specific requirements set forth in this clause, the contractor mustadhere to all other applicable NRC guidance, policy and requirements for the handling and protection of NRCowned or controlled PII. The contractor is responsible for making sure that it has an adequate understanding ofsuch guidance, policy and requirements.

(2) Use, Ownership, and Nondisclosure. A contractor may use NRC owned or controlled PH1 solely forpurposes of this contract, and may not collect or use such P1I for any purpose outside the contract without theprior written approval of the NRC Contracting Officer. The contractor must restrict access to such information toonly those contractor employees who need the information to perform work under this contract, and must ensurethat each such contractor employee (including subcontractors' employees) signs a nondisclosure agreement, in aform suitable to the NRC Contracting Officer, prior to being granted access to the information. The NRC retainssole ownership and rights to its P11. Unless the contract states otherwise, upon completion of the contract, thecontractor must turn over all PIH in its possession to the NRC, and must certify in writing that it has not retainedany NRC owned or controlled P11 except as otherwise authorized in writing by the NRC Contracting Officer.

(3) Security Plan. When applicable, and unless waived in writing by the NRC Contracting Officer, thecontractor must work with the NRC to develop and implement a security plan setting forth'adequate procedures.for the protection of NRC owned or controlled PHi as well as the procedures which the contractor must follow fornotifying the NRC in the event of any security breach. The plan will be incorporated into the contract and must beimplemented and followed by the contractor once it has been approved by the NRC Contracting Officer. If thecontract does not include a security plan at the time of contract award, a plan must be submitted for the approvalof the NRC Contracting Officer within 30 days after contract award.

(4) Breach Notification. The contractor must immediately notify the NRC Contracting Officer and the NRCContracting Officer's Representative (COR) upon discovery of any suspected or confirmed breach in the securityof NRC owned or controlled PH1.

(5) Legal Demands for Information. If a legal demand is made for NRC owned or controlled PH1 (such as bysubpoena), the contractor must immediately notify the NRC Contracting Officer and the NRC ContractingOfficer's Representative (COR). After notification, the NRC will determine whether and to what extent tocomply with the legal demand. The Contracting Officer will then notify the contractor in writing of thedetermination and such notice will indicate the extent of disclosure authorized, if any. The contractor may onlyrelease the information specifically demanded with the written permission of the NRC Contracting Officer.

(6) Audits. The NRC may audit the contractor's compliance with the requirements of this clause, includingthrough the use of online compliance software.

(7) Flow-down. The prime contractor will flow this clause down to subcontractors that would be covered by

any portion of this clause, as if they were the prime contractor.

(8) Remedies:

(a) The contractor is responsible for implementing and maintaining adequate security controls to prevent the lossof control or unauthorized disclosure of NRC owned or controlled P1l in its possession. Furthermore, thecontractor is responsible for reporting any known or suspected loss of control or unauthorized access to P11 to the

NRC in accordance with the provisions set forth in Article 4 above.

(b) Should the contractor fail to meet its responsibilities under this clause, the NRC reserves the right to takeappropriate steps to mitigate the contractor's violation of this clause. This may include, at the sole discretion ofthe NRC, termination of the subject contract.

(9) Indemnification. Notwithstanding any other remedies available to the NRC, the contractor will indemnifythe NRC against all liability (including costs and fees) for any damages arising out of violations of this clause.

(End of Clause)

C.3.5 WHISTLEBLOWER PROTECTION FOR NRC CONTRACTOR AND SUBCONTRACTOREMPLOYEES

(a) The U.S. Nuclear Regulatory Commission (NRC) contractor and its subcontractor are subject to theWhistleblower Employee Protection public law provisions as codified at 42 U.S.C. 5851. NRC contractor(s) andsubcontractor(s) shall comply with the requirements of this Whistleblower Employee Protection law, and theimplementing regulations of the NRC and the Department of Labor (DOL). See, for example, DOL Procedureson Handling Complaints at 29 C.F.R. Part 24 concerning the employer obligations, prohibited acts, DOLprocedures and the requirement for prominent posting of notice of Employee Rights at Appendix A to Part 24entitled: "Your Rights Under the Energy Reorganization Act".

(b) Under this Whistleblower Employee Protection law, as implemented by regulations, NRC contractor andsubcontractor employees are protected from discharge, reprisal, threats, intimidation, coercion, blacklisting orother employment discrimination practices with respect to compensation, terms, conditions or privileges of theiremployment because the contractor or subcontractor employee(s) has provided notice to the employer, refused toengage in unlawful practices, assisted in proceedings or testified on activities concerning alleged violations of theAtomic Energy Act of 1954 (as amended) and the Energy Reorganization Act of 1974 (as amended).

(c) The contractor shall insert this or the substance of this clause in any subcontracts involving work performedunder this contract.

(End of Clause)

C.3.6 SECURITY REQUIREMENTS RELATING TO THE PRODUCTION OF REPORT(S) OR THEPUBLICATION OF RESULTS UNDER CONTRACTS, AGREEMENTS, AND GRANTS

Review and Approval of Reports

(a) Reporting Requirements. The contractor/grantee shall comply with the terms and conditions of thecontract/grant regarding the contents of the draft and final report, summaries, data, and related documents, toinclude correcting, deleting, editing, revising, modifying, formatting, and supplementing any of the informationcontained therein, at no additional cost to the NRC. Performance under the contract/grant will not be deemed

accepted or completed until it complies with the NRC's directions. The reports, summaries, data, and relateddocuments will be considered draft until approved by the NRC. The contractor/grantee agrees that the direction,determinations, and decisions on approval or disapproval of reports, summaries, data, and related documentscreated under this contract/grant remain solely within the discretion of the NRC.

(b) Publication of Results. Prior to any dissemination, display, publication, or release of articles, reports,summaries, data, or related documents developed under the contract/grant, the contractor/grantee shall submitthem to the NRC for review and approval. The contractor/ grantee shall not release, disseminate, display orpublish articles, reports, summaries, data, and related documents, or the contents therein, that have not beenreviewed and approved by the NRC for release, display, dissemination or publication. The contractor/granteeagrees to conspicuously place any disclaimers, markings or notices, directed by the NRC, on any articles, reports,summaries, data, and related documents that the contractor/grantee intends to release, display, disseminate orpublish to other persons, the public, or any other entities. The contractor/grantee agrees, and grants, a royalty-free,nonexclusive, irrevocable worldwide license to the government, to use, reproduce, modify', distribute, preparederivative works, release, display or disclose the articles, reports, summaries, data, and related documentsdeveloped under the contract/grant, for any governmental purpose and to have or authorize others to do so.

(c) Identification/Marking of Sensitive Unclassified Non-Safeguards Information (SUNSI) and SafeguardsInformation (SGI). The decision, determination, or direction by the NRC that information possessed, formulatedor produced by the contractor/grantee constitutes SUNSI or SGI is solely within the authority and discretion of theNRC. In performing the contract/grant, the contractor/grantee shall clearly mark SUNS] and SGI, to include forexample, OUO-Allegation Information or OUO-Security, Related Information on any reports, documents, designs,data, materials, and written information, as directed by the NRC. In addition to marking the information asdirected by the NRC, the contractor shall use the applicable NRC cover sheet (e.g., NRC Form 461 SafeguardsInformation) in maintaining these records and documents. The contractor/grantee shall ensure that SUNSI andSGI is handled, maintained and protected from unauthorized disclosure, consistent with NRC policies anddirections. The contractor/grantee shall comply with the requirements to mark, maintain, and protect allinformation, including documents, summaries, reports, data, designs, and materials in accordance with theprovisions of Section 147 of the Atomic Energy Act of 1954 as amended, its implementing regulations (10 CFR73.21), Sensitive Unclassified Non-Safeguards and Safeguards Information policies, and NRC ManagementDirectives and Handbooks 12.5, 12.6 and 12.7.

(d) Remedies. In addition to any civil, criminal, and contractual remedies available under the applicable laws andregulations, failure to comply with the above provisions, and/or NRC directions, may result in suspension,withholding, or offsetting of any payments invoiced or claimed by the contractor/grantee.

(e) Flowdown. If the contractor/grantee intends to enter into any subcontracts or other agreements to perform thiscontract/grant, the contractor/grantee shall include all of the above provisions in any subcontracts or agreements.

(End of Clause)

C.3.7 NRC INFORMATION TECHNOLOGY SECURITY

NRC contractors shall ensure that their employees, consultants, and subcontractors with access to the agency'sinformation technology (IT) equipment and/or IT services complete NRC's online initial and refresher IT securitytraining requirements to ensure that their knowledge of IT threats, vulnerabilities, and associated countermeasuresremains current. Both the initial and refresher IT security training courses generally last an hour or less and canbe taken during the employee's regularly scheduled work day.

Contractor employees, consultants, and subcontractors shall complete the NRC's online annual, "Computer

Security Awareness" course on the same day that they receive access to the agency's IT equipment and/orservices, as their first action using the equipment/service. For those contractor employees, consultants, andsubcontractors who are already working under this contract, the on-line training must be completed in accordancewith agency Network Announcements issued throughout the year, within three weeks of issuance of thismodification.

Contractor employees, consultants, and subcontractors who have been granted access to NRC informationtechnology equipment and/or IT services must continue to take IT security refresher training offered online by theNRC throughout the term of the contract. Contractor employees will receive notice of NRC's online IT securityrefresher training requirements through agency-wide notices.

The NRC reserves the right to deny or withdraw Contractor use or access to NRC IT equipment and/or services,and/or take other appropriate contract administrative actions (e.g., disallow costs, terminate for cause) should theContractor violate the Contractor's responsibility under this clause.

(End of Clause)

C.3.8 SECURITY REQUIREMENTS FOR ACCESS TO CLASSIFIED MATTER OR INFORMATION(SEP 2013)

Performance under this contract will require access to classified matter or information (National SecurityInformation or Restricted Data) in accordancewith the attached NRC Form 187 (See List of Attachments).Prime Contractor personnel, subcontractors or others performing work under this contract shall require a "Q"security clearance (allows access to Top Secret, Secret, and Confidential National Security Information andRestricted Data) or an "L" security clearance (allows access to Secret and Confidential National SecurityInformation and/or Confidential Restricted Data).

The Contractor must identify all individuals to work under this contract. The NRC sponsoring office shall makethe, final determination of the type of security clearance required for.all individuals working under this contract.

The Contractor shall conduct a preliminary security interview or review for each of its employees, subcontractoremployees and consultants, and submit to the Government only the names of candidates that have a reasonableprobability of obtaining the level of security clearance for which the candidate has been proposed. The Contractorwill pre-screen applicants for the following:

(a) pending criminal charges or proceedings; (b) felony arrest records including alcohol related arrest within thelast seven (7) years; (c) record of any military courts-martial charges and proceedings in the last seven (7) yearsand courts-martial convictions in the last ten (10) years; (d )any involvement in hate crimes; (e) involvement inany group or organization that espouses extra-legal violence as a legitimate means to an end; (f) dual or multiplecitizenship including the issuance of a foreign passport in the last seven (7) years; (g) illegal use possession, ordistribution of narcotics or other controlled substances within the last seven (7) years; (h) financial issuesregarding delinquent debts, liens, garnishments, bankruptcy and civil court actions in the last seven (7) years.

The Contractor will make a written record of their pre-screening interview or review (including any informationto mitigate the responses to items listed in (a) - (h)), and have the candidate verify the record, sign and date it.Two (2) copies of the signed interview record or review will be supplied to DFS/PSB with the applicant'scompleted security application package.

The Contractor will further ensure that all Contractor employees, subcontractor employees and consultants forclassified information access approval complete all security applications required by this clause within fourteen

(14) calendar days of notification by DFS/PSB of initiation of the application process. Timely receipt of properlycompleted security applications (submitted for candidates that have a reasonable probability of obtaining the levelof security clearance for which the candidate has been proposed) is a contract requirement. Failure of theContractor to comply with this condition may be a basis to cancel the award, or terminate the contract for default,or offset from the contract's invoiced cost or price the NRC's incurred costs or delays as a result of inadequatepre-screening by the Contractor. In the event of termination or cancellation, the Government may select anotherfirm for contract award.

Such Contractor personnel shall be subject to the NRC Contractor personnel security requirements of NRCManagement Directive (MD) 12.3, Part I and 10 CFR Part 10.11, which is hereby incorporated by reference andmade a part of this contract as though fully set forth herein, and will require a favorably adjudicated Single ScopeBackground Investigation (SSBI) for "Q" clearances or a favorably adjudicated Access National Agency Checkand Inquiries (ANACI), or higher level investigation depending on the position the individual will occupy, for "L"clearances.

A Contractor employeeshall not have access to classified information until he/ she is granted a security clearanceby DFS/PSB, based on a favorably adjudicated investigation. In the event the Contractor employee'sinvestigation cannot be favorably adjudicated, any interim access approval could possibly be revoked and theindividual could be subsequently removed from performing under the contract. If interim approval access isrevoked or denied, the Contractor is responsible for assigning another individual to perform the necessary workunder this contract without delay to the contract's performance schedule, or without adverse impact to any otherterms or conditions of the contract. The individual will be subject to a reinvestigation every five (5) years for "Q"clearances and every ten (10) years for "L" clearances.

CORs are responsible for submitting the completed access/clearance request package as well as otherdocumentation that is necessary to DFS/PSB. The contractor shall submit a completed security forms packet,including the OPM Standard Form (SF) 86 (online Questionnaire for National Security Positions), two (2) copiesof the Contractor's signed pre-screening record and two (2) FD 258 fingerprint charts, to DFS/PSB for review andadjudication, prior to submission to the Office of Personnel Management for investigation. The individual maystart working under this contract before a final clearance is granted if a temporary access determination can bemade by DFS/PSB after the review of the security package. If the individual is granted a temporary accessauthorization, the individual may not have access to classified information under this contract until DFS/PSB hasgranted them the appropriate security clearance, and the Contractor has read, understood, and signed the SF 312,"Classified Information Nondisclosure Agreement." The Contractor shall assure that all forms are accurate,complete, and legible (except for Part 2 of the questionnaire, which is required to be completed in private andsubmitted by the individual to the Contractor in a sealed envelope), as set forth in NRC MD 12.3. Based onDFS/PSB review of the applicant's investigation, the individual may be denied his/her security clearance inaccordance with the due process procedures set forth in MD 12.3, E.O. 12968, and 10 CFR Part 10.11.

In accordance with NRCAR 2052.204-70 cleared Contractors shall be subject to the attached NRC Form 187 (SeeSection J for List of Attachments), MD 12.3, SF- 86 and Contractor's signed record or review of the pre-screeningwhich furnishes the basis for providing security requirements to prime. Contractors, subcontractors or others whohave or may have an NRC contractual relationship which requires access to classified information.

CANCELLATION OR TERMINATION OF SECURITY CLEARANCE ACCESS/REQUEST

When a request for clearance investigation is to be withdrawn or canceled, the Contractor shall immediatelynotify the COR by telephone so that the investigation may be promptly discontinued. The notification shallcontain the full name of the individual, and the date of the request. Telephone notifications must be promptlyconfirmed in writing by the Contractor to the COR who will forward the confirmation via email to DFS/PSB.Additionally, DFS/PSB must be immediately notified in writing when an individual no longer requires access to

Government classified information, including the voluntary or involuntary separation of employment of anindividual who has been approved for or is being processed for access under the NRC "Personnel SecurityProgram."

(End of Clause)

C.3.9 SAFETY OF ON-SITE CONTRACTOR PERSONNEL

Ensuring the safety of occupants of Federal buildings is a responsibility shared by the professionals implementingour security and safety programs and the persons being protected. The NRC's Office of Administration (ADM)Division of Facilities and Security (DFS) has coordinated an Occupant Emergency Plan (OEP) for NRCHeadquarters buildings with local authorities. The OEP has been approved by the Montgomery County Fire andRescue Service. It is designed to improve building occupants' chances of survival, minimize damage to property,and promptly account for building occupants when necessary.

The contractor's Project Director shall ensure that all personnel working full time on-site at NRC Headquartersread the NRC's OEP, provided electronically on the NRC Intranet at http://www.intemal.nrc.gov/ADM/OEP.pdf.The contractor's Project Director also shall emphasize to each staff member that they are to be familiar with andguided by the OEP, as well as by instructions given by emergency response personnel in situations which pose animmediate health or safety threat to building occupants.

The NRC Contracting Officer's Representative (COR) shall ensure that the contractor's Project Director hascommunicated the requirement for on-site contractor staff to follow the guidance in the OEP. The NRCContracting Officer's Representative (COR) also will assist in accounting for on-site contract persons in the eventof a major emergency (e.g., explosion occurs and casualties or injuries are suspected) during which a fullevacuation will be required, including the assembly and accountability of occupants. The NRC DFS will conductdrills periodically to train occupants and assess these procedures.

(End of Clause)

C.3.10 INTERNET

Neither NRC nor its third party contractors that manage or develop the NRC web site shall send persistentcookies, place persistent cookies on users' computers, nor collect personally identifiable information from visitorsto the NRC web site unless in addition to clear and conspicuous notice, each of the following conditions are met:there is a compelling need to gather the data on the site; there are appropriate and publicly disclosed privacysafeguards for handling of information derived from "cookies"; and personal approval is obtained from the headof the agency.

(End of Clause)

C.3.11 FOREIGN OWNERSHIP, CONTROL, OR INFLUENCE OVER CONTRACTOR

The National Industrial Security Program Operating Manual (NISPOM) implements the provisions of E.O.12829, "National Industrial Security Program." A company is considered to be under FOCI whenever a foreigninterest has the power, direct or indirect, whether or not exercised, and whether or not exercisable through the

ownership of the U.S. company's securities, by contractual arrangements or otherwise, to direct or decide mattersaffecting the management or operations of that company in a manner that may result in unauthorized access toclassified information or may adversely affect the performance of classified information contracts. (See NRCManagement Directive 12.2 - "NRC Classified Information Security Program")

(a) For purposes of this clause, a foreign interest is defined as any of the following:

(1) A foreign government or foreign government agency;

(2) Any form of business enterprise organized under the laws of any country other than the United States or itspossessions;

(3) Any form of business enterprise organized or incorporated under the laws of the U.S., or a State or otherjurisdiction within the U.S., which is owned, controlled, or influenced by a foreign government, agency, firm,corporation or person; or

(4.) Any person who is not a U.S. citizen.

(b) A U.S. company determined to be under FOCI is not eligible for facility clearance (FCL). If a companyalready has an FCL, the FCL shall be suspended or revoked unless security measures are taken to remove thepossibility of unauthorized access to classified information.

(c) For purposes of this clause, subcontractor means any subcontractor at any tier and the term "contractingofficer" shall mean NRC contracting officer. When this clause is included in a subcontract, the term "contractor"shall mean subcontractor and the term "contract" shall mean subcontract.

(d) The contractor shall complete and submit and SF-328, DD-441 and DD-441-1 forms, prior to contract award.The information contained in these forms may be used in making a determination as to whether a contractor iseligible to participate in the National Industrial Security Program and have a facility security clearance.

(e) The contractor shall immediately provide the contracting officer written notice of any changes in the extentand nature of FOCI over the contractor which would affect the answers to the questions presented in SF-328,"Certificate Pertaining to Foreign Interest". Further, notice of changes in ownership or control which arerequired to be reported to the Securities and Exchange Commission, the Federal Trade Commission, or theDepartment of Justice shall also be furnished concurrently to the contracting officer.

(f) In those cases where a contractor has changes involving FOCI, the NRC must determine whether the changeswill pose an undue risk to the common defense and security. In making this determination, the contractingofficer shall consider proposals made by the contractor to avoid or mitigate foreign influences.

(g) The contractor agrees to insert terms that conform substantially to the language of this clause including thisparagraph (g) in all subcontracts under this contract that will require access to classified information and shallrequire such subcontractors to submit completed SF-328, DD-441 and DD-441-1 forms prior to award of asubcontract. Information to be provided by a subcontractor pursuant to this clause may be submitted directly tothe contracting officer.

(h) Information submitted by the contractor or any affected subcontractor as required pursuant to this clause shallbe treated by NRC to the extent permitted by law, as business or financial information submitted in confidence tobe used solely for purposes of evaluating FOCI.

(i) The requirements of this clause are in addition to the requirement that a contractor obtain and retain the

security clearances required by the contract. This clause shall not operate as a limitation on NRC's rights,including its rights to terminate this contract.

(j) The contracting officer may terminate this contract for default either if the contractor fails to meet obligationsimposed by this clause, e.g., provide the information required by this clause, comply with the contracting officer'sinstructions about safeguarding classified information, or make this clause applicable to subcontractors, or if, inthe contracting officer's judgment, the contractor creates a FOCI situation in order to avoid performance or atermination for default. The contracting officer may terminate this contract for convenience if the contractorbecomes subject to FOCI and for reasons other than avoidance of performance of the contract, cannot, or choosesnot to, avoid or mitigate the FOCI problem.

(End of Clause)

C.3.12 COMPLIANCE WITH U.S. IMMIGRATION LAWS AND REGULATIONS

NRC contractors are responsible to ensure that their alien personnel are not in violation of United Statesimmigration -laws and regulations, including employment authorization documents and visa requirements. Eachalien employee of the Contractor must be lawfully admitted for permanent residence as evidenced by PermanentResident Form 1-551 (Green Card), or must present other evidence from the U.S. Department of HomelandSecurity/U.S. Citizenship and Immigration Services that employment will not affect his/her immigration status.The U.S. Citizenship and Immigration Services provides information to contractors to help them understand theemployment eligibility verification process for non-US citizens. This information can be found on their website,http://www.uscis.gov/portal/site/uscis.

The NRC reserves the right to deny or withdraw Contractor use or access to NRC facilities or itsequipment/services, and/or take any number of contract administrative actions (e.g., disallow costs, terminate forcause) should the Contractor violate the Contractor's responsibility under this clause.

(End of Clause)

C.3.13 RULES OF BEHAVIOR -FOR AUTHORIZED COMPUTER USE

In accordance with Appendix II, "Security of Federal Automated Information Resources," to Office ofManagement and Budget (OMB) Circular A- 130, "Management of Federal Information Resources," NRC hasestablished rules of behavior for individual users who access all IT computing resources maintained and operatedby the NRC or on behalf of the NRC. In response to the direction from OMB, NRC has issued the "Agency-wideRules of Behavior for Authorized Computer Use" policy, hereafter referred to as the rules of behavior. The rulesof behavior for authorized computer use will be provided to NRC computer users, including contractor personnel,as part of the annual computer security awareness course.

The rules of behavior apply to all NRC employees, contractors, vendors, and agents (users) who have access toany system operated by the NRC or by a contractor or outside entity on behalf of the NRC. This policy does notapply to licensees. The next revision of Management Directive 12.5, "NRC Automated Information SecurityProgram," will include this policy. The rules of behavior can be viewed athttp://www.intemal.nrc.gov/CSO/documents/ROB.pdf or use NRC's external Web-based ADAMS athttp://wba.nrc.gov:8080/ves/ (Under Advanced Search, type ML082190730 in the Query box).

The rules of behavior are effective immediately upon acknowledgement of them by the person who is informed ofthe requirements contained in those rules of behavior. All current contractor users are required to review and

acknowledge the rules of behavior as part of the annual computer security awareness course completion. All newNRC contractor personnel will be required to acknowledge the rules of behavior within one week of commencingwork under this contract and then acknowledge as current users thereafter. The acknowledgement statement canbe viewed at http://www.internal.nrc.gov/CSO/documents/ROBAck.pdfor use NRC's external Web-basedADAMS at http://wba.nrc.gov:8080/ves/ (Under Advanced Search, type ML082190730 in the Query box).

The NRC Computer Security Office will review and update the rules of behavior annually beginning in FY 2011by December 31st of each year. Contractors shall ensure that their personnel to which this requirement appliesacknowledge the rules of behavior before beginning contract performance and, if the period of performance forthe contract lasts more than one year, annually thereafter. Training on the meaning and purpose of the rules ofbehavior can be provided for contractors upon written request to the NRC Contracting Officer's Representative(COR).

The contractor shall flow down this clause into all subcontracts and other agreements that relate to performance ofthis contract/order if such subcontracts/agreements will authorize access to NRC electronic and informationtechnology (EIT) as that term is defined in FAR 2.101.

(End of Clause)

C.3.14 COMPENSATION FOR ON-SITE CONTRACTOR PERSONNEL (Alternate I)

(a) NRC facilities may not be available due to (1) designated federal holiday, any other day designated by federalstatute, Executive Order, or by Presidential Proclamation; (2) early dismissal of NRC employees during workinghours (e.g., special holidays or emergency situations); or (3) occurrence of emergency conditions duringnonworking hours (e.g., inclement weather).

(b) When NRC facilities are unavailable, the compensation and deduction policy stated below shall be followedfor contractor employees performing work on-site at the NRC facility:

[Insert the compensation and deduction policY here] *

(c) The contractor shall not charge the NRC for work performed by on- site contractor employees who werereassigned to perform other duties off site during the time the NRC facility was closed.

(d) On-site contractor staff shall be guided by the instructions given by a third party (e.g., Montgomery Countypersonnel, in the case of a water emergency) in situations which pose an immediate health or safety threat toemployees.

(e) The contractor's Project Director shall first consult the NRC Contracting Officer's Representative (COR)before releasing on-site personnel in situations which do not impose an immediate safety or health threat toemployees (e.g., special holidays). That same day, the contractor must then alert the Contracting Officer of theNRC Contracting Officer's Representative's (COR) direction. The contractor shall continue to provide sufficientpersonnel to perform the requirements of essential tasks as defined in the Statement of Work which already are inoperation or are scheduled.

*To be incorporated into the resultant contract

(End of Clause)

C.3.15 ANNUAL AND FINAL CONTRACTOR PERFORMANCE EVALUATIONS

Annual and final evaluations of contractor performance under this contract will be prepared in accordance withFAR Subpart 42.15. "Contractor Performance Information," normally at or near the time the contractor is notifiedof the NRC's intent to exercise the contract option. If the multi-year contract does not have option years, then anannual evaluation will be prepared [N/A]. Final evaluations of contractor performance will be prepared at theexpiration of the contract during the contract closeout process.

The Contracting Officer will transmit the NRC Contracting Officer's Representative's (COR) annual and finalcontractor performance evaluations to the contractor's Project Manager, unless otherwise instructed by thecontractor. The contractor will be permitted thirty days to review the document and submit comments, rebuttingstatements, or additional information.

Where a contractor concurs with, or takes no exception to an annual performance evaluation, the ContractingOfficer will consider such evaluation final and releasable for source selection purposes. Disagreements betweenthe parties regarding a performance evaluation will be referred to an individual one level above the ContractingOfficer, whose decision will be final.

The Contracting Officer will send-a copy of the completed evaluation report, marked "Source SelectionInformation", to the contractor's Project Manager for their records as soon as practicable after it has beenfinalized. The completed evaluation report also will be used as a tool to improve communications between theNRC and the contractor and to improve contract performance.

The completed annual performance evaluation will be used to support future award decisions in accordance withFAR 42.1502 and 42.1503. During the period the information is being used to provide source selectioninformation, the completed annual performance evaluation will be released to only two parties - the Federalgovernment personnel performing the source selection evaluation and the contractor under evaluation if thecontractor does not have a copy of the report already.

(End of Clause)

C.3.16 DENIAL OF FEDERAL BENEFITS TO INDIVIDUALS CONVICTED OF DRUGTRAFFICKING OR POSSESSION

In the event that an award is made to an individual, Section 5301 of the Anti-Drug Abuse Act of 1988 (P.L.100-690), codified at 21 U.S.C. 862, authorizes denial of Federal benefits such as grants, contracts, purchaseorders, financial aid, and business and professional licenses to individuals convicted of drug trafficking orpossession.

(End of Clause)

C.3.17 IT SECURITY REQUIREMENTS - DEVELOPMENT AND OPERATIONS ANDMAINTENANCE REQUIREMENTS

O&M Security Requirements

All system modifications to classified systems must comply with NRC security policies and procedures forclassified systems, as well as federal laws, guidance, and standards to ensure Federal Information Security

Management Act (FISMA) compliance.

The Contractor shall correct errors that are discovered by the NRC or the contractor in contractor developedsoftware and applicable documentation that are not commercial off-the-shelf which are discovered by the NRC orthe contractor. Inability of the parties to determine the cause of software errors shall be resolved in accordancewith the Disputes clause, FAR 52.233-1, incorporated by reference in the contract.

The Contractor shall adhere to the guidance outlined in NIST, SP 800-53, FIPS 200 and NRC guidance for theidentification and documentation of minimum security controls.

The contractor shall provide the system requirements traceability matrix at the end of the initiation phase,development/acquisition phase, implementation/assessment phase, operation & maintenance phase and disposalphase that provides the security requirements in a separate section so that they can be traced through thedevelopment life cycle. The contractor shall also provide the software and hardware designs and test plandocumentation, and source code upon request to the NRC for review.

All development and testing of the systems shall be protected at their assigned system sensitivity level and shallbe performed on a network separate and isolated from the NRC operational network.

All system computers must be properly configured and hardened according to NRC policies, guidance, andstandards and comply with all NRC security policies and procedures as commensurate with the system securitycategorization.

All contractor provided deliverables identified in the project plan will be subject to the review and approval ofNRC Management. The PM will establish review time based on the complexity of the system and incorporateinto the project schedule. The contractor will make the necessary modifications to project deliverables to resolveany identified issues. Project deliverables include but are not limited to: requirements, architectures, designdocuments, test plans, and test reports.

System development schedules shall include computer security office go/no-go decision points, including but notlimited to the following system milestones:

I. Requirements review2. Architecture review3. Detailed design review4. Code review5. System test6. System readiness review

Access Controls

The contractor shall not hardcode any passwords into the software unless the password only appears on the serverside (e.g. using server-side technology such as ASP, PHP, or JSP).

The contractor shall ensure that the software does not contain undocumented functions and undocumentedmethods for gaining access to the software or to the computer system on which it is installed. This includes, but isnot limited to, master access keys, back doors, or trapdoors.

Cryptography

Cryptographic modules provided as part of the system shall be validated under the Cryptographic Module

Validation Program to conform to NIST FIPS 140-2 and must be operated in FIPS mode. The contractor shallprovide the FIPS 140-2 cryptographic module certificate number and a brief description of the encryption modulethat includes the encryption algorithm(s) used, the key length, and the vendor of the product.

Configuration Management And Control

The contractor must ensure that the system will be divided into configuration items (Cis). Cis are parts of asystem that can be individually managed and versioned. The system shall be managed at the Cl level.

The contractor must have a configuration management plan that includes all hardware and software that is part ofthe system and contains at minimum the following sections:

I. Introductiona. Purpose & Scopeb. Definitionsc. References

2. Configuration Managementa. Organizationb. Responsibilitiesc. Tools and Infrastructure

3. Configuration Management Activitiesa. Specification Identificationb. Change control form identificationc. Project baselines

4. Configuration and Change Controla. Change Request Processing and Approvalb. Change Control Board

5. Milestonesa. Define baselines, reviews, auditsb. Training and Resources

The Information System Security Officer's (ISSO's) role in the change management process must be described.The ISSO is responsible for the security posture of the system. Any changes to the system security posture mustbe approved by the ISSO. The contractor should not have the ability to make changes to the system's securityposture without the appropriate involvement and approval of the ISSO.

The contractor shall track and record information specific to proposed and approved changes that minimallyinclude:

I. Identified configuration change2. Testing of the configuration change3. Scheduled implementation the configuration change4. Track system impact of the configuration change5. Track the implementation of the configuration change6. Recording & reporting of configuration change to the appropriate party7. Back out/Fall back plan8. Weekly Change Reports and meeting minutes

9. Emergency change procedures10. List of team members from key functional areas

The contractor shall provide a list of software and hardware changes in advance of placing them into operationwithin the following timeframes:

-30 calendar days for a classified, SGI, or high sensitivity system-20 calendar days for a moderate sensitivity system- 10 calendar days for a low sensitivity system

The contractor must maintain all system documentation that is current to within:

-10 calendar days for a classified, SGI, or high sensitivity system-20 calendar days for a moderate sensitivity system-30 calendar days for a low sensitivity system

Modified code, tests performed and test results, issue resolution documentation, and updated systemdocumentation shall be deliverables on the contract.

Any proposed changes to the system must have written approval from the NRC Contracting Officer'sRepresentative (COR).The contractor shall maintain a list of hardware, firmware and software changes that is current to within:

-15 calendar days for a classified, SGI or high sensitivity system-20 calendar days for a moderate sensitivity system-30 calendar days for a low sensitivity system

The contractor shall analyze proposed hardware and software configurations and modification as well asaddressed security vulnerabilities in advance of NRC accepted operational deployment dates within:

- 15 calendar days for a classified. SG1, or high sensitivity system-20 calendar days for a moderate sensitivity system-30 calendar days for a low sensitivity system

The contractor shall provide the above analysis with the proposed hardware and software for NRC testing inadvance of NRC accepted operational deployment dates within:

-15 calendar days for a classified, SGI, or high sensitivity system-20 calendar days for a moderate sensitivity system-30 calendar days for a low sensitivity system

Control Of Hardware And Software

The contractor shall demonstrate that all hardware and software meet security requirements prior to being placedinto the NRC production environment.

The contractor shall ensure that the development environment is separated from the operational environmentusing NRC CSO approved controls.

Auditing

The system shall be able to create, maintain and protect from modification or unauthorized access or destructionan audit trail of accesses to the objects it protects. The audit data shall be protected so that read access to it islimited to those who are authorized.

The system shall be able to record the following types of events: use of identification and authenticationmechanisms, introduction of objects into a user's address space (e.g., file open, program initiation), deletion ofobjects, and actions taken by computer operators and system administrators or system security officers and othersecurity relevant events. The system shall be able to audit any override of security controls.

The Contractor shall ensure auditing is implemented on the following:

-Operating System-Application-Web Server-Web Services-Network Devices-Database-Wireless

The contractor shall perform audit log reviews daily using automated analysis toolsl In addition, the contractormust log at least the following events on systems that process NRC information:

-Audit all failures-Successful logon attempt-Failure of logon attempt-Permission Changes-Unsuccessful File Access-Creating users & objects-Deletion & modification of system files-Registry Key/Kernel changes-Startup & shutdown-Authentication-Authorization/permission granting-Actions by trusted users-Process invocation-Controlled access to data by individually authenticated user-Unsuccessful data access attempt-Data deletion-Data transfer-Application configuration change-Application of confidentiality or integrity labels to data-Override or modification of data labels or markings-Output to removable media-Output to a printer

(End of Clause)

C.3.18 SECURITY REQUIREMENTS FOR INFORMATION TECHNOLOGY LEVEL I OR LEVEL IIACCESS APPROVAL (SEP 2013)

The contractor must identify all individuals selected to work under this contract. The NRC Contracting Officer'sRepresentative (COR) shall make the final determination of the level, if any, of IT access approval required for allindividuals working under this contract/order using the following guidance. The Government shall have full andcomplete control and discretion over granting, denying, withholding, or terminating IT access approvals forcontractor personnel performing work under this contract/order.

The contractor shall conduct a preliminary security interview or review for each employee requiring IT level I orII access and submit to the Government only the names of candidates that have a reasonable probability ofobtaining the level of IT access approval for which the employee has been proposed. The contractor shallpre-screen its applicants for the following:

(a) felony arrest in the last seven (7) years; (b) alcohol related arrest within the last five (5) years; (c) record ofany military courts-martial convictions in the past ten (10) years; (d) illegal use of narcotics or other controlledsubstances possession in the past year, or illegal purchase, production, transfer, or distribution of narcotics orother controlled substances in the last seven (7) years; and (e) delinquency on any federal debts or bankruptcy inthe last seven (7) years.

The contractor shall make a written record of its pre-screening interview or review (including any information tomitigate the responses to items listed in (a) - (e)). and have the employee verify the pre-screening record orreview. sian and date it. The contractor shall supply two (2) copies of the signed contractor's pre-screeningrecord or review to the NRC Contracting Officer's Representative (COR), who will then provide them to the NRCOffice of Administration, Division of Facilities and Security, Personnel Security Branch with the employee'scompleted IT access application package.

The contractor shall further ensure that its personnel complete all IT access approval security applicationsrequired byv this clause within fourteen (14) calendar days of notification by the NRC Contracting Officer'sRepresentative (COR) of initiation of the application process. Timely receipt of properly completed records ofthe pre-screening record and IT access approval applications (submitted for candidates that have a reasonableprobability of obtaining the level of security assurance necessary for access to NRC's IT systems/data) is arequirement of this contract/order. Failure of the contractor to comply with this requirement may be a basis toterminate the contract/order for cause, or offset from the contract's invoiced cost or price the NRC's incurred costsor delays as a result of inadequate pre-screening by the contractor.

SECURITY REQUIREMENTS FOR IT LEVEL I

Performance under this contract/order will involve contractor personnel who perform services requiring directaccess to or operate agency sensitive information technology systems or data (IT Level I'. The IT Level Iinvolves responsibility for the planning, direction. and implementation of a computer security proram; majorresponsibility for the direction, planning, and design of a computer system, including hardware and software; orthe capability to access a computer system during its operation or maintenance in such a way that could cause orthat has a relatively high risk of causing grave damage; or the capability to realize a significant personal gain fromcomputer access.

Contractor personnel shall not have access to sensitive information technology systems or data until they areapproved by DFS/PSB and they have been so informed in writing by the NRC Contracting Officer'sRepresentative (COR). Temporary IT access may be approved by DFS/PSB based on a favorable review oradjudication of their security forms and checks. Final IT access may be approved by DFS/PSB based on afavorably review or adjudication of a completed background investigation. However, temporary accessauthorization approval will be revoked and the employee may subsequently be denied IT access in the event theemployee's investigation cannot be favorably adjudicated. Such an employee will not be authorized to work

under any NRC contract/order requiring IT access without the approval of DFS/PSB, as communicated in writingto the contractor by the NRC Contracting Officer's Representative (COR). Where temporary accessauthorization has been revoked or denied by DFS/PSB, the contractor shall assign another contractor employee toperform the necessary work under this contract/order without delay to the contract/order performance schedule, orwithout adverse impact to any other terms or conditions of the contract/order. When an individual receives finalIT access approval from DFS/PSB, the individual will be subject to a reinvestigation every ten (10) yearsthereafter (assuming continuous performance under contract/order at NRC) or more frequently in the event ofnoncontinuous performance under contract/order at NRC.

CORs are responsible for submitting the completed access/clearance request package as well as otherdocumentation that is necessary to DFS/PSB. The contractor shall submit a completed security forms packet,including the OPM Standard Form (SF) 86 (online Questionnaire for National Security Positions), two (2) copiesof the Contractor's signed pre-screening record and two (2) FD 258 fingerprint charts, to DFS/PSB for review andadjudication, prior to the individual being authorized to perform work under this contract/order requiring access tosensitive information technology systems or data. Non-U.S. citizens must provide official documentation to theDFS/PSB, as proof of their legal residency. This documentation can be a Permanent Resident Card, TemporaryWork Visa, Employment Authorization Card, or other official documentation issued by the U.S. Citizenship andImmigration Services. Any applicant with less than seven (7) years residency in the U.S. will not be approvedfor IT Level I access. The Contractor shall submit the documents to the NRC Contracting Officer'sRepresentative (COR) who will give them to DFS/PSB. The contractor shall ensure that all forms are accurate,complete, and legible. Based on DFS/PSB review of the contractor employee's security forms and/or the receiptof adverse information by NRC, the contractor individual may be denied access to NRC facilities and sensitiveinformation technology systems or data until a final determination is made by DFS/PSB and thereaftercommunicated to the contractor by the NRC Contracting Officer's Representative (COR) regarding the contractorperson's eligibility.

In accordance with NRCAR 2052.204-70 "Security," IT Level I contractors shall be subject to the attached NRCForm 187 and SF-86 which furnishes the basis for providing security requirements to contractors that have or mayhave an NRC contractual relationship which requires access to or operation of agency sensitive informationtechnology systems or remote development and/or analysis of sensitive information technology systems or data orother access to such systems and data; access on a continuing basis (in excess more than 30 calendar days) toNRC buildings; or otherwise requires issuance of an unescorted NRC badge.

SECURITY REQUIREMENTS FOR IT LEVEL 11

Performance under this contract/order will involve contractor personnel that develop and/or analyze sensitiveinformation technology systems or data or otherwise have access to such systems or data (IT Level II).

The IT Level II involves responsibility for the planning, design, operation, or maintenance of a computer systemand all other computer or IT positions.

Contractor personnel shall not have access to sensitive information technology systems or data until they areapproved by DFS/PSB and they have been so informed inwriting by the NRC Contracting Officer'sRepresentative (COR). Temporary access may be approved by DFS/PSB based on a favorable review of theirsecurity forms and checks. Final IT access may be approved by DFS/PSB based on a favorably adjudication.However, temporary access authorization approval will be revoked and the contractor employee maysubsequently be denied IT access in the event the employee's investigation cannot be favorably adjudicated.Such an employee will not be authorized to work under any NRC contract/order requiring IT access without theapproval of DFS/PSB, as communicated in writing to the contractor by the NRC Contracting Officer'sRepresentative (COR). Where temporary access authorization has been revoked or denied by DFS/PSB, thecontractor is responsible for assigning another contractor employee to perform the necessary work under this

contract/order without delay to the contract/order performance schedule, or without adverse impact to any otherterms or conditions of the contract/order. Wheh a contractor employee receives final IT access approval fromDFS/PSB, the individual will be subject to a review or reinvestigation every ten (10) years (assuming continuousperformance under contract/order at NRC) or more frequently in the event of noncontinuous performance undercontract/order at NRC.

CORs are responsible for submitting the completed access/clearance request package as well as otherdocumentation that is necessary to DFS/PSB. The contractor shall submit a completed security forms packet,including the OPM Standard Form (SF) 86 (online Questionnaire for National Security Positions), two (2) copiesof the Contractor's signed pre-screening record and two (2) FD 258 fingerprint charts, to DFS/PSB for review andadjudication, prior to the contractor employee being authorized to perform work under this contract/order.Non-U.S. citizens must provide official documentation to the DFS/PSB, as proof of their legal residency. Thisdocumentation can be a Permanent Resident Card, Temporary Work Visa, Employment Authorization Card, orother official documentation issued by the U.S. Citizenship and Immigration Services. Any applicant with lessthan seven (7) years residency in the U.S. will not be approved for IT Level I1 access. The Contractor shallsubmit the documents to the NRC Contracting Officer's Representative (COR) who will give them to DFS/PSB.The contractor shall ensure that all forms are accurate, complete, and legible. Based on DFS/PSB review of thecontractor employee's security forms and/or the receipt of adverse information by NRC, the contractor employeemay be denied access to NRC facilities, sensitive information technology systems or data until a finaldetermination is made by DFS/PSB regarding the contractor person's eligibility.

In accordance with NRCAR 2052.204-70 "Security," IT Level II contractors shall be subject to the attached NRCForm 187, SF-86, and contractor's record of the pre-screening which furnishes the basis for providing securityrequirements to contractors that have or may have an NRC contractual relationship which requires access to oroperation of agency sensitive information technology systems or remote development and/or analysis of sensitiveinformation technology systems or data or other access to such systems or data; access on a continuing basis (inexcess of more than 30 calendar days) to NRC buildings; or otherwise requires issuance of an unescorted NRCbadge.

CANCELLATION OR TERMINATION OF IT ACCESS/REQUEST

When a request for IT access is to be withdrawn or canceled, the contractor shall immediately notify the NRCContracting Officer's Representative (COR) by telephone so that the access review may be promptlydiscontinued. The notification shall contain the full name of the contractor employee and the date of the request.Telephone notifications must be promptly confirmed by the contractor in writing to the NRC ContractingOfficer's Representative (COR), who will forward the confirmation to DFS/PSB. Additionally, the contractorshall immediately notify the NRC Contracting Officer's Representative (COR) in writing, who will in turn notifyDFS/PSB, when a contractor employee no longer requires access to NRC sensitive automated informationtechnology systems or data, including the voluntary or involuntary separation of employment of a contractoremployee who has been approved for or is being processed for IT access.

The contractor shall flow the requirements of this clause down into all subcontracts and agreements withconsultants for work that requires them to access NRC IT resources.

(End of Clause)

C.3.19 DETERMINATION OF MINIMUM WAGES AND FRINGE BENEFITS - SERVICECONTRACT ACT

Each employee of the Contractor or any subcontractor performing services under this contract shall be paid atleast the minimum allowable monetary wage and fringe benefits prescribed under the U.S. Department of LaborWage Determination attached to the contract.

(End of Clause)

C.3.20 CONTRACTING OFFICER REPRESENTATIVE

(a) The contracting officer's authorized representative (hereinafter referred to as the contracting officerrepresentative) for this contract is:

Name: Mark S. Marziale

Address: U.S. NRC Region 12100 Renaissance Blvd., Suite 100King of Prussia, PA 19406-2713

Telephone Number: 610-337-5062

(b) Performance of the work under this contract is subject to the technical direction of the NRC contractingofficer representative. The term "technical direction" is defined to include the following:

(1) Technical direction to the contractor which shifts work emphasis between areas of work or tasks,authorizes travel which was unanticipated in the Schedule (i.e., travel not contemplated in the Statement of Work(SOW) or changes to specific travel identified in the SOW), fills in details, or otherwise serves to accomplish thecontractual SOW.

(2) Provide advice and guidance to the contractor in the preparation of drawings, specifications, or technicalportions of the work description.

(3) Review and, where required by the contract, approval of technical reports, drawings, specifications, andtechnical information to be delivered by the contractor to the Government under the contract.

(c) Technical direction must be within the general statement of work stated in the contract. The contractingofficer representative does not have the authority to and may not issue any technical direction which:

(1) Constitutes an assignment of work outside the general scope of the contract.

(2) Constitutes a change as defined in the "Changes" clause of this contract.

(3) In any way causes an increase or decrease in the total estimated contract cost, the fixed fee,.if any, or thetime required for contract performance.

(4) Changes any of the expressed terms, conditions, or specifications of the contract.

(5) Terminates the contract, settles any claim or dispute arising under the contract, or issues any unilateraldirective whatever.

(d) All technical directions must be issued in writing by the contracting officer representative or must beconfirmed by the contracting officer representative in writing within ten (10) working days after verbal issuance.

A copy of the written direction must be furnished to the contracting officer. A copy of NRC Form 445, Requestfor Approval of Official Foreign Travel, which has received final approval from the NRC must be furnished to thecontracting officer.

(e) The contractor shall proceed promptly with the performance of technical directions duly issued by thecontracting officer representative in the manner prescribed by this clause and within the contracting officerrepresentative's authority under the provisions of this clause.

(f) If, in the opinion of the contractor, any instruction or direction issued by the contracting officerrepresentative is within one of the categories as defined in paragraph (c) of this section, the contractor may notproceed but shall notify the contracting officer in writing within five (5) working days after the receipt of anyinstruction or direction and shall request the contracting officer to modify the contract accordingly. Uponreceiving the notification from the contractor, the contracting officer shall issue an appropriate contractmodification or advise the contractor in writing that, in the contracting officer's opinion, the technical direction iswithin the scope of this article and does not constitute a change under the "Changes" clause.

(g) Any unauthorized commitment or direction issued by the contracting officer representative may result in anunnecessary delay in the contractor's performance and may even result in the contractor expending funds forunallowable costs under the contract.

(h) A failure of the parties to agree upon the nature of the instruction or direction or upon the contract action tobe taken with respect thereto is subject to 52.233-1 -Disputes.

(i) In addition to providing technical direction as defined in paragraph (b) of the section, the contracting officerrepresentative shall:

(1) Monitor the contractor's technical progress, including surveillance and assessment of performance, andrecommend to the contracting officer changes in requirements.

(2) Assist the contractor in the resolution of technical problems encountered during performance.

(3) Review all costs requested for reimbursement by the contractor and submit to the contracting officerrecommendations for approval, disapproval, or suspension of payment for supplies and services required underthis contract.

(4) Assist the contractor in obtaining the badges for the contractor personnel.

(5) Immediately notify the Security Branch, Division of Facilities and Security (SB/DFS) (via e-mail) whena contractor employee no longer requires access authorization and return of any NRC issued badge to SB/DFSwithin three days after their termination.

(6) Ensure that all contractor employees that require access to classified Restricted Data or National SecurityInformation or matter, access to sensitive unclassified information (Safeguards, Official Use Only, andProprietary information) access to sensitive IT systems or data, unescorted access to NRC controlledbuildings/space, or unescorted access to protected and vital areas of nuclear power plants receive approval ofSB/DFS prior to access in accordance with Management Directive and Handbook 12.3.

(7) For contracts for the design, development, maintenance or operation of Privacy Act Systems of Records,obtain from the contractor as part of closeout procedures, written certification that the contractor has returned toNRC, transferred to the successor contractor, or destroyed at the end of the contract in accordance withinstructions provided by the NRC Systems Manager for Privacy Act Systems of Records, all records (electronic or

paper) which were created, compiled, obtained or maintained under the contract.

(End of Clause)

C.3.21 2052.204.70 SECURITY (MAR 2004)

(a) Contract Security and/or Classification Requirements (NRC Form 187). The policies, procedures, andcriteria of the NRC Security Program, NRC Management Directive (MD) 12 (including MD 12.1, "NRCFacility Security Program;" MD 12.2, "NRC Classified Information Security Program;" MD 12.3, "NRCPersonnel Security Program," MD 12.4, "NRC Telecommunications Systems Security Program;" MD12.5, "NRC Automated Information Systems Security Program;" and MD 12.6, "NRC SensitiveUnclassified Information Security Program"), apply to performance of this contract, subcontract or otheractivity. This MD is incorporated into this contract by reference as though fully set forth herein. Theattached NRC Form 187 (See List of Attachments) furnishes the basis for providing security andclassification requirements to prime contractors, subcontractors, or others (e.g., bidders) who have or mayhave an NRC contractual relationship that requires access to classified Restricted Data or NationalSecurity Information or matter, access to sensitive unclassified information (e.g., Safeguards), access tosensitive Information Technology (IT) systems or data, unescorted access to NRC controlledbuildings/space, or unescorted access to protected and vital areas of nuclear power plants.

(b) It is the contractor's duty to protect National Security Information, Restricted Data, and FormerlyRestricted Data. The contractor shall, in accordance with the Commission's security regulations andrequirements, be responsible for protecting National Security Information, Restricted Data, and FormerlyRestricted Data, and for protecting against sabotage, espionage, loss, and theft, the classified documentsand material in the contractor's possession in connection with the performance of work under thiscontract. Except as otherwise expressly provided in this contract, the contractor shall, upon completion ortermination of this contract, transmit to the Commission any classified matter in the possession of thecontractor or any person under the contractor's control in connection with performance of this contract. Ifretention by the contractor of any classified matter is required after the completion or termination of thecontract and the retention is approved by the contracting officer, the contractor shall complete a certificateof possession to be furnished to the Commission specifying the classified matter to be retained. Thecertification must identify the items and types or categories of matter retained, the conditions governingthe retention of the matter and their period of retention, if known. If the retention is approved by thecontracting officer, the security provisions of the contract continue to be applicable to the matter retained.

(c) In connection with the performance of the work under this contract, the contractor may be furnished, ormay develop or acquire, safeguards information, or confidential or privileged technical, business, orfinancial information, including Commission plans, policies, reports, financial plans, internal dataprotected by the Privacy Act of 1974 (Pub. L. 93.579), or other information which has not been releasedto the public or has been determined by the Commission to be otherwise exempt from disclosure to thepublic. The contractor shall ensure that information protected from public disclosure is maintained asrequired by NRC regulations and policies, as cited in this contract or as otherwise provided by the NRC.The contractor will not directly or indirectly duplicate, disseminate, or disclose the information in wholeor in part to any other person or organization except as may be necessary to perform the work under thiscontract. The contractor agrees to return the information to the Commission or otherwise dispose of it atthe direction of the contracting officer. Failure to comply with this clause is grounds for termination ofthis contract.

(d) Regulations. The contractor agrees to conform to all security regulations and requirements of theCommission which are subject to change as directed by the NRC Division of Facilities and Security(DFS) and the Contracting Officer. These changes will be under the authority of the FAR Changes clausereferenced in this document. The contractor agrees to comply with the security requirements set forth inNRC Management Directive 12.1, NRC Facility Security Program which is incorporated into this contract

by reference as though fully set forth herein. Attention is directed specifically to the section titled"Infractions and Violations," including "Administrative Actions" and "Reporting Infractions."

(e) Definition of National Security Information. The term National Security Information, as used in thisclause, means information that has been determined pursuant to Executive Order 12958 or anypredecessor order to require protection against unauthorized disclosure and that is so designated.

(f) Definition of Restricted Data. The term Restricted Data, as used in this clause, means all data concerningdesign, manufacture, or utilization of atomic weapons; the production of special nuclear material; or theuse of special nuclear material in the production of energy, but does not include data declassified orremoved from the Restricted Data category pursuant to Section 142 of the Atomic Energy Act of 1954, asamended.

(g) Definition of Formerly Restricted Data. The term Formerly Restricted Data, as used in this clause, meansall data removed from the Restricted Data category under Section 142-d of the Atomic Energy Act of1954, as amended.

(h) Definition of Safeguards Information. Sensitive unclassified information that specifically identifies thedetailed security measures of a licensee or an applicant for the physical protection of special nuclearmaterial; or security measures for the physical protection and location of certain plant equipment vital tothe safety of production of utilization facilities. Protection of this information is required pursuant toSection 147 of the Atomic Energy Act of 1954, as amended.

(i) Security Clearance. The contractor may not permit any individual to have access to Restricted Data,Formerly Restricted Data, or other classified information, except in accordance with the Atomic EnergyAct of 1954, as amended, and the Commission's regulations or requirements applicable to the particulartype or category of classified information to which access is required, The contractor shall also execute aStandard Form 312, Classified Information Nondisclosure Agreement, when access to classifiedinformation is required.

(j) Criminal Liabilities. It is understood that disclosure of National Security Information, Restricted Data,and Formerly Restricted Data relating to the work or services ordered hereunder to any person not entitledto receive it, or failure to safeguard any Restricted Data, Formerly Restricted Data, or any other classifiedmatter that may come to the contractor or any person under the contractor's control in connection withwork under this contract, may subject the contractor, its agents, employees, or subcontractors to criminalliability under the laws of the United States. (See the Atomic Energy Act of 1954, as amended, 42 U.S.C.2011 et seq.; 18 U.S.C. 793 and 794; and Executive Order 12958.)

(k) Subcontracts and Purchase Orders. Except as otherwise authorized in writing by the contracting officer,the contractor shall insert provisions similar to the foregoing in all subcontracts and purchase orders underthis contract.

(1) In performing the contract work, the contractor shall classify all documents, material, and equipmentoriginated or generated by the contractor in accordance with guidance issued by the Commission. Everysubcontract and purchase order issued hereunder involving the origination or generation of classifieddocuments, material, and equipment must provide that the subcontractor or supplier assign classificationto all documents, material, and equipment in accordance with guidance furnished by the contractor.

(End of Clause)

C.3.22 2052.204-71 BADGE REQUIREMENTS FOR UNESCORTED BUILDINGACCESS TO NRC FACILITIES (MAR 2006)

During the life of this contract, the rights of ingress and egress for contractor personnel must be made available,as required, provided that the individual has been approved for unescorted access after a favorable adjudicationfrom the Security Branch, Division of Facilities and Security (SB/DFS).

In this regard, all contractor personnel whose duties under this contract require their presence on site shall beclearly identifiable by a distinctive badge furnished by the NRC. The Project Officer shall assist the contractor inobtaining badges for the contractor personnel. All contractor personnel must present two forms of Identity SourceDocuments (1-9). One of the documents must be a valid picture ID issued by a state or by the FederalGovernment. Original 1-9 documents must be presented in person for certification. A list of acceptable documentscan be found at http://www.usdoj.gov/crt/recruit_employ/i9form.pdf. It is the sole responsibility of the contractorto ensure that each employee has a proper NRC-issued identification/badge at all times. All photo-identificationbadges must be immediately (no later than three days) delivered to SB/DFS for cancellation or disposition uponthe termination of employment of any contractor personnel. Contractor personnel must display any NRC issuedbadge in clear view at all times during on site performance under this contract. It is the contractor's duty to assurethat contractor personnel enter only those work areas necessary for performance of contract work, and to assurethe protection of any Government records or data that contractor personnel may come into contact with.

(End of Clause)

C.3.23 SECURITY REQUIREMENTS FOR BUILDING ACCESS APPROVAL (AUG 2011)

The Contractor shall ensure that all its employees, subcontractor employees or consultants who are assigned toperform the work herein for contract performance for periods of more than 30 calendar days at NRC facilities, areapproved by the NRC for unescorted NRC building access.

The Contractor shall conduct a preliminary federal facilities security screening interview or review for each of itsemployees, subcontractor employees, and consultants and submit to the NRC only the names of candidates forcontract performance that have a reasonable probability of obtaining approval necessary for access to NRC'sfederal facilities. The Contractor shall pre-screen its applicants for the following:

(a) felony arrest in the last seven (7) years; (b) alcohol related arrest within the last five (5) years; (c) record ofany military courts-martial convictions in the past ten (10) years; (d) illegal use of narcotics or other controlledsubstances possession in the past year, or illegal purchase, production, transfer, or distribution of narcotics orother controlled substances in the last seven (7) years; and (e) delinquency on any federal debtsor bankruptcy in the last seven (7) years.

The Contractor shall make a written record of its pre-screening interview or review (including any information tomitigate the responses to items listed in (a) - (e)), and have the applicant verify the pre-screening record or review.sign and date it. Two (2) copies of the pre-screening signed record or review shall be supplied to the Division ofFacilities and Security, Personnel SecurityBranch (DFS/PSB) with the Contractor employee's completed building access application package.

The Contractor shall further ensure that its employees, any subcontractor employees and consultants complete allbuilding access security applications required by this clause within fourteen (14) calendar days of notification byDFS/PSB of initiation of the application process. Timely receipt of properly completed records of the Contractor'ssigned pre-screening record or review and building access security applications (submitted for candidates thathave a reasonable probability of obtaining the level of access authorization necessary for access to NRC's

facilities) is a contract requirement. Failure of theContractor to comply with this contract administration requirement may be a basis to cancel the award, orterminate the contract for default, or offset from the contract's invoiced cost or price the NRC's incurred costs ordelays as a result of inadequate pre-screening by the Contractor. In the event of cancellation or termination, theNRC may select another firm for contract award.

A Contractor, subcontractor employee or consultant shall not have access toNRC facilities until he/she is approved by DFS/PSB. Temporary access may be approved based on a favorableNRC review and discretionary determination of their building access security forms. Final building access will beapproved based on favorably adjudicated checks by the Government. However, temporary access approval will berevoked and the Contractor's employee may subsequently be denied access in the event the employee'sinvestigation cannot be favorably determined by the NRC. Such employee will not be authorized to work underany NRC contract requiring building access without the approval of DFS/PSB. When an individual receives finalaccess, the individual will be subject to a review or reinvestigation every five (5) or ten (10) years, depending ontheir job responsibilities at the NRC.

The Government shall have and exercise full and complete control and discretion over granting, denying,withholding, or terminating building access approvals for individuals performing work under this contract.Individuals performing work under this contract at NRC facilities for a period of more than30 calendar days shall be required to complete and submit to the Contractor representative an acceptable OPMStandard Form 85 (Questionnaire for Non- Sensitive Positions), and two (2) FD 258 (Fingerprint Charts).Non-U.S. citizens must provide official documentation to the DFS/PSB, as proof of their legal residency. Thisdocumentation can be a Permanent Resident Card, Temporary Work Visa, Employment Authorization Card, orother official documentation issued by the U.S. Citizenship and Immigration Services. Any applicant with lessthan five (5) years residency in the U.S. will not be approved for building access.The Contractor shall submit the documents to the NRC Contracting Officer's Representative (COR) who will givethem to DFS/PSB.

DFS/PSB may, among other things, grant or deny temporary unescorted building access approval to an individualbased upon its review of the information contained in the OPM Standard Form 85 and the Contractor'spre-screening record.Also, in the exercise of its authority, the Government may, among other things, grant or deny permanent buildingaccess approval based on the results of its review or investigation. This submittal requirement also applies to theofficers of the firm who, for any reason, may visit the NRC work sites for an extended period of time during theterm of the contract. In the event that DFS/PSB are unable to grant a temporary or permanent building access approval, to any individual performing workunder this contract, the Contractor is responsible for assigning another individual to perform the necessaryfunction without any delay in the contract's performance schedule, or without adverse impact to any other terms*or conditions of the contract. The Contractor is responsible for informing those affected by this procedure of therequired building access approval process (i.e., temporary and permanent determinations), and the possibility thatindividuals may be required to wait until permanent building access approvals are granted before beginning workin NRC's buildings.

CANCELLATION OR TERMINATION OF BUILDING ACCESS/ REQUEST

The Contractor shall immediately notify the PO when a Contractor or subcontractor employee or consultant's needfor NRC building access approval is withdrawn or the need by the Contractor employee's for building accessterminates. The PO will immediately notify DFS/PSB (via e-mail) when aContractor employee no longer requires building access. The Contractor shall be required to return any NRCissued badges to the Contracting Officer'sRepresentative (COR) for return to DFS/FSB (Facilities Security Branch) within three (3) days after their

termination.

(End of Clause)

C.3.24 SECURITY REQUIREMENTS FOR INFORMATION TECHNOLOGY LEVEL I OR LEVEL I1ACCESS APPROVAL (AUG 2011)

The contractor must identify all individuals selected to work under this contract. The NRC Contracting Officer'sRepresentative (COR) shall make the final determination of the level, if any, of IT access approval required for allindividuals working under this contract/order using the following guidance. TheGovernment shall have full and complete control and discretion over granting, denying, withholding, orterminating IT access approvals for contractor personnel performing work under this contract/order.

The contractor shall conduct a preliminary security interview or review for each employee requiring IT level I or11 access and submit to the Government only the names of candidates that have a reasonable probability ofobtaining the level of IT access approval for which the employee has been proposed. The contractor shallpre-screen its applicants for the following:

(a) felony arrest in the last seven (7) years; (b) alcohol related arrest within the last five (5) years; (c) record ofany military courts-martial convictions in the past ten (10) years; (d) illegal use of narcotics or other controlledsubstances possession in the past year, or illegal purchase, production, transfer, or distribution of narcotics orother controlled substances in the last seven (7) years; and (e) delinquency on any federal debts or bankruptcy inthe last seven (7) years.

The contractor shall make a written record of its pre-screening interview or review (including any information tomitigate the responses to items listed in (a) - (e)), and have the employee verify the pre-screening record orreview, sign and date it. The contractor shall supply two (2) copies of the signed contractor's pre-screening recordor review to the NRC Contracting Officer's Representative (COR), who will then provide them to the NRC Officeof Administration, Division of Facilities and Security, Personnel Security Branch with the employee's completedIT access application package.

The contractor shall further ensure that its personnel complete all IT access approval security applicationsrequired by this clause within fourteen (14) calendar days of notification by the NRC Contracting Officer'sRepresentative (COR) of initiation of the application process. Timely receipt of properly completed records of thepre-screening record and IT access approval applications (submitted for candidates that have a reasonableprobability of obtaining the level of security assurance necessary for access to NRC's IT systems/data) is arequirement of this contract/order. Failure of the contractor to comply with this requirement may be a basisto terminate the contract/order for cause, or offset from the contract's invoiced cost or price the NRC's incurredcosts or delays as a result of inadequate pre-screening by the contractor.

SECURITY REQUIREMENTS FOR IT LEVEL I

Performance under this contract/order will involve contractor personnel who perform services requiring directaccess to or operate agency sensitive information technology systems or data (IT Level 1). The IT Level I involvesresponsibility for the planning, direction, and implementation of a computer security program; malorresponsibility for the direction, planning, and design of a computer system, including hardware and software; orthe capability to access a computer system during its operation Or maintenance in such a way that could cause orthat has a relatively high risk of causing grave damage; or the capability to realize a significant personal gain from

computer access.

Contractor personnel shall not have access to sensitive information technology systems or data until they areapproved by DFS/PSB and they have been so infdrmed in writing by the NRC Contracting Officer'sRepresentative (COR). Temporary IT access may be approved by DFS/PSB based on a favorable review oradjudication of their security forms and checks. Final IT access may be approved by DFS/PSB based on afavorably review or adjudication of a completed background investigation. However, temporary accessauthorization approval will be revoked and the employee may subsequently be denied IT access in the event theemployee's investigation cannot be favorably adjudicated. Such an employee will not be authorized to work underany NRC contract/order requiring IT access without the approval of DFS/PSB, as communicated in writing to thecontractor by the NRC Contracting Officer's Representative (COR). Where temporary access authorization hasbeen revoked or denied by DFS/PSB, the contractor shall assign another contractor employee to perform thenecessary work under this contract/ order without delay to the contract/order performance schedule, or withoutadverse impact to any other terms or conditions of the contract/order. When an individual receives final IT accessapproval from DFS/PSB, the individual will be subject to a reinvestigation every ten (10) years thereafter(assuming continuous performance under contract/order at NRC) or more frequently in the event ofnoncontinuous performance under contract/order at NRC.

The contractor shall submit a completed security forms packet, including the OPM Standard Form (SF) 86(Questionnaire for National Security Positions), two (2) copies of the Contractor's signed pre-screening record andtwo (2) FD 258 fingerprint charts, to the NRC PO who will then provide them to DFS/PSB for review andadjudication, prior to the individual being authorized to perform work under this contract/order requiring access tosensitive information technology systems or data. Non-U.S. citizens must provide official documentation to theDFS/PSB, as proof of their legal residency. This documentation can be a Permanent Resident Card, TemporaryWork Visa, Employnient Authorization Card, or other official documentation issued by the U.S. Citizenship andImmigration Services. Any applicant with less than seven (7) years residency in the U.S. will not be approved forIT Level I access. The Contractor shall submit the documents to the NRC Contracting Officer's Representative(COR) who will give them to DFS/PSB. The contractor shall ensure that all forms are accurate, complete, andlegible. Based on DFS/PSB review of the contractor employee's security forms and/or the receipt of adverseinformation by NRC, the contractor individual may be denied access to NRC facilities and sensitive informationtechnology systems or data until a final determination is made by DFS/PSB and thereafter communicated to thecontractorby the NRC Contracting Officer's Representative (COR) regarding the contractor person's eligibility.

In accordance with NRCAR 2052.204-70 "Security," IT Level I contractors shall be subject to the attached NRCForm 187 and SF-86 which furnishes the basis for providing security requirements to contractors that have or mayhave an NRC contractual relationship which requires access to or operation of agency sensitive informationtechnology systems or remote development and/or analysis of sensitive information technology systems or data orother access to such systems and data; access on a continuing basis (in excess more than 30 calendar days) toNRC buildings; or otherwise requires issuance of an unescorted NRC badge.

SECURITY REQUIREMENTS FOR IT LEVEL II

Performance under this contract/order will involve contractor personnel that develop and/or analyze sensitiveinformation technology systems or data or otherwise have access to such systems or data (IT Level II).The IT Level II involves responsibility for the planning, design, operation, or maintenance of a computer systemand all other computer or IT positions.

Contractor pers6finel shall not have access to sensitive information technology systems or data until they areapproved by DFS/PSB and they have been so informed in writing by the NRC Contracting Officer'sRepresentative (COR). Temporary access may be approved by DFS/PSB based on a favorable review of their

security forms and checks. Final IT access may be approved by DFS/PSB based on a favorably adjudication.However, temporary access authorization approval will be revoked and the contractor employee maysubsequently be denied IT access in the event the employee's investigation cannot be favorably adjudicated. Suchan employee will not be authorized to work under any NRC contract/order requiringIT access without the approval of DFS/PSB, as communicated in writing to the contractor by the NRCContracting Officer's Representative (COR). Where temporary access authorization has been revoked or deniedby DFS/PSB, the contractor is responsible for assigning another contractor employee to perform the necessarywork under this contract/order without delay to the contract/order performance schedule, or without adverseimpact to any other terms or conditions of the contract/order. When a contractor employee receives final IT accessapproval from DFS/PSB, the individual will be subject to a review or reinvestigation every ten (10) years(assuming continuous performance under contract/order at NRC) or more frequently in the event ofnoncontinuous performance under contract/order at NRC.

The contractor shall submit a completed security forms packet, including the OPM Standard Form (SF) 86(Questionnaire for National Security Positions), two (2) copies of the Contractor's signed pre-screening record andtwo (2) FD 258 fingerprint charts, through the NRC Contracting Officer's Representative (COR) to DFS/PSB forreview and adjudication, prior to the contractor employee being authorized to perform work under thiscontract/order. Non-U.S. citizens must provide official documentation to the DFS/PSB, as proof of their legalresidency. This documentation can be a Permanent Resident Card, Temporary Work Visa, EmploymentAuthorization Card, or other official documentation issued by the U.S. Citizenship and Immigration Services.Any applicant with less than seven (7) years residency in the U.S. will not be approved for IT Level II access. TheContractor shall submit the documents to the NRC Contracting Officer's Representative (COR) who will givethem to DFS/PSB. The contractor shall ensure that all forms are accurate, complete, and legible. Based on DFS/PSB review of the contractor employee's security forms and/or the receipt of adverse information by NRC, thecontractor employee may be denied access to NRC facilities, sensitive information technology systems or datauntil a final determination is made by DFS/PSB regarding the contractor person's eligibility.

In accordance with NRCAR 2052.204-70 "Security," IT Level II contractors shall be subject to the attached NRCForm 187, SF-86, and contractor's record of the pre-screening which furnishes the basis for providing securityrequirements to contractors that have or may have an NRC contractual relationship which requires access to oroperation of agency sensitive information technology systems or remote development and/or analysis of sensitiveinformation technology systems or data or other access to such systems or data; access on a continuing basis ( inexcess of more than 30 calendar days) to NRC buildings, or otherwise requires issuance of an unescorted NRCbadge.

CANCELLATION OR TERMINATION OF IT ACCESS/REQUEST

When a request for IT access is to be withdrawn or canceled, the contractor shall immediately notify the NRCContracting Officer's Representative (COR) by telephone so that the access review may be promptly discontinued.The notification shall contain the full name of the contractor employee and the date of the request. Telephonenotifications must be promptly confirmed by the contractor in writing to the NRC Contracting Officer'sRepresentative (COR), who will forward the confirmation to DFS/PSB. Additionally, the contractor shallimmediately notify the NRC Contracting Officer's Representative (COR) in writing, who will in turn notifyDFS/PSB, when a contractor employee no longer requires access to NRC sensitive automated informationtechnology systems or data, including the voluntary or involuntary separation of employment of a contractoremployee who has been approved for or is being processed for IT access.

The contractor shall flow the requirements of this clause down into all subcontracts and agreements withconsultants for work that requires them to access NRC IT resources. "

(End of Clause)

C.3.25 DRUG FREE WORKPLACE TESTING: UNESCORTED ACCESS TO NUCLEAR FACILITIES,ACCESS TO CLASSIFIED INFORMATION OR SAFEGUARDS INFORMATION, ORPERFORMING IN SPECIALLY SENSITIVE POSITIONS (AUG 2011)

All contractor employees, subcontractor employees, and consultants proposed for performance or performingunder this contract shall be subject to pre- assignment, random, reasonable suspicion, and post-accident drugtesting applicable to:(1) individuals who require unescorted access to nuclear power plants, (2) individuals whohave access to classified or safeguards information, (3) individuals who are required to carry firearms inperforming security services for the NRC, (4) individuals who are required to operate government vehicles ortransport passengers for the NRC, (5) individuals who ate required to operate hazardous equipment at NRCfacilities, or (6) individuals who admit to recent illegal drug use or those who are found through other means to beusing drugs illegally. The Plan includes a contractor's employees and their subcontractors are subject to theprocedures and terms of their employment agreements with their employer.

The NRC Drug Program Manager will schedule the drug testing for all contractor employees, subcontractoremployees, and consultants who are subject to testing under this clause. Any NRC contractor found to be using,selling, or possessing illegal drugs, or any contractor with a verified positive drug test result under this programwhile in a duty status will immediately be removed from working under the NRC contract. The contractor'semployer will be notified of the denial or revocation of the individual's authorization to have access toinformation and ability to perform under the contract. The individual may not work on any NRC contract for aperiod of not less than one year from the date of the failed drug test and will not be considered for reinstatementunless evidence of rehabilitation, as determined by the NRC "drug testing contractor's" Medical Review Officer,is provided.

Contractor drug testing records are protected under the NRC Privacy Act Systems of Records, System 35, "DrugTesting Program Records - NRC" found at: http://www.nrc.gov/readin2-nni/foia/privacv-svstenis:htmi

(End of Clause)

SECTION D DOCUMENTS, EXHIBITS, ATTACHMENTS

D.1 ATTACHEMENTS

Attachment I - Performance Work Statement: January 10, 2014, 9 pages

Attachment II - Firm-Fixed Price Billing Instructions

PERFORMANCE WORK STATEMENT

1.0 Title of Project

This is a non-personnel services contract to provide the U.S. Nuclear Regulatory Commission(NRC) Region I Telecommunications System Private Branch Exchange (PBX) Maintenance.

2.0 Introduction

The contractor shall provide all personnel, equipment, supplies, facilities, transportation, tools,materials, supervision, and other items and non-personal services, necessary to performTelecommunication System (PBX) Maintenance for NRC Region I as defined in thisperformance work statement (PWS), except for those items specified as Government-furnished property. The contractor shall perform to the standards in this contract.

3.0 Background

The mission of the NRC is to license and regulate the nation's civilian use of byproduct, source,and special nuclear materials to ensure adequate protection of public health and safety, promotethe common defense and security, and protect the environment. The NRC's scope ofresponsibility includes regulation of commercial nuclear power plants; research, test, and trainingreactors; nuclear fuel cycle facilities (also called fuel cycle facilities); medical, academic, andindustrial uses of radioactive materials; and the transport, storage, and disposal of radioactivematerials and wastes. The NRC's regulations are designed to protect the public andoccupational workers from radiation hazards in those industries using radioactive materials.

To fulfill NRC's mission of ensuring that the public is adequately protected, uninterruptedoperation of NRC Region I telecommunication system maintenance system is required. NRCRegion I headquarters is located in King of Prussia, PA.

4.0 Obiective

The objective of this contract is to obtain for NRC Region I telecommunications systemmaintenance and associated support and to provide uninterrupted operation of thetelecommunications system, 24 hours per day, 7 days per week, and 365 days per year.

5.0 Scope of Work

The contractor shall provide telecommunications system maintenance, repair and associatedsupport as required within this PWS for the telecommunication systems/equipment (hardware,software and all associated subcomponents, (i.e. cards, switches, card shelves, etc.) listedbelow.

Quantity Unit Manufacturer Model VersionPBX includesAvaya

1 Element Nortel/Avaya CS1000E 7.5Manager(EM)

CallPilot

1 (Voicemail Nortel/Avaya 1002rp 5.0 SU1 1w/back-updrive)

1 Smart-UPS APC RT 8000 XL N/A

Call Data Strada Tel1 Recording Dyna Lync Premium N/A

(CDR)Integrated

1 Conference Nortel/Avaya N/A N/ABridge (ICB)

The communications media are as follows: one (1) local T1 (Windstream), three (3) PRI's(Primary Rate Interface) for local service (Windstream), three (3) PRI's for long distance (VerizonBusiness), and four (4) tie trunks to the Avaya G450 media gateway to support softphones and24 audio feeds in the region's Incident Response Center (IRC) to the PBX.

The primary NRC technical point-of-contact shall be the Contracting Officer's Representative(COR). If the contractor requires a response from the NRC outside of the COR's regular workschedule, the contractor shall contact designated NRC personnel. A list of designated NRCcontacts will be provided to the contractor at the kick-off meeting (See Section 12.0) andupdated by the COR throughout the period of performance of the contract, as required. Updatesto the designated NRC contacts list will be provided by the COR to the contractor via e-mail.

Tasks

5.1 Telecommunications System Maintenance

The contractor shall provide monthly telecommunication system maintenance. Maintenanceservices shall consist of keeping equipment in serviceable condition or restoring equipment toserviceable condition. The contractor shall bear all costs of monthly maintenance service,including labor, as necessary to keep the equipment operational. The monthly maintenanceshall include remedial maintenance and any emergency services needed to restore theequipment to good working order, installation of mandatory engineering changes andenhancements, and software programming changes, as necessary, to correct system programerrors or malfunctions.

The contractor shall provide/install system updates/patches recommended by the manufacturerto keep the system/equipment in good working order and to maintain the equipment at the mostcurrent operating system level. These updates shall include software and firmware required,and the updates shall be installed on a quarterly basis. All updates/patches shall require prior

2

NRC review and written approval from the COR. Updates and patches requiring system rebootsor system unavailability shall be scheduled with the COR.

5.1.1 Coverage

The contractor shall provide maintenance coverage 24 hours a day, 7 days a week, 365 daysper year. The contractor shall provide a telephone number for NRC to submit services calls tothe contractor. Service calls shall be responded to 24 hours a day, 7 days a week. Thecontractor shall repair/replace all inoperable equipment on-site. The contractor shall not removeany equipment from the NRC facility without prior approval from the COR or designated NRCcontact, and without leaving functioning replacement equipment in its place.

5.1.2 Response Time

5.1.2.1 Emergency Response Time (Major Outage)

The contractor shall respond by phone follow-up within one (1) hour of notification, and ifneeded, arrive on-site within four (4) hours of notification for a major outage. A major outage isserious loss of function such as loss of one (1) core system, loss of more than one (1) PRI/T1connection (due to card failure), uninterrupted power supply (UPS) failure, loss of CallPilotvoicemail, or loss of external call routing.

5.1.2.2 Non-Emergency Response Time

The contractor shall respond by phone follow-up within four (4) hours of notification, and ifneeded, shall arrive on site the next business day. A minor situation is one that does not affectsystem service such as hardware failure of one particular phone set, phone set programming, orTerminal Number port malfunction.

5.1.3 Maintenance/Service Call Documentation

All work performed on the equipment shall be recorded on a maintenance action service reportform, which will be provided by the COR or designated NRC contact. Contractor personnel shallcomplete a separate report for each equipment failure and/or service call and shall include adetailed description of the work performed in accordance with the requirements of Section 6.1.1.The contractor's service technician and an NRC contact will sign the bottom of the form toacknowledge completion of the work performed. NRC personnel will file a copy of each report ina service binder, which shall be kept in the PBX room (1041) for future reference.

5.1.4 Security Analysis

The contractor shall address and resolve all issues related to the security of the PBX. Thecontractor shall comply with NRC administrative, physical, and technical security controls toensure all of the NRC's security requirements are met.

The contractor shall notify the COR or designated NRC contact of new or recurringsecurity problems via email within four (4) hours of identifying the problem. Thecontractor shall prioritize all problems that pose a security threat, in order of highest-to-lowest priority, and shall include recommendations for eliminating or reducing eachthreat.

3

* All information used to access and configure the PBX shall be protected by thecontractor to ensure the information is not disclosed to unauthorized personnel.

, Contractor personnel shall not access the PBX, either on-site or remotely, withoutprior authorization from the COR or designated NRC contact.

* Contractor personnel accessing the PBX shall not bypass user security procedures., Any changes to security features or security defaults shall be documented via e-mail

to the COR for approval prior to implementation of the changes.* Security issues that have been identified shall be corrected within the timeframe

designated by the COR or designated NRC contact.* The contractor shall provide documentation via e-mail to the COR that describes the

effective administration, operation, and use of new security software features and fixesat the time they are implemented.

5.1.5 Annual System Condition Audit

The contractor shall perform an annual condition audit of all systems, alarms and system eventlogs, to identify any performance concerns, including patch/release levels and upgradesavailable, complete a written Annual System Condition Audit Report (See 6.1.2), and review theresults with the COR. The annual condition audit shall also include an inventory of the followingsystem components: PBX system circuit cards (with part numbers), station and trunk ports,CallPilot ports and channels, and CallPilot mailboxes. The contractor shall perform the auditwithin the first thirty (30) calendar days of each performance period.

5.1.6 Quarterly Condition Review

The contractor shall perform a quarterly condition review of the PBX, its alarms and systemevent logs, to identify any performance concerns, complete a written Quarterly ConditionReview Report (See 6.1.3),and review the results with the COR. The contractor shall performthe review within thirty (30) calendar days of the first month of each quarter during theperformance period. Government fiscal year quarters are as follows: (1st: Oct-Dec; 2nd: Jan-Mar; 3rd: Apr-Jun; and 4th: Jul-Sep.).

5.2 Annual PBX Security Audit

The contractor shall perform an annual PBX security audit that identifies system security risksand available enhancements for all equipment and software within scope of this contract,complete a written Annual Security Audit Report (See 6.1.4), and review the results with theCOR. The contractor shall perform the audit within the first thirty (30) calendar days of eachperformance period.

5.3 Annual UPS Verification Test

The contractor shall perform an annual test on the PBX UPS to ensure that it is operatingproperly, in accordance with the manufacturer's specifications, complete a written Annual UPSVerification Test Report (See 6.1.5), and review the test results with the COR. The contractorshall perform the verification test within the first thirty (30) calendar days of each performanceperiod.

4

5,4 Project Supplemental Technical Support

The contractor shall provide supplemental technical support when requested by the COR ordesignated NRC contact (estimated at 40 hours per year) to include, but not limited to, thefollowing: line appearances, forwarding capabilities, changes/add-ons/moves, providingIntegrated Services Digital Network (ISDN) circuits for secure phones, and ensuring UnifiedCommunication Manager (UCM) functionality. The contractor shall be required to complete amaintenance action service report for each occurrence of project supplemental technical support.Supplemental technical support shall be provided via phone, remote computer connection or on-site, as needed, to accomplish the task.

5.5 Replacement Parts

The contractor shall be responsible for obtaining any required replacement parts that arenecessary to keep the system fully functional. The contractor shall not purchase anyreplacement parts without the prior written approval of the COR or designated NRC contact.The contractor shall first attempt to obtain the parts under the system warranty, at no additionalcost to the Government. If the parts are not covered by the system warranty, the contractor shallthen attempt to obtain the parts via the Avaya PASS Service. If the parts are not available underthe Avaya PASS Service, the contractor shall purchase the parts on an open market basis. Toreceive Government reimbursement for parts purchased by the contractor, for each purchasedpart, the contractor shall provide a copy of the invoice/receipt as an attachment to the monthlyinvoice submitted to the NRC. The contractor will not be reimbursed for parts purchased withoutthis supporting documentation.

6.0 Performance Requirements

6.1 Services/Deliverables

6.1.1 Maintenance Action Service Report

At a minimum, the following data shall be recorded on each maintenance action service report:

* Date and time of the maintenance/service call visit* Name and contact information of the service technician* Equipment location* Type and description of equipment maintained/serviced• Serial number and/or property tag number of equipment* Description of failure, if any* Summary of work performed* Time equipment returned to in-service condition* Signature of the service technician who performed the work* Signature of NRC contact accepting the unit back in-service or accepting that the

maintenance was performed accurately

The contractor shall provide a hard copy of the maintenance action service report to the NRCcontact at the end of each maintenance/service call, and shall provide the report to the CORelectronically, within 24 hours of completion of the call.

5

6.1.2 Annual System Condition Audit Report

The contractor shall provide a written report of the annual PBX system condition audit thatincludes, at a minimum, the following information: list of activities performed, issues, concerns,and recommendations.The report shall be provided to the COR, via email, no later than (NLT) seven (7) calendardays after completion of the audit.

6.1.3 Quarterly Condition Review Report

The contractor shall prepare a written report of the quarterly PBX condition review that includes,at a minimum, the following information: list of activities performed, issues, concerns, andrecommendations. The report shall be provided to the COR, via email, NLT seven (7) calendardays after completion of the review.

6.1.4 Annual Security Audit Report

The contractor shall provide a written report of the annual PBX security audit that includes,at a minimum, the following information: list of activities performed, issues, concerns, andrecommendations. The report shall be provided to the COR, via email, NLT seven (7)calendar days after completion of the audit.

6.1.5 Annual UPS Verification Test Report

The contractor shall provide a written report of the annual PBX UPS verification test thatincludes, at a minimum, the following information: list of activities performed, issues, concerns,and recommendations. The report shall be provided to the COR, via email, NLT seven (7)calendar days after completion of the test.

6.2 Performance Standards

Contractor performance is considered acceptable according to-the criteria delineated in the tablebelow. Failure to meet the performance standards may have a negative impact on theGovernment's decision to exercise option periods for future periods of performance. Also, eachperformance standard failure during the year will be noted in the contractor's annual ContractorPerformance Assessment Report for that year.

6

Method of PerformanceRequired Service Performance Standard SurvedllancerRequireeSurveillance Requirement

5.1.2.1 Respond by phone follow up COR/Designated NRC On timeEmergency within 1 hour of notification, and if Contact responseResponse Time needed, on-site within 4 hours of documentation of time of(Major Outage) notification returned call

5.1.2.2 Non- Respond by phone follow up within COR/Designated NRC On timeEmergency 4 hours of notification, and if Contact responseResponse Time needed, on-site the next business documentation of

day time of returned call

6.1.1 Hard copy report provided at end of COR/Designated NRC On timeMaintenance each maintenance/service call and Contact submissionAction Service submitted electronically within 24 documentation of reportReport hours of completion of the call receipt date

5.1.5 Annual Audit completed within the first 30 COR documentation of On timeSystem Condition calendar days of each performance audit completion completionAudit period

6.1.2 Annual Report submitted NLT seven (7) COR documentation of On timeSystem Condition calendar days after completion of report receipt date submissionAudit Report the audit

Report is accurate and contains all COR Review No incorrectrequired information or missing

informationin the report

5.1.6 Quarterly Review completed within 30 COR documentation of On timeCondition Review calendar days of the first month of review completion completion

each quarter during theperformance period

6.1.3 Quarterly Report submitted NLT seven (7) COR documentation of On timeCondition Review calendar days after completion of report receipt date submissionReport the review

Report is accurate and contains all COR Review No incorrectrequired information or missing

informationin the report

5.2 Annual Audit completed within the first 30 COR documentation of On timeSecurity Audit calendar days of each performance audit completion completion

period

7

6.1.4 Annual Report submitted NLT seven (7) COR documentation of On timeSecurity Audit calendar days after completion of report receipt date submissionReport the audit

Report is accurate and contains all COR Review No incorrectrequired information or missing

informationin the report

5.3 Annual UPS Test completed within the first 30 COR documentation of On timeVerification Test calendar days of each performance test completion completion

period

6.1.5 Annual UPS Report submitted NLT seven (7) COR documentation of On timeVerification Test calendar days after completion of report receipt date submissionReport the test

Report is accurate and contains all COR Review No incorrectrequired information or missing

informationin the report

7.0 Inventory

The NRC Telecommunications System (equipment and associated configuration) listed belowwill be made available to the contractor, as necessary, upon contract award.

Equipment and Associated Configuration

Avaya 1140e IP desk phones

Avaya 2033 IP conference phones

Avaya 1210 IP desk phones

Avaya 1100 Series expansion modules

Plantronics CT14 Cordless Headset Phones

Nortel ICB

T1 digital transmission line

PRI transmission lines

CallPilot voice channels

CallPilot fax channels

CallPilot voice mailboxes

Kentrox Carrier Sense Units

8

8.0 Access to Government Property and Facilities

Upon arrival at NRC Region I, contractor personnel are required to check-in at the security deskto obtain a visitor's badge. Contractors are required to be escorted by an NRC employee at alltimes while in an NRC facility.

9.0 Place of Performance

U.S. Nuclear Regulatory Commission (NRC) Region I2100 Renaissance Blvd., Suite 100King of Prussia, PA 19406

10.0 Federal Holidays

Contractor is required to perform services on Federal holidays, if necessary.

11.0 Security Requirements

Contractor personnel performing work under this contract must have or be able to obtain anNRC Information Technology (IT) Level II access. Contractor personnel shall maintain the levelof security required for the life of the contract.

12.0 Kick-off Meetinq

The contractor shall attend a one-time kick-off meeting (either in person or via conference call) todiscuss the tasks, deliverables and performance requirements of the contract. The kick-offmeeting shall be held within five (5) working days of contract award.

13.0 Personnel Qualification Requirements

The contractor shall provide personnel that have been trained, are fully qualified, and possess aminimum of two (2) years of experience maintaining and repairing telecommunications systemsand equipment similar to the type at NRC Region I. This shall include repair, maintenancesupport services (to both hard and software) and other ancillary maintenance support servicesas described in this PWS. Contractor personnel must be Avaya/Nortel CS1000 certifiedtechnicians.

14.0 Travel

The contractor shall not be reimbursed for any travel, either local or long distance, performedunder this contract.

9

ATTACHMENT 3

BILLING INSTRUCTIONS FORFIXED-PRICE TYPE CONTRACTS (MAY 2013)

General: During performance and through final payment of this contract, the contractor isresponsible for the accuracy and completeness of data within the Central ContractorRegistration (CCR) database and for any liability resulting from the Government's reliance oninaccurate or incomplete CCR data.

The contractor shall prepare invoices/vouchers for payment of deliverables identified in thecontract, in the manner described herein. FAILURE TO SUBMIT INVOICESNOUCHERS INACCORDANCE WITH THESE INSTRUCTIONS MAY RESULT IN REJECTION OF THEINVOICENOUCHER AS IMPROPER.

Standard Forms: Payment requests for completed work, in accordance with the contract, shallbe submitted on the payee's letterhead, invoice/voucher, or on the Government's StandardForm 1034, "Public Voucher for Purchases and Services Other than Personal," and StandardForm 1035, "Public Voucher for Purchases Other than Personal--Continuation Sheet."

Electronic Invoice/Voucher Submissions: The preferred method of submittinginvoices/vouchers is electronically to the U.S. Nuclear Regulatory Commission, via email to:N RCPayments(cnrc.qov.

Hard-Copy Invoice/Voucher Submissions: If you submit a hard-copy of the invoice/voucher,a signed original and supporting documentation shall be submitted to the following address:

NRC PaymentsU.S. Nuclear Regulatory CommissionOne White Flint North11555 Rockville PikeMailstop 03-E17ARockville, MD 20852-2738

Purchase of Capital Property: ($50,000 or more with life of one year orlonger)

Contractors must report to the Contracting Officer, electronically, any capital property acquiredwith contract funds having an initial cost of $50,000 or more, in accordance with procedures setforth in NRC Management Directive (MD) 13.1, IV, C - "Reporting Requirements" (revised2/16/2011).

Agency Payment Office: Payment will continue to be made by the office designated in thecontract in Block 12 of Standard Form 26, Block 25 of Standard Form 33, or Block 18a ofStandard Form 1449, whichever is applicable.

Frequency: The contractor shall submit invoices/vouchers for payment once each month,unless otherwise authorized by the Contracting Officer.

Format: InvoicesNouchers shall be submitted in the format depicted on the attached sampleform entitled "InvoiceNoucher for Purchases and Services Other Than Personal". Alternate

formats are permissible only if they address all requirements of the Billing Instructions. Theinstructions for preparation and itemization of the invoice/voucher are included with the sampleform.

Task Order Contracts: The contractor must submit a separate invoice/voucher for eachindividual task order with pricing information. This includes items discussed in paragraphs (a)through (p) of the attached instructions. In addition, the invoice/voucher must specify thecontract number, and the NRC-assigned task/delivery order number.

Final vouchers/invoices shall be marked "FINAL INVOICE" or "FINAL VOUCHER".

Currency: InvoicesNouchers must be expressed in U.S. Dollars.

Supersession: These instructions supersede previous Billing Instructions for Fixed-Price TypeContracts (July 2011).

INVOICE/VOUCHER FOR PURCHASES AND SERVICES OTHER THAN PERSONAL(SAMPLE FORMAT - COVER SHEET)

1. Official Agency Billing Office

NRC PaymentsU.S. Nuclear Regulatory CommissionOne White Flint North11555 Rockville PikeMailstop O3-E17ARockville, MD 20852-2738

2. InvoicelVoucher Information

a. Payee's DUNS Number or DUNS+4. The Payee shall include the Payee's Data UniversalNumber (DUNS) or DUNS+4 number that identifies the Payee's name and address. TheDUNS+4 number is the DUNS number plus a 4-character suffix that may be assigned at thediscretion of the Payee to identify alternative Electronic Funds Transfer (EFT) accounts for thesame parent concern.

b. Taxpayer Identification Number. The Payee shall include the Payee's taxpayer identificationnumber (TIN) used by the Internal Revenue Service (IRS) in the administration of tax laws.(See IRS Web site:http://www.irs.qov/Businesses/Small-Businesses-&-Self-Employed/Emplover-ID-Numbers-(EINs)).

c. Payee's Name and Address. Show the name of the Payee as it appears in the contract andits correct address. Where the Payee is authorized to assign the proceeds of this contract inaccordance with the clause at FAR 52.232-23, the Payee shall require as a condition of anysuch assignment, that the assignee shall register separately in the Central ContractorRegistration (CCR) database at http://www.ccr.gov and shall be paid by EFT in accordance withthe terms of this contract. See Federal Acquisition Regulation (FAR) 52.232-33(g) Payment byElectronic Funds Transfer - Central Contractor Registration (October 2003).

d. Contract Number. Insert the NRC contract number (including Enterprise-wide Contract(EWC)), GSA Federal Supply Schedule (FSS), Governmentwide Agency Contract (GWAC)number, or Multiple Agency Contract (MAC) number, as applicable.

e. Task Order Number. Insert the task/delivery order number (If Applicable). Do not includemore than one task order per invoice or the invoice may be rejected as improper.

f. InvoiceNoucher. The appropriate sequential number of the invoice/voucher, beginning with001 should be designated. Contractors may also include an individual internal accountingnumber, if desired, in addition to the 3-digit sequential number.

g. Date of InvoiceNoucher. Insert the date the invoice/voucher is prepared.

h. Billing Period. Insert the beginning and ending dates (day, month, year) of the period duringwhich deliverables were completed and for which payment is requested.

i. Description of Deliverables. Provide a brief description of supplies or services, quantity, unitprice, and total price.

j. Work Completed. Provide a general summary description of the services performed orproducts submitted for the invoice period and specify the section or Contract Line Item Number(CLIN) or SubCLIN in the contract pertaining to the specified contract deliverable(s).

k. Shipping. Insert weight and zone of shipment, if shipped by parcel post.

I. Charges for freight or express shipments. Attach prepaid bill if shipped by freight or express.

m. Instructions. Include instructions to consignee to notify the Contracting Officer of receipt ofshipment.

n. For Indefinite Delivery contracts, the final invoice/voucher shall be marked FINAL INVOICE"or "FINAL VOUCHER".

o. Total Amount Billed. Insert columns for total amounts for the current and cumulative periods.

p. Adjustments. Insert columns for any adjustments, including outstanding suspensions fordeficient or defective products or nonconforming services, for the current and cumulativeperiods.

q. Grand Totals.