Acquisition

Some federal agencies want to make IT security contracting rules simpler to find

NASA, the DOD and GSA want a singular section of federal acquisition regulations focused on IT risks.

April 2, 2024

(Getty Images)

NASA, the Defense Department and the General Services Administration have joined together to issue a final rule that tweaks federal acquisition regulations to more efficiently address information and supply chain security, according to a posting on the Federal Register.

The announcement is an initial move since it only establishes a new section of the Federal Acquisition Regulation but doesn’t formally create any policies or rules. The eventual goal is for provisions related to these topics spread throughout other regulatory sections to be reorganized under a new concentrated section where contracting officers can access the information in a singular place.

“Currently, the policies and procedures for prohibitions, exclusions, supply chain risk information sharing, and safeguarding information that address security objectives are dispersed across multiple parts of the FAR, which makes it difficult for the acquisition workforce to locate, understand, and implement applicable requirements,” the posting stated.

It continued: “This new part will provide contracting officers with a single, consolidated location in the FAR that addresses their role in implementing requirements related to managing information security and supply chain security when acquiring products and services.”

The new section could address topics including the cybersecurity supply chain, concerns related to emerging technologies, and “foreign-based risks.” Since no new procedures or policies are being implemented, there will be no public comment period.

Some federal agencies want to make IT security contracting rules simpler to find

More Like This

Five takeaways from the AI executive order’s 180-day deadline

GSA releases generative AI resource guide for federal purchasers

In deploying AI, the Federal Aviation Administration faces unique challenges

Top Stories

How often do law enforcement agencies use high-risk AI? Presidential advisers want answers

NIST launches GenAI evaluation program, releases draft publications on AI risks and standards

OPM issues generative AI guidance, competency model for AI roles required by Biden order

CISA unveils guidelines for AI and critical infrastructure

ACLU seeks AI records from NSA, Defense Department in new lawsuit

More Scoops

Cybersecurity executive order requirements are nearly complete, GAO says

New TMF investments support NASA, DOL modernization and cybersecurity efforts

AI talent role, releasing code, deadline extension among additions in OMB memo

GSA working on corrective action plan following OIG report on ‘noncompliant’ video-conferencing camera purchase

FEMA employees brought government devices abroad without authorization, including to China and Iraq, document shows

On some basic metadata practices, US government gets an ‘F,’ per new online tracker

How risky is ChatGPT? Depends which federal agency you ask

Latest Podcasts

Some federal agencies want to make IT security contracting rules simpler to find

The benefits of private AI for the public sector

Generative AI is not a panacea

Army’s Nikki Cabezas talks AI’s impact on mission

Tech

Defense

Cyber

Acquisition