The Contracting Education Academy

Contracting Academy Logo
  • Home
  • Training & Education
  • Services
  • Contact Us
You are here: Home / Archives for FAR

December 11, 2020 By cs

Proposed rule will revise the FAR definition of ‘commercial item’

The FAR Council has issued a Proposed Rule implementing amendments to the current FAR definition of “commercial item.”

The Proposed Rule will eliminate the current FAR definition of “commercial item” and replace it with separate definitions for “commercial products” and “commercial services.  The proposed definitions are designed to benefit both contractors and the acquisition workforce by simplifying the application of the “commercial” concept and providing greater clarity on the scope of each term.

Comments on the Proposed Rule must be submitted no later than December 14, 2020.

As a matter of background, the Proposed Rule implements both Section 836 of the National Defense Authorization Act for Fiscal Year 2019 and a recommendation from the Section 809 Panel.

Keep reading this article at: https://www.mondaq.com/unitedstates/government-contracts-procurement-ppp/1000792/clarity-sweet-clarityproposed-rule-will-revise-the-far-definition-of-commercial-item

 

Filed Under: Government Contracting News Tagged With: commercial contract, commercial item, commercial products, definitions, FAR, NDAA, proposed rule, Section 809 Panel

December 8, 2020 By cs

What DoD’s cyber certification program reveals about info-sharing challenges

As the new regime takes effect, the tech industry’s lead trade association would rather higher level certifications be done by the department than independent third parties.

The Information Technology Industry Council is arguing that the foundation of U.S. cybersecurity policy — information sharing between organizations — presents a security threat that is too costly for many to address in response to a rule implementing the Pentagon’s Cybersecurity Maturity Model Certification Program.

The CMMC program was designed to change the Defense Department’s practice of having contractors simply attest to their own level of cybersecurity and institute a system of third-party auditors to validate required practices are in place.

The department’s Defense Contract Management Agency currently conducts audits of contractors’ cybersecurity through Defense Industrial Base Cybersecurity Assessment Center, or DIBCAC, assessments.  But Katie Arrington, the DoD official heading up the CMMC program, said a new ecosystem of private third-party assessors is necessary to scale such reviews across all of the approximately 300,000 companies the department relies on.

Organizations hoping to work with the Defense Department would be required to obtain certification through an accreditation body that entered into a no-cost contract with the Defense Department on Nov. 25.  The currently all-volunteer organization will be funded through fees it receives from assessors it trains to conduct audits and individuals it approves as qualified to consult with prospective contractors on CMMC requirements.

Keep reading this article at: https://www.nextgov.com/cybersecurity/2020/12/what-dods-cyber-certification-program-reveals-about-info-sharing-challenges/170400/

Filed Under: Government Contracting News Tagged With: CMMC, CMMC AB, CMMC accreditation, CMMC Accreditation Body, contractor information systems, cybersecurity, Cybersecurity Maturity Model Certification, DCMA, Defense Industrial Base Cybersecurity Assessment Center, DFARS, DIBCAC, DoD, FAR, federal regulations, NIST, SP 800-171

December 4, 2020 By cs

Pentagon ready to name first 15 ‘pathfinder’ contracts for CMMC

It’s a significant week for the Defense Department’s Cybersecurity Maturity Model Certification program: New rules that serve as a precursor to the full CMMC implementation took effect on Tuesday, and an announcement of the first 15 contracts that will serve as “pathfinders” for the new model are imminent.

That initial set of procurements would represent the first real-world use of CMMC, the program the department has been building for the past year-and-a-half to shore up the cybersecurity of its industrial base.  So far, DoD acquisition officials have only applied the model to contracts in non-punitive tabletop exercises, and without publicly identifying the contracts involved.

The department expects to name the first 15 pathfinders within “the next few days,” Katie Arrington, the chief information security officer in DoD’s acquisition and sustainment office told an industry conference.  The announcement has been highly-anticipated as the defense industry waits to see how many vendors could be impacted by the initial pathfinder process.

Meanwhile, earlier this week, two precursors to the full CMMC rollout took effect — part of a sweeping rule change DoD promulgated in September to implement the program.  Going forward, almost all vendors bidding on new contracts will have to log into a web portal and attest to which specific security controls in NIST Special Publication 800-171 they’re currently complying with.

Keep reading this article at: https://federalnewsnetwork.com/defense-main/2020/12/pentagon-ready-to-name-first-15-pathfinder-contracts-for-cmmc/

Filed Under: Government Contracting News Tagged With: CMMC, CMMC AB, CMMC accreditation, CMMC Accreditation Body, contractor information systems, cybersecurity, Cybersecurity Maturity Model Certification, DCMA, Defense Industrial Base Cybersecurity Assessment Center, DFARS, DIBCAC, DoD, FAR, federal regulations, NIST, SP 800-171

November 24, 2020 By cs

DoD contractors: Will you be ready for CMMC on Nov. 30?

Responding to fundamental concerns about the cybersecurity of its private sector supply chain, the Department of Defense (DoD) will begin requiring at the end of this month all of its contractors to comply with a complex and demanding new cybersecurity framework.

Starting on November 30, 2020, contractors working for the DoD will need to comply with the long-anticipated Cybersecurity Maturity Model Certification (CMMC).  This mandatory requirement will be a go/no-go criterion for eligibility for many DoD contracts.

Issued on September 29, 2020 the interim rule, amends the Defense Federal Acquisition Regulation Supplement (DFARS) to establish the DoD Assessment Methodology for contractor cybersecurity certification and implement the CMMC program.

What is the DoD Assessment Methodology?

The DoD Assessment Methodology requirement was developed to address perceived flaws in the self-assessment process.  Currently, under DFARS clause 252.204-7012, contractors must self-certify their compliance with the cybersecurity requirements of NIST SP 800-171 to “covered contractor information systems,” which are generally those that store, process, generate, transmit or access “covered defense information.” Through the interim rule, the DoD Assessment Methodology rates contractor cybersecurity levels as Basic, Medium or High based on the contractor’s implementation of the 110 controls identified under the National Institutes of Standards and Technology (NIST) Special Publication (SP) 800-171.

Keep reading this article at: https://www.mondaq.com/unitedstates/security/1003266/defense-department-contractors-will-you-be-ready-for-cmmc-on-november-30

Filed Under: Government Contracting News Tagged With: CMMC, CMMC AB, CMMC accreditation, CMMC Accreditation Body, contractor information systems, cybersecurity, Cybersecurity Maturity Model Certification, DFARS, DoD, FAR, federal regulations, NIST, SP 800-171

November 23, 2020 By cs

ASBCA revisits email “signature” and finds typed name meets the test

In a departure from its prior precedent, the Armed Services Board of Contract Appeals (ASBCA) recently held in Kamaludin Slyman CSC, ASBCA Nos. 62006, 62007, 62008, that a typed name at the end of an email satisfies the certification requirement under the Contract Dispute Act (CDA), so long as it is discrete, verifiable, and conveys an intent to authenticate.

The contractor at issue submitted a $155,500 demand for payment to the Government in March 2013, thus, triggering the CDA’s certification requirement under FAR 52.233-1.  The demand itself did not contain a certification, but the contractor sent a follow-up email just prior to the six-year statute of limitations, stating:

Hey Sir,
For contract numbers -12-C-0089, -12-C-0131, -11-C-0322, and the claims submitted in respect to them on March 16, 2013, I certify that the claim is made in good faith; that the supporting data are accurate and complete to the best of my knowledge and belief; that the amount requested accurately reflects the contract adjustment for which the contractor believes the Government is liable; and that I am duly authorized to certify the claim on behalf of the contractor.
Sincerely,
Kamaludin Slyman

Three days after sending this email, the contractor submitted an appeal to the ASBCA pursuant to a “deemed denial” and the Government moved to dismiss asserting that the contractor had failed to sign its certification and, thus, failed to certify its claim.  The Board noted that the Government did not argue in its motion that the appeal was premature, as the requisite 60 days had not passed between the certification and the purported deemed denial.  However, because at the time of its decision more than 60 days had elapsed since the certification, the ASBCA saw “no useful purpose in dismissing the appeal as premature and requiring appellant to refile.”

Keep reading this article at: https://www.mondaq.com/unitedstates/government-contracts-procurement-ppp/1003364/asbca-revisits-email-signature-and-finds-typed-name-meets-the-test

Filed Under: Government Contracting News Tagged With: ASBCA, CDA, certification, claim, Contract Disputes Act, FAR

  • « Previous Page
  • 1
  • 2
  • 3
  • 4
  • 5
  • …
  • 69
  • Next Page »

Popular Topics

abuse acquisition reform acquisition strategy acquisition training acquisition workforce Air Force Army AT&L bid protest budget budget cuts competition cybersecurity DAU DFARS DHS DoD DOJ FAR fraud GAO Georgia Tech GSA GSA Schedule GSA Schedules IG industrial base information technology innovation IT Justice Dept. Navy NDAA OFPP OMB OTA Pentagon procurement reform protest SBA sequestration small business spending technology VA
Contracting Academy Logo
75 Fifth Street, NW, Suite 300
Atlanta, GA 30308
info@ContractingAcademy.gatech.edu
Phone: 404-894-6109
Fax: 404-410-6885

RSS Twitter

Search this Website

Copyright © 2021 · Georgia Tech - Enterprise Innovation Institute