Georgia Tech Procurement Assistance Center

  • Home
  • About Us
  • Training
    • Class Registration
    • On-demand Training
    • GTPAC COVID-19 Resource Page
    • Veterans Verification Video
    • Other Training Audio & Video
  • Useful Links
  • Team Directory
    • Albany Counselor
    • Atlanta Counselors
    • Augusta Counselor
    • Carrollton Counselor
    • Columbus Counselor
    • Gainesville Counselor
    • Savannah Counselor
    • Warner Robins Counselor
  • Directions
    • Atlanta – Training Facility
    • Atlanta – Office
    • Albany
    • Augusta
    • Carrollton
    • Columbus
    • Gainesville
    • Savannah
    • Warner Robins
  • COVID-19
  • New Client Application
  • Contact Us

Navigating the FAR/DFARS: The most confusing and little known clauses

May 7, 2021 By Andrew Smith

The law firm Piliero Mazza has put together a helpful presentation on navigating the FAR/DFARS, that focuses on the most confusing the little-known clauses.  They write:

“We have fielded numerous calls from new clients asking the same question when it turns out they have violated a FAR provision: ‘Do they really expect me to read all of those regulations?  How is someone supposed to understand everything that is in there?’ Unfortunately, the answer is ‘yes’ the government does expect you to know all of the FAR and DFARS clauses that are relevant to your work and to follow them to the letter.  Not only that, but by virtue of the fact the FAR and DFARS are publicly available, all contractors are presumed to have knowledge of all the clauses and understand them.  This reality can be daunting for new companies or even large well-established businesses looking to enter the federal space.  During this session, we will look at some of the most confusing and poorly understood FAR and DFARS provisions to give you a leg up on your competition or be able to help your own companies or those you work with in navigating these areas of the law.”

You can watch the webinar at:  JD Supra

Filed Under: Contracting Tips Tagged With: DFARS, FAR

Uncle Sam wants you — and your DFARS compliance

July 25, 2019 By Andrew Smith

Following rules of engagement is a common concept, but knowing the rules — and whether they really apply to one’s own business — is not always a common condition.  The federal market can be especially confusing for smaller companies that may be delivering similar products or services to both civilian and military/defense/aerospace agencies.

If you know enough to ask about DFARS 252.204-7012 compliance, hold grants or contract awards subject to the provisions, or are contemplating entering the Department of Defense (DoD) market, you should at least be on the path to Defense Federal Acquisition Regulation Supplement (DFARS) compliance.  By September 2020, meeting the required security level contained in a DoD solicitation will be the basis for a go/no-go decision on further consideration of an offeror’s cost, schedule, and performance qualifications.

Announced changes to federal procurement practices, particularly for DoD-related contracts, put into play provisions for supply chain security and resiliency based, in part, on the 2018 “Deliver Uncompromised” study from MITRE Corporation.  Widely publicized leaks of government-funded intellectual property and other proprietary information have intensified concerns about the vulnerability of the defense industrial base (DIB), one of the 16 industry sectors defined by the Department of Homeland Security (DHS) as “critical infrastructure.”  The Office of the Under Secretary of Defense for Acquisition & Sustainment notes on its website that DoD is “planning a series of engagements across the United States in order to solicit inputs and feedback from the [DIB] sector.”

Continue reading at:  IndustryWeek

Filed Under: Contracting News Tagged With: cybersecurity, DFARS, DFARS 252.204-7012, NIST SP 800-171

Government contracts regulatory and legislative update

July 17, 2019 By Andrew Smith

Our monthly edition of the “Government Contracts Regulatory and Legislative Update” offers a summary and insight into the relevant industry developments that occurred during the previous month.

Regulations

DoD Issues Proposed Rule Establishing Preference for Fixed-Price Contracts

On April 1, 2019, the U.S. Department of Defense (DoD) issued a proposed rule to revise the Defense Federal Acquisition Regulation Supplement (DFARS) to establish a preference for fixed-price contracts when determining contract type, and to require use of firm fixed-price contracts for foreign military sales, subject to exceptions.  Approval is required for cost-reimbursement contracts in excess of $50 million if awarded between October 1, 2018 and October 1, 2019, and for cost-reimbursement contracts in excess of $25 million if awarded on or after October 1, 2019.  These revisions will implement Sections 829 and 830 of NDAA FY 2017.

The proposed rule includes the following key amendments:

  • Adds “milestone decision authority” definition to DFARS 202.101.
  • Revises DFARS 216.102(1) and adds DFARS 216.102(3) to reference the Section 829 NDAA requirements.
  • Adds DFARS 225.7301-1 and -2 to implement the Section 830 NDAA requirements.

DoD Issues Proposed Rule Revising the Nonmanufacturer Rule for 8(a) Participants

On April 1, 2019, DoD issued a proposed rule to amend the DFARS to implement the Small Business Administration’s (SBA) final rule standardizing the nonmanufacturer rule (NMR).  The NMR imposes certain requirements upon small business concerns that offer end items they did not manufacture, process, or produce.

This rule will update DFARS clause 252.219-7010 (Notification of Competition Limited to Eligible 8(a) Participants) to remove the nonmanufacturer rule exemption for contracts valued at or below $25,000 and awarded under simplified acquisition procedures.  Instead, the NMR will apply to all 8(a) contracts regardless of dollar value, and will require 8(a) participants that are nonmanufacturers to offer end items manufactured, processed, or produced by small business concerns in the United States or its outlying areas.

Continue reading at:  Drinker Biddle

Filed Under: Contracting Tips Tagged With: Code of Federal Regulations, DFARS, FAR, legislation

The importance of compliance with DFARS cybersecurity regulations

July 4, 2019 By Andrew Smith

Clicking the “COMPLY” check box on the list of government requirement flow-downs may seem like a necessary evil of being a supplier to the defense market, but some regulations around information and cybersecurity provide the critical foundations of a trusted computing supply chain.

Cyber and information warfare are the hottest and possibly most contested battlefields in the race for military dominance. Case in point, the U.S. Navy recently changed the name of Space and Naval Warfare Systems Command (SPAWAR) to the Naval Information Warfare Systems Command (NAVWAR), in recognition of how important information warfare to defense strategy.

Similarly, earlier this year, the U.S. Army, announced the evolution of its Cyber Command into the Information Warfare Command, and the U.S. Air Force announced the merger of the 24th Air Force (Air Forces Cyber) and the 25th Air Force, to create a new information warfare focused command.

By all indicators, information currently sits near the top of the food chain of assets requiring protection.  To that end, the U.S. Department of Defense (DOD) upped the ante on regulations around what types of information need protection and how much suppliers must protect that information.

Continue reading here:  Military and Aerospace Electronics

Filed Under: Contracting Tips Tagged With: cybersecurity, DFARS, DoD, NIST 800-171, NIST SP 800-171

Doing business with the U.S. Government in an era of cybersecurity, espionage and executive orders

June 20, 2019 By Andrew Smith

In an era of trade wars, espionage, and executive orders, how can companies who wish to dive into government procurement or are already involved in procurement abide by Federal laws and data security regulations and increase the likelihood of proper procurement?

Recently, the D.C. law firm Sheppard Mullin hosted a podcast discussing various government contracting requirements, including those related to cybersecurity.  Topics discussed include:

What does the legal landscape look like for doing business with the U.S. government?

What various layers of laws apply to government contracting?

When it comes to cybersecurity, what new developments have emerged that affect government contracts?

What type of security controls should contractors implement to protect data?

What are security control “families”?

What security rules are specific to government contractors and why are they important for companies of all types to be familiar with them?

Why is it important to be open to checking where your sensitive data and documenting your plan to protect that data?

The “Plan of Action” the Department of Defense requires.

What is the National Defense Authorization Act and what does it establish?

How has the 2019 Executive Order affected information and telecommunications technologies?

How are the Federal Acquisition Regulations playing a role in the trade war with China?

You can listen to the podcast at:  The Sheppard Mullin website

Filed Under: Contracting Tips Tagged With: Cyber Security, cybersecurity, DFARS, DoD, NDAA

Pentagon to unveil new Cybersecurity Maturity Model Certification (CMMC) for defense contractors

June 13, 2019 By Andrew Smith

The Department of Defense announced that it is developing a new cybersecurity standard and certification for defense contractors.  It is named the “Cybersecurity Maturity Model Certification” (CMMC).

Notably, the intent of the CMMC is to improve cybersecurity deficiencies in the defense industrial base and secure the supply chain.

The CMMC is expected to be based on NIST SP 800-171, as is the current Defense Federal Acquisition Regulation Supplement (DFARS) rule.  Specifically, DFARS Clause 252.204-7012 requires defense contractors handling sensitive, unclassified information to implement the 110 security controls of NIST SP 800-171.

However, the CMMC may incorporate or rely on frameworks in addition to NIST SP 800-171.

According to news reports, the CMMC will serve as the enforcement mechanism lacking in the current DFARS rule.

Although the draft CMMC has not yet been published, it’s been reported that there will be 5 levels of certification.  The levels will range from basic cyber hygiene to “State-of-the-Art.”  DoD contracts will require specific levels — and awards will be “go/no-go” based on the contractor’s certification status.

This is a fundamental change to how defense contracts are awarded today.

Read more at:  JD Supra

Filed Under: Contracting News Tagged With: CMMC, cybersecurity, cyberthreat, DFARS, NIST 800-171, NIST SP 800-171

Northrop Grumman to provide free cybersecurity training to small businesses June 4th

May 24, 2019 By Andrew Smith

Northrop Grumman, in collaboration with the USC Center for Economic Development, is offering FREE cybersecurity training to small businesses.  The workshop is open to all small businesses, but advance registration is required.

The primary purpose of the one-day 8-hour workshop is to ensure that small businesses are aware of the cybersecurity requirements mandated under Defense Federal Acquisition Regulations Supplement (“DFARS”) Subpart 204.73 (Safeguarding Covered Defense Information and Cyber Incident Reporting).  The workshop will focus on understanding the risks associated with safeguarding controlled unclassified DoD information. 

The workshop will focus on the groups of controls from NIST SP 800-171, with examples highlighting what happens when these controls are not implemented.  By the end of the workshop, small businesses will become familiar with all 110 controls and be able to better identify the areas where you may need greater focus to meet the DoD’s cybersecurity expectations.

Here are the details about the event:

Date:  Tuesday, June 4, 2019

Time:  8 a.m. to 5 p.m. ET

Location:  Loudermilk Conference Center, 40 Courtland Street NE, Atlanta, GA 30303

The training will also be available online via webinar.

For registration, visit:  https://events.r20.constantcontact.com/register/eventReg?oeidk=a07eg5xonme7588be26&oseq=&c=&ch=

Filed Under: GTPAC News Tagged With: cybersecurity, DFARS, NIST 800-171

DoD proposes new rule on performance-based contract payments

May 9, 2019 By Andrew Smith

According to a report by the Federal News Network, the Department of Defense (“DoD”) is proposing a new rule which would change how it pays some defense contractors.  DoD is looking to require, whenever practicable, that fixed price contracts be paid out through performance-based contractual payments.  Performance-based payments are a method of contract financing where payments are made on the basis of the contractor’s achievement of objective, quantifiably measurable events, results, or accomplishments that are defined and valued in the contract prior to performance.  Some within the government consider it a preferred method of contracting and claim that it reduces the government’s oversight and compliance costs.  It also may have benefits for contractors, as it should help cash flow, reduce the cost of oversight and compliance, and allow the contractor to focus on technical and schedule progress.  Comments on the proposed rule are due by July 1.

Read the new rule at the Federal Register.

Filed Under: Contracting News Tagged With: contract payments, DFARS, DoD, fixed price, payments, proposed rule

Weak links in the defense supply chain

April 19, 2019 By Andrew Smith

Industry experts told Congress recently that poor awareness of federal cybersecurity contracting standards and a lack of visibility by contractors into their own supply chains are at the heart of problems that have led to widespread targeting and theft of U.S. economic and national security secrets by nation state hackers.

According to a survey of small and medium-sized defense contractors conducted by the National Defense Industrial Association, less than 60 percent of respondents said they read the Defense Federal Acquisition Regulation Supplement that lays out minimum security standards for contractor information systems, while nearly half of those who did said they found it hard to understand.

About 45 percent of respondents hadn’t read National Institute for Standards and Technology guidelines for protecting controlled unclassified information.

Keep reading this article at: https://fcw.com/articles/2019/03/31/defense-supply-chain-weak-links.aspx

See GTPAC’s video, template and other resources designed to help contractors comply with the DoD/NIST cybersecurity rules at: http://gtpac.org/cybersecurity-training-video/

Filed Under: Contracting News Tagged With: controlled defense information, cyber, cyber incident, cybersecurity, DFARS, DoD, NIST, NIST 800-171 NIST issues guidance on contractor, supply chain

Keeping up with DoD cybersecurity compliance demands

April 11, 2019 By Andrew Smith

On Jan. 21, 2019, Ellen Lord, the Under Secretary of Defense for Acquisition and Sustainment, issued a memorandum focused on assessing contractor compliance with the DFARS cyber clause via audits of a Contractor’s purchasing system.  One intent of this guidance is to have the Defense Contract Management Agency, or DCMA, “validate, for contracts for which they provide contract administration and oversight, contractor compliance with the requirements of DFARS clause 252.204-7012.”

This would be done as part of a review of a contractor’s purchasing system in accordance with DFARS 252.244-7001.  Pursuant to this DFARS clause, contractors are required to provide adequate security on their internal networks to protect Covered Defense Information (CDI) and are required to flow DFARS clause 252.204-7012 “Safeguarding Covered Defense Information and Cyber Incident Reporting” to subcontractors without alteration.

On Feb. 26, 2019, the DCMA updated its Contractor Purchasing System Review (CPSR) Guidebook to incorporate requirements from the January 2019 memorandum. In particular, the “Supply Chain Management Process” outlined in Appendix 24 states that “[p]rotecting Controlled Unclassified Information is a critical aspect” of supply chain management.

The guidebook assumes obligations that are beyond those imposed by the DFARS clause, presumably assuming that new requirements will be imposed contractually in the future.

Keep reading this article at: https://www.insidegovernmentcontracts.com/2019/03/keeping-up-with-dod-cybersecurity-compliance-demands/

Filed Under: Contracting Tips Tagged With: controlled defense information, cyber, cyber incident, cybersecurity, DFARS, DoD, NIST, NIST 800-171

  • 1
  • 2
  • 3
  • …
  • 7
  • Next Page »

Recent Posts

  • OMB releases guidance related to small business goals
  • Are verbal agreements good enough for government contractors?
  • OMB issues guidance on impact of injunction on government contractor vaccine mandate
  • CMMC 2.0 simplifies requirements but raises risks for government contractors
  • OFCCP launches contractor portal initiating AAP verification program

Popular Topics

8(a) abuse Army bid protest budget budget cuts certification construction contract awards contracting opportunities cybersecurity DoD DOJ False Claims Act FAR federal contracting federal contracts fraud GAO Georgia Tech government contracting government contract training government trends GSA GSA Schedule GTPAC HUBZone innovation IT Justice Dept. marketing NDAA OMB SBA SDVOSB set-aside small business small business goals spending subcontracting technology VA veteran owned business VOSB wosb

Contracting News

OMB releases guidance related to small business goals

OMB issues guidance on impact of injunction on government contractor vaccine mandate

Changes coming to DOD’s Cybersecurity Maturity Model Certification under CMMC 2.0

Judge issues nationwide injunction halting enforcement of COVID-19 vaccine mandate

Nondisplacement of qualified workers is back, but with changes

Read More

Contracting Tips

Are verbal agreements good enough for government contractors?

CMMC 2.0 simplifies requirements but raises risks for government contractors

OFCCP launches contractor portal initiating AAP verification program

GAO rules that DoD may not require small business Joint Venture itself hold facility security clearance

Terminations for convenience clauses vs. mutual termination clauses

Read More

GTPAC News

VA direct access program events in 2022

Sandia National Laboratories seeks small business suppliers

Navy OSBP hosting DCAA overview (part 2) event Jan. 12, 2022

Navy OSBP hosting cybersecurity “ask me anything” event Dec. 16th

State of Georgia hosting supplier systems training on January 26, 2022

Read More

Georgia Tech News

Undergraduate enrollment growth reflects inclusive excellence

Georgia Tech delivers $4 billion in economic impact to the State of Georgia

Georgia Tech awards first round of seed grants to support team-based research

Georgia Tech announces inaugural Associate Vice President of Corporate Engagement

DoD funds Georgia Tech to enhance U.S. hypersonics capabilities

Read More

  • SAM.gov registration is free, and help with SAM is free, too
APTAC RSS Twitter GTPAC - 30th Year of Service

Copyright © 2022 · Georgia Tech - Enterprise Innovation Institute