Georgia Tech Procurement Assistance Center

  • Home
  • About Us
  • Training
    • Class Registration
    • On-demand Training
    • GTPAC COVID-19 Resource Page
    • Cybersecurity Video
    • Veterans Verification Video
    • GTPAC Community
    • Other Training Audio & Video
  • Useful Links
  • Team Directory
    • Albany Counselor
    • Athens Counselor
    • Atlanta Counselors
    • Augusta Counselor
    • Carrollton Counselor
    • Columbus Counselor
    • Gainesville Counselor
    • Savannah Counselor
    • Warner Robins Counselor
  • Directions
    • Athens
    • Atlanta – Training Facility
    • Atlanta – Office
    • Albany
    • Augusta
    • Carrollton
    • Columbus
    • Gainesville
    • Savannah
    • Warner Robins
  • COVID-19
  • New Client Application
  • Contact Us

Keeping up with DoD cybersecurity compliance demands

April 11, 2019 By Andrew Smith

On Jan. 21, 2019, Ellen Lord, the Under Secretary of Defense for Acquisition and Sustainment, issued a memorandum focused on assessing contractor compliance with the DFARS cyber clause via audits of a Contractor’s purchasing system.  One intent of this guidance is to have the Defense Contract Management Agency, or DCMA, “validate, for contracts for which they provide contract administration and oversight, contractor compliance with the requirements of DFARS clause 252.204-7012.”

This would be done as part of a review of a contractor’s purchasing system in accordance with DFARS 252.244-7001.  Pursuant to this DFARS clause, contractors are required to provide adequate security on their internal networks to protect Covered Defense Information (CDI) and are required to flow DFARS clause 252.204-7012 “Safeguarding Covered Defense Information and Cyber Incident Reporting” to subcontractors without alteration.

On Feb. 26, 2019, the DCMA updated its Contractor Purchasing System Review (CPSR) Guidebook to incorporate requirements from the January 2019 memorandum. In particular, the “Supply Chain Management Process” outlined in Appendix 24 states that “[p]rotecting Controlled Unclassified Information is a critical aspect” of supply chain management.

The guidebook assumes obligations that are beyond those imposed by the DFARS clause, presumably assuming that new requirements will be imposed contractually in the future.

Keep reading this article at: https://www.insidegovernmentcontracts.com/2019/03/keeping-up-with-dod-cybersecurity-compliance-demands/

Filed Under: Contracting Tips Tagged With: controlled defense information, cyber, cyber incident, cybersecurity, DFARS, DoD, NIST, NIST 800-171

Recent Posts

  • DoD publishes long awaited interim rule on CMMC
  • GSA Region 4 OSDBU hosting small business webinar
  • GTPAC launches COVID-19 resource page
  • GDEcD seeks GA Manufacturers and Distributors that can help with critical health care supply needs related to COVID-19
  • Georgia DOAS to hold 4th Annual Georgia Procurement Conference April 21-23, 2020

Popular Topics

8(a) abuse Army bid protest budget budget cuts certification construction contract awards contracting opportunities cybersecurity DoD DOJ False Claims Act FAR federal contracting federal contracts fraud GAO Georgia Tech government contracting government contract training government trends GSA GSA Schedule GTPAC HUBZone innovation IT Justice Dept. marketing NDAA OMB SBA SDVOSB set-aside small business small business goals spending subcontracting technology VA veteran owned business VOSB wosb

Contracting News

DoD publishes long awaited interim rule on CMMC

Small business subcontracting for cloud computing gets easier

Long awaited changes to WOSB/EDWOSB regulations expected this summer

The CMMC has arrived: DoD publishes version 1.0 of its new cybersecurity framework

GSA keeping ‘on track’ with schedule consolidation

Read More

Contracting Tips

A guide to labor and employment obligations for federal contractors

Who pays for CMMC certification?

Other transaction agreements: Where does an unsuccessful bidder go?

Knowledge is power, if you know how to use it

EAJA provides relief to construction contractor for government’s bad actions

Read More

GTPAC News

GSA Region 4 OSDBU hosting small business webinar

GTPAC launches COVID-19 resource page

GDEcD seeks GA Manufacturers and Distributors that can help with critical health care supply needs related to COVID-19

Georgia DOAS to hold 4th Annual Georgia Procurement Conference April 21-23, 2020

MICC Fort Stewart hosting acquisition forecast open house on Thursday, Feb. 6, 2020

Read More

Georgia Tech News

Dr. Abdallah testifies on U.S. competitiveness, research, STEM pipeline at Congressional hearing

Georgia Tech’s Technology Square Phase III to include George Tower

Student surprises his teacher with Georgia Tech acceptance news

Georgia Tech Applied Research will support DHS information safeguarding effort

$25 million project will advance DNA-based archival data storage

Read More

  • SAM.gov registration is free, and help with SAM is free, too
APTAC RSS Twitter GTPAC - 30th Year of Service

Copyright © 2021 · Georgia Tech - Enterprise Innovation Institute