The Contracting Education Academy

Contracting Academy Logo
  • Home
  • Training & Education
  • Services
  • Contact Us
You are here: Home / Archives for scorecard

March 7, 2016 By AMK

Scorecard documents DoD shortcomings in implementing cybersecurity contract requirements

A report card recently released by the Department of Defense (DoD) reveals that the department has a long way to go to implement its acquisition cybersecurity standards.

DFARSDoD amended the Defense Federal Acquisition Regulation Supplement (DFARS) in August 2015 in order to implement, at the contractor and subcontractor levels, information security standards developed by the National Institute of Standards and Technology (NIST).  The first step in the implementation is inclusion of a contract clause in new solicitations and newly awarded contracts and, since August, DFARS Clause 252.204-7012 has been prescribed for use in new solicitations and contracts.

DoD set a goal of 95 percent first-year compliance with usage of the DFARS cybersecurity clause, but the department has a long way to go.  According to a March 1, 2016 report, little more than one-third (34 percent) of DoD contracts issued in the first quarter of FY16 (October through December 2015) contained the required clause.  Lagging most among the activities within DoD is the Defense Logistics Agency (DLA) with the required clause in only 16 percent of contracts issued in the first quarter.  During the same period, the Navy scored best within the department, with a compliance rate of 92 percent.

Activity-by-activity compliance within DoD can be seen in the chart below.

DoD Scorecard for Compliance with DFARS 252.204-7012 - 1st Quarter FY16

DoD may face new hurtles in the implementation of the cybersecurity contract requirements.  Last week, we reported that the Advocacy Office of the Small Business Administration (SBA) has raised objections to DoD’s current contract provisions due to an undue burden placed by the clause on small businesses.  SBA fears that the rules will impose a significant financial burden on small businesses and could make it more difficult for small businesses to qualify for DoD contract awards.

More information:
  • DoD Acquisition Compliance Scorecard – 1st Quarter FY16 – http://www.acq.osd.mil/dpap/policy/policyvault/USA000187-16-DPAP.pdf
  • SBA’s advocacy office objects to impact of DoD’s cybersecurity rules on small businesses –  http://contractingacademy.gatech.edu/2016/03/02/sbas-advocacy-office-objects-to-impact-of-dods-cybersecurity-rules-on-small-businesses 
  • DFARS Clause 252.204-7012 – http://www.acq.osd.mil/dpap/dars/dfars/html/current/252204.htm#252.204-7012

Filed Under: Government Contracting News Tagged With: compliance, cyber, cybersecurity, DFARS, DoD, NIST, Office of Advocacy, SBA, scorecard, small business

Popular Topics

abuse acquisition reform acquisition strategy acquisition training acquisition workforce Air Force Army AT&L bid protest budget budget cuts competition cybersecurity DAU DFARS DHS DoD DOJ FAR fraud GAO Georgia Tech GSA GSA Schedule GSA Schedules IG industrial base information technology innovation IT Justice Dept. Navy NDAA OFPP OMB OTA Pentagon procurement reform protest SBA sequestration small business spending technology VA
Contracting Academy Logo
75 Fifth Street, NW, Suite 300
Atlanta, GA 30308
info@ContractingAcademy.gatech.edu
Phone: 404-894-6109
Fax: 404-410-6885

RSS Twitter

Search this Website

Copyright © 2023 · Georgia Tech - Enterprise Innovation Institute